Privacy Policy

Publisher: The One.

Headquarters: France.

Privacy email: privacy@gettheone.app

Legal email: legal@gettheone.app

The One is the data controller within the meaning of the GDPR (EU Regulation 2016/679).

GDPR contact: privacy@gettheone.app

In connection with your use of the Application, we collect the following categories of data.

2.1 Account data

• Email, UUID, password (encrypted via Supabase Auth).
• Legal basis: Contract.

2.2 Profile data

• Username, full name (optional), avatar (optional), bio (optional), city, favorite sports, date of birth.
• Legal bases: Contract / Consent.

2.3 Location data

• Practice city: legal basis Contract.
• Foreground GPS only: legal basis Consent.
• Location is never collected in the background.
• Manual city entry is always available.
• Consent can be revoked at any time in your device settings.

2.4 Sports activity data

• Find The One requests (sport, location, schedule, participants, level).
• Matching results.
• Events created / joined.
• Participation history.
• Cancellations / no-shows.
• Legal bases: Contract / Legitimate interest.

2.5 Social and reputation data

• Friends, trusted partners.
• Post-session reviews (rating from 1 to 5 + comment).
• Reliability score (Bronze to Platinum).
• Badges, streaks.
• Legal bases: Contract / Legitimate interest.

2.6 Messaging data

• DM and event chat messages, read status, timestamps.
• Legal basis: Contract.
• Messages are de-identified after account deletion (displayed as "Deleted User").

2.7 Notification data

• Push token (APNs / FCM), preferences by type, platform / OS version.
• Legal bases: Consent / Contract.

2.8 Billing data

• Premium subscription status, FTO quota, entitlements history.
• Legal basis: Contract.
• The One does NOT collect your payment information (credit card). Payments are handled by Apple / Google via RevenueCat.

2.9 Analytics data

The One website uses two levels of audience measurement:

• Level 1 — Anonymous audience measurement: pageviews, CTA clicks, waitlist signups. Operates in session memory only (no cookies, no persistent identifier).
  Legal basis: Legitimate interest (CNIL audience measurement exemption).
• Level 2 — Enhanced analytics: cross-session profiles, detailed user journeys, traffic sources, identification upon waitlist signup. Uses PostHog cookies (90-day duration).
  Legal basis: Consent (Art. 6(1)(a) GDPR). Only enabled after explicit acceptance.

• Your email, name, and bio are NEVER sent to analytics tools.
• Consent validity is 13 months. After this period, your preferences will be requested again.
• See our cookie policy for full tracker details.

2.10 Security data

• Reports, blocks, security logs, moderation actions.
• Legal bases: Legitimate interest / Contract.

The One may request the following permissions, all of which are optional:

• Location (foreground): optional — used to display nearby events.
• Camera: optional — used for profile photos and QR scanning.
• Photo library: optional — used to choose an avatar from your library.
• Push notifications: optional — prompted during onboarding.

The One does NOT request any permission for: contacts, microphone, calendar, or background location.

Your data is processed for the following purposes, each associated with a GDPR-compliant legal basis:

• Core features (matching, events, messaging) — Contract, Art. 6(1)(b).
• Personalize the experience (recommendations, preferences) — Contract, Art. 6(1)(b).
• Reliability score and achievements (badges, streaks, tiers) — Legitimate interest, Art. 6(1)(f).
• Transactional notifications (session reminders, invitations, updates) — Contract, Art. 6(1)(b).
• Minimal web audience measurement (aggregated, without a persistent identifier) — Legitimate interest with right to object.
• Detailed analytics (PostHog, pseudonymized data) — Consent / legitimate interest depending on context, with a right to object.
• Diagnose errors and crashes — Legitimate interest, Art. 6(1)(f).
• Secure the platform (abuse detection, moderation) — Legitimate interest, Art. 6(1)(f).
• Manage premium subscriptions (FTO quota, entitlements) — Contract, Art. 6(1)(b).
• Respond to authorities (judicial requests, legal obligations) — Legal obligation, Art. 6(1)(c).

We do NOT sell your data. No sharing for advertising purposes.

5.1 Processors

• Supabase (EU — Germany) — Database, authentication, storage, edge functions.
• Upstash Redis (configured instance region) — aggregated storage for minimal web audience measurement.
• PostHog (EU — Germany) — pseudonymized analytics after explicit agreement on the website.
• RevenueCat (USA) — In-app purchase management.
• OpenAI (USA) — Find The One reranking (pseudonymized buckets only: distance_bucket, response_rate_bucket, reliability_bucket, level_bucket). Never transmitted: bio, messages, email, name.
• Apple APNs (USA) — iOS push notifications.
• Google FCM (USA) — Android push notifications.
• Expo (USA) — Push infrastructure.
• Google Maps SDK (USA) — Event map (Android).
• Google Places (USA) — City autocomplete, geocoding.

