Privacy Policy
Last updated: June 2026
1. Introduction
Fourtrend is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and share information about you when you use our app. This policy complies with the General Data Protection Regulation (GDPR) for EU users and applicable US privacy laws.
2. Information We Collect
We collect the following information when you use Fourtrend:
- Account information: first name, last name, username, and email address
- Profile information: profile picture, bio, and social media links
- Content: photos, videos, products, and services you upload
- Usage data: swipe activity, leaderboard rankings, and content preferences
- Location data: country and state (for Products and Services only)
- Device information: device type, operating system, and app version
- Advertising data: ad interactions via Google AdMob
3. How We Use Your Information
We use your information to:
- Provide and improve the Fourtrend app and its features
- Personalize your content feed based on your preferences
- Display leaderboard rankings and swipe right counts
- Send notifications about your account activity
- Serve relevant advertisements via Google AdMob
- Investigate and prevent fraudulent or illegal activity
- Comply with legal obligations
4. Legal Basis for Processing (GDPR)
For users in the European Union, we process your personal data under the following legal bases:
- Contract: processing necessary to provide our services
- Legitimate interests: improving our app and preventing fraud
- Consent: for advertising and optional features
- Legal obligation: complying with applicable laws
5. Data Sharing
We do not sell your personal data. We may share your data with:
- Supabase: our database and authentication provider
- Google AdMob: for serving advertisements
- Law enforcement: when required by law or to protect rights
All third party providers are contractually required to protect your data.
6. Data Retention
We retain your personal data for as long as your account is active. When you delete your account, we will delete your personal data within 30 days, except where retention is required by law. Some anonymized data may be retained for analytics purposes.
7. Your Rights (GDPR)
If you are in the European Union, you have the following rights:
- Right to access: request a copy of your personal data
- Right to rectification: correct inaccurate personal data
- Right to erasure: request deletion of your personal data
- Right to portability: receive your data in a portable format
- Right to object: object to processing of your personal data
- Right to restrict processing: limit how we use your data
To exercise these rights, contact us through the Support section in the app settings.
8. Your Rights (US Users)
Depending on your state of residence, you may have additional privacy rights under applicable US state privacy laws, including the California Consumer Privacy Act (CCPA). You have the right to know what personal data we collect, request deletion of your data, and opt out of the sale of personal data (we do not sell personal data).
9. Data Security
We use industry standard security measures to protect your data, including encrypted data transmission (HTTPS), secure authentication via Supabase, and row level security (RLS) on all database tables. However, no method of transmission over the Internet is 100% secure.
10. Advertising & Cookies
Fourtrend uses Google AdMob to display advertisements. AdMob may use device identifiers and usage data to serve personalized ads. You can opt out of personalized advertising in your device settings under Privacy. For EU users, we will request your consent before serving personalized ads.
11. Eligibility
You must be at least 18 years of age to use Fourtrend. By using the app, you represent and warrant that you meet this requirement. Users under 18 are strictly prohibited from using Fourtrend regardless of parental consent.
12. International Data Transfers
Your data may be transferred to and processed in countries outside your country of residence, including the United States. For EU users, we ensure appropriate safeguards are in place for international data transfers in compliance with GDPR requirements.
13. Changes to Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes through the app. Continued use of the app after changes constitutes acceptance of the updated Privacy Policy.
14. Contact & Data Protection
For privacy related questions, data requests, or to exercise your rights, please contact us at fourtrendapp@gmail.com or visit fourtrend.app. EU users may also lodge a complaint with their local data protection authority.
15. Country Specific Privacy Rights
In addition to US and EU rights, users in the following regions have specific privacy rights:
- Australia: Rights under the Privacy Act 1988 and Australian Privacy Principles
- Brazil: Rights under the Lei Geral de Proteção de Dados (LGPD)
- Canada: Rights under the Personal Information Protection and Electronic Documents Act (PIