Back to home

Privacy Policy

Last updated: February 2025

1. Introduction

Welcome to Keld ("we", "our", or "us"). We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and related services (collectively, the "Service").

Keld is operated by Keld Ltd, a company registered in England and Wales. We act as the data controller for the personal information we process.

By using Keld, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use the Service.

2. Information We Collect

2.1 Account Information

When you create an account, we collect:

  • Email address
  • Password (stored securely using industry-standard encryption)
  • Full name

2.2 Profile Information

To help you connect with others, you may choose to provide:

  • Profile photo
  • Profession and headline
  • Bio and about section
  • Company name
  • Industry sector
  • Professional skills
  • Topics of interest
  • What you're looking for (networking goals)
  • How you can help others
  • Years of experience
  • Conversation starters and fun facts
  • Links to external profiles (LinkedIn, website, Twitter/X)
  • Meeting preferences (how and when you like to meet)
  • Visibility settings (public or private profile)

2.3 Location Data

With your explicit permission, we collect:

  • Your location when you check in to a venue
  • Approximate location to show nearby venues

Important: Your precise location is never shared with other users. Other users only see which venue you have checked in to, not your exact coordinates. You can revoke location permissions at any time through your device settings.

2.4 Activity Data

When you use the Service, we collect:

  • Check-in and check-out history (venues and times)
  • Connection requests sent and received
  • Meeting requests and scheduled meetings
  • Messages exchanged with other users
  • Block and report actions
  • Streaks and achievement milestones

2.5 Technical Data

We automatically collect certain technical information:

  • Device type and operating system
  • Unique device identifiers
  • Push notification tokens (to send you notifications)
  • App version
  • IP address
  • Access times and dates
  • Crash reports and performance data

3. How We Use Your Information

We use your information for the following purposes:

3.1 To Provide the Service

  • Create and manage your account
  • Display your profile to other users (according to your visibility settings)
  • Show you nearby venues and who is working there
  • Facilitate connections and meetings between users
  • Calculate match scores to suggest relevant people to meet
  • Track your streaks and achievements

3.2 To Communicate With You

  • Send push notifications about connections, matches, and meetings
  • Notify you when connections check in nearby
  • Send service-related announcements and updates
  • Respond to your enquiries and support requests

3.3 To Improve and Protect the Service

  • Analyse usage patterns to improve features
  • Debug and fix technical issues
  • Prevent fraud, abuse, and violations of our terms
  • Review reports and enforce our community guidelines
  • Ensure the safety of our users

4. Legal Basis for Processing (UK GDPR)

Under UK data protection law, we must have a legal basis for processing your personal information. We rely on the following:

  • Contract: Processing necessary to provide the Service you have signed up for (e.g., creating your account, showing your profile, facilitating connections).
  • Consent: Where you have given explicit consent (e.g., location data collection, push notifications, marketing communications).
  • Legitimate interests: Processing necessary for our legitimate business interests, provided these do not override your rights (e.g., improving our Service, preventing fraud, ensuring safety).
  • Legal obligation: Processing necessary to comply with our legal obligations (e.g., responding to lawful requests from authorities).

5. Information Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

5.1 With Other Users

When you set your profile to public and check in to a venue:

  • Other users can see your profile information
  • Other users can see that you are checked in at a venue
  • Your connections can see when you check in

You control your visibility settings and can set your profile to private at any time.

5.2 With Venue Partners

We may share aggregated, anonymised data with venue partners to help them understand usage patterns (e.g., "This venue had 25 check-ins last week"). We do not share your personal information with venues.

5.3 With Service Providers

We use third-party service providers to help operate our Service:

  • Supabase (database and authentication) – Data stored in EU/UK regions
  • Expo (push notifications) – Processes push notification tokens
  • Mapbox (maps and location services) – Processes location queries
  • Apple App Store / Google Play (app distribution)

These providers are contractually obligated to protect your information and only process it on our behalf.

5.4 For Legal Reasons

We may disclose your information if required to do so by law, or in response to valid legal requests by public authorities (e.g., a court order or government request). We may also disclose information to protect our rights, privacy, safety, or property, or that of our users or the public.

5.5 Business Transfers

If Keld is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any change in ownership or use of your personal information.

6. International Data Transfers

Your information may be transferred to and processed in countries outside the UK. When we transfer data internationally, we ensure appropriate safeguards are in place:

  • Transfers to countries with adequate data protection laws
  • Standard contractual clauses approved by the UK Information Commissioner's Office
  • Other legally recognised transfer mechanisms

Our primary database is hosted in the EU/UK region through Supabase.

7. Data Security

We implement appropriate technical and organisational measures to protect your personal information, including:

  • Encryption of data in transit (TLS/SSL) and at rest
  • Secure password hashing
  • Row-level security policies on our database
  • Regular security reviews and updates
  • Access controls limiting who can access user data

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

8. Your Rights

Under UK data protection law, you have the following rights:

  • Right of access: Request a copy of the personal information we hold about you.
  • Right to rectification: Request correction of inaccurate or incomplete information.
  • Right to erasure: Request deletion of your personal information (subject to certain exceptions).
  • Right to restrict processing: Request that we limit how we use your information.
  • Right to data portability: Request a copy of your data in a machine-readable format.
  • Right to object: Object to processing based on legitimate interests or for direct marketing.
  • Right to withdraw consent: Where we rely on consent, you can withdraw it at any time.

To exercise these rights, please contact us at privacy@keld.app. We will respond to your request within one month.

You also have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) if you believe we have not handled your information correctly. Visit ico.org.uk for more information.

9. Data Retention

We retain your personal information for as long as necessary to provide the Service and fulfil the purposes described in this policy. Specifically:

  • Account data: Retained while your account is active, deleted within 30 days of account deletion.
  • Check-in history: Retained for 12 months for streak calculations, then anonymised.
  • Messages and connection data: Deleted when you delete your account or the connection.
  • Reports and safety data: May be retained longer for safety and legal purposes.

When you delete your account, we will delete or anonymise your personal information within 30 days, except where we are required to retain it for legal, safety, or fraud prevention purposes.

10. Children's Privacy

Keld is intended for users aged 18 and over. We do not knowingly collect personal information from anyone under 18. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at privacy@keld.app and we will delete it.

11. Push Notifications

With your permission, we send push notifications to alert you about:

  • Connection requests and acceptances
  • Meeting requests and reminders
  • When your connections check in nearby
  • When potential matches are at the same venue as you

You can manage your notification preferences in the app settings or disable notifications entirely through your device settings.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes to our practices or for legal, operational, or regulatory reasons. We will notify you of any material changes by:

  • Posting the updated policy on this page with a new "Last updated" date
  • Sending you an in-app notification or email for significant changes

We encourage you to review this Privacy Policy periodically. Your continued use of the Service after changes are posted constitutes acceptance of the updated policy.

13. Contact Us

If you have any questions about this Privacy Policy, our data practices, or wish to exercise your rights, please contact us:

Email: privacy@keld.app
General enquiries: hello@keld.app
Address: Keld Ltd, Manchester, United Kingdom

We aim to respond to all enquiries within 5 working days.