5.2 AI — Find The One

The Find The One algorithm uses a hybrid LLM + SQL system. Data transmitted to the model is pseudonymized. Processing takes place on the server side. If the LLM is unavailable, a SQL fallback is automatically used.

5.3 Other sharing

• Authorities: if required by law (judicial request, legal obligation).
• Other users: your public profile is visible to other users of the Application.

Some of our processors are located in the United States. Transfers are governed by Standard Contractual Clauses (SCCs) compliant with the GDPR:

• RevenueCat (USA) — SCCs.
• OpenAI (USA) — SCCs.
• Apple APNs (USA) — SCCs.
• Google FCM (USA) — SCCs.
• Expo (USA) — SCCs.
• Google Maps SDK (USA) — SCCs.
• Google Places (USA) — SCCs.

A copy of the Standard Contractual Clauses is available upon request at legal@gettheone.app.

• Account and profile: lifetime of the account.
• Messages: lifetime of the account; de-identified after deletion.
• Matching and activity: lifetime of the account.
• Score and achievements: lifetime of the account.
• Push tokens: until logout.
• Minimal web audience measurement: up to 25 months.
• PostHog analytics: 90 days.
• Security logs: 12 months.
• Billing: lifetime of the account + statutory tax retention period.

After your account is deleted, your data is deleted or anonymized within 30 days.

Under the GDPR, you have the following rights:

• Right of access (Art. 15) — obtain a copy of your personal data.
• Right to rectification (Art. 16) — correct inaccurate or incomplete data.
• Right to erasure (Art. 17) — request the deletion of your data.
• Right to restriction (Art. 18) — restrict processing in certain cases.
• Right to data portability (Art. 20) — receive your data in a structured, machine-readable format.
• Right to object (Art. 21) — object to the processing of your data.
• Withdrawal of consent (Art. 7(3)) — withdraw your consent at any time.
• Complaint (Art. 77) — lodge a complaint with the CNIL.

To exercise these rights, contact us at privacy@gettheone.app. We will respond within 30 days, extendable by 60 days for complex requests.

Supervisory authority: CNIL — https://www.cnil.fr — 3 Place de Fontenoy, TSA 80715, 75334 Paris Cedex 07.

You can request the deletion of your account through three methods:

• In-app: Profile > Settings > Delete my account.
• Email: send your request to privacy@gettheone.app.
• Web: gettheone.app/delete-account.

Effects of deletion

• Deleted: profile, avatar, bio, preferences, friends, push tokens, associated analytics data.
• Anonymized: messages (replaced with "Deleted User"), reviews given (name removed).
• Retained (legal obligation): security logs (12 months), billing data (statutory tax retention period).

Timeframes

Acknowledgment of receipt within 7 business days. Effective deletion within 30 days maximum.

We implement appropriate technical and organizational measures to protect your data:

• JWT authentication via Supabase Auth.
• Row Level Security (RLS) across the entire database.
• HTTPS / TLS for all communications.
• Encryption at rest (Supabase).
• Role-based access restrictions (role-based access control).
• Pseudonymization of data transmitted to processors.
• Automatic cleanup of expired push tokens.

You can grant or withdraw your consent for the following processing:

• GPS location:granted via your device's system permission. Revocable in your device settings (iOS / Android).
• Push notifications:granted during onboarding. Revocable in your device settings or in the Application (Settings > Notifications).
• Camera / Photo library:granted via your device's system permission. Revocable in your device settings.
• Analytics (mobile app):enabled by default. Can be disabled in the Application (Settings > Allow analytics).
• Enhanced analytics (website):disabled by default. Can be enabled via the consent banner or the preferences panel accessible from the "Cookie settings" button in the website footer. Consent can be withdrawn at any time via the same panel.

Web consent validity is 13 months. After this period, your preferences will be automatically requested again.

The Application is intended for persons aged 18 and over. We do not knowingly collect personal data from minors. If we learn that a minor has created an account, we will delete their data as soon as possible.

The Find The One algorithm performs automated matching based on objective criteria (sport, location, availability, level). Reranking is hybrid (LLM + SQL) and uses pseudonymized data.

This processing has no legal effect on you and does not significantly affect you. You remain free to accept or decline each partner suggestion.

We reserve the right to modify this privacy policy at any time. In the event of a substantial change, you will be notified via an in-app notification or by email.

• Privacy Policy: gettheone.app/privacy
• Cookie Policy: gettheone.app/cookies
• Terms of Service: gettheone.app/terms
• Account Deletion: gettheone.app/delete-account

• Privacy: privacy@gettheone.app
• Legal: legal@gettheone.app

Recommended subject line: "Personal data — [your request]".

We commit to responding within 30 days.