← Back to Serenite

Privacy Policy

Last Updated: March 15, 2026

Serenite Labs LLC, a California limited liability company ("Serenite," "we," "us," or "our"), is committed to protecting your privacy. This Privacy Policy describes how we collect, use, store, and protect your personal information when you use the Serenite mobile application ("App").

By creating an account or using the App, you consent to the practices described in this Privacy Policy. If you do not agree with this Privacy Policy, you must not use the App.

1. Information We Collect

A. Information You Provide Directly

When you create an account and use the App, you may provide the following information:

• Account credentials (email address, password, or authentication tokens via Google or Apple Sign-In)
• Profile information (display name, age, neighborhood, biographical text, and photographs — a minimum of three profile photographs is required)
• Sobriety information (sobriety date and optional sobriety story)
• Interests and relationship preferences ("Looking For" selections)
• Event details (title, description, location, photographs, date, and capacity)
• Messages (text messages, photographs, and voice notes sent through the App)
• Reports submitted against other users

B. Information Collected Automatically

We automatically collect certain information when you use the App:

• Last active timestamp
• Crash reports and diagnostic data (collected via Firebase Crashlytics to improve App stability)
• Device attestation data (collected via Firebase App Check to protect against unauthorized access)

C. Information We Do Not Collect

• Precise device location (GPS) — event locations are entered manually by event hosts
• Contacts or address book data
• Browsing history
• We do not use analytics tracking or advertising frameworks

2. How We Use Your Information

We use the information we collect for the following purposes:

• To create and maintain your account
• To display your profile to other authenticated users
• To facilitate messaging, connections, and event participation
• To enforce our Community Standards and process user reports
• To improve App stability and diagnose crashes (via Firebase Crashlytics)
• To protect the platform from abuse and unauthorized access (via Firebase App Check)

We do not sell your personal information to third parties.
We do not use your information for advertising purposes.

3. Sensitive Data — Sobriety Information

We recognize that sobriety dates and recovery stories constitute sensitive personal information. This data is treated with elevated protections:

• Sobriety information is collected solely to enable core App features, including milestone tracking and peer connection within the recovery community.
• Serenite is not a healthcare provider, and sobriety information stored on the platform does not constitute medical records.
• Sobriety information is visible to other authenticated users as part of your profile.
• This information is never sold to, shared with, or made accessible to advertisers, data brokers, or any third parties beyond those described in Section 4.
• You may modify or remove your sobriety information at any time by editing your profile or deleting your account.

4. Third-Party Services

We use the following third-party services to operate the App. All services listed below are operated by Google LLC unless otherwise noted:

• Firebase Authentication — Account sign-in and identity management. Data shared: email address, OAuth tokens.
• Cloud Firestore — Primary data storage. Data shared: all user-provided data as described in Section 1.
• Firebase Storage — Media file storage. Data shared: photographs, voice notes.
• Firebase Crashlytics — Crash reporting and diagnostics. Data shared: device information, crash logs.
• Firebase App Check — Abuse prevention and API protection. Data shared: device attestation tokens.
• Google Sign-In — OAuth authentication. Data shared: email address, display name.
• Apple Sign-In (operated by Apple Inc.) — OAuth authentication. Data shared: email address (if provided by user).

These third-party services are governed by their respective privacy policies:

• Google: https://policies.google.com/privacy
• Apple: https://www.apple.com/legal/privacy/

No data is shared with analytics platforms, advertising networks, or data brokers.

5. Data Storage and Security

All user data is stored on Google's cloud infrastructure through Firebase and Google Cloud services.

• Data in Transit: All communications between the App and our servers are encrypted using TLS/HTTPS.
• Data at Rest: Data stored on Google's servers is encrypted using Google's default encryption mechanisms.
• Access Controls: Firestore security rules restrict data access to authenticated users only. Direct messages are accessible only to conversation participants.
• Device Attestation: Firebase App Check verifies that requests originate from legitimate app installations, protecting against unauthorized API access.

While we implement commercially reasonable security measures, no method of electronic storage or transmission is completely secure. We cannot guarantee absolute security of your data.

6. Data Visibility and Sharing

• Profile Information (display name, age, neighborhood, biographical text, photographs, sobriety date, interests, and preferences) is visible to all authenticated users of the App.
• Messages are visible only to the participants of the conversation.
• Event Details are visible to all authenticated users. Attendee lists are visible to other event attendees.
• Vouch Counts and Verification Status are visible on user profiles.

We do not share your personal information with third parties for marketing or advertising purposes.

We may disclose your information if required to do so by law, including in response to a subpoena, court order, or other legal process, or if we believe in good faith that disclosure is necessary to protect the safety of our users or the public.

7. Data Retention

• Account data is retained for as long as your account remains active.
• Messages are retained for as long as the conversation exists. Individual messages cannot be deleted.
• Upon account deletion, all user-provided data is permanently removed from our systems, including your profile, photographs, messages, hosted events, and media files.
• Anonymized crash reports previously submitted to Firebase Crashlytics are retained in accordance with Google's standard retention policies and cannot be attributed to deleted accounts.

8. Your Rights (California Residents — CCPA/CPRA)

As a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA):

• Right to Know: You have the right to know what personal information we collect and how it is used.
• Right to Access: You have the right to request access to the personal information we have collected about you.
• Right to Correct: You have the right to correct inaccurate personal information. You may do so at any time through the in-app profile editing feature.
• Right to Delete: You have the right to request deletion of your personal information. You may exercise this right through the in-app account deletion feature in Settings.
• Right to Opt Out of Sale: We do not sell your personal information. There is no sale to opt out of.
• Right to Limit Use of Sensitive Personal Information: Your sobriety data is classified as sensitive personal information. Its use is already limited to the core App features described in this Privacy Policy.
• Right to Non-Discrimination: We will not discriminate against you for exercising any of your privacy rights.

Serenite does not respond to "Do Not Track" browser signals, as no cross-site or third-party tracking occurs within the App.

To exercise any of these rights, please contact us at hello@serenite.app.

9. Children's Privacy

Serenite is intended for users who are at least eighteen (18) years of age. We do not knowingly collect personal information from anyone under the age of eighteen.

If we become aware that we have collected personal information from a user under eighteen years of age, we will promptly delete the account and all associated data.

If you believe that a minor has created an account on Serenite, please contact us at hello@serenite.app.

10. Push Notifications

Serenite may send push notifications to your device, such as notifications for new messages, event reminders, and connection requests.

You may manage your notification preferences through the App's Settings or through your device's system settings. Notification permissions are requested within the App and may be revoked at any time.

11. Device Permissions

The App may request access to the following device features:

• Camera — To capture photographs for your profile and in-app messaging.
• Microphone — To record voice notes in conversations.
• Photo Library — To select existing photographs for your profile and in-app messaging.

A minimum of three (3) profile photographs is required to use the App. Camera and Photo Library access facilitates this requirement.

Microphone access is optional and is required only for the voice note feature.

All device permissions may be managed through your device's system settings.

12. Data Breach Notification

In the event of a data breach affecting your personal information, Serenite Labs LLC will notify affected users in accordance with California Civil Code Section 1798.82. Notification will include the nature of the breach and recommended protective steps.

13. Changes to This Privacy Policy

Serenite Labs LLC reserves the right to update this Privacy Policy at any time. The "Last Updated" date at the top of this document will reflect the most recent revision.

We will notify you of material changes through the App. Your continued use of the App after any changes constitutes acceptance of the revised Privacy Policy.

14. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us at:

Serenite Labs LLC
Email: hello@serenite.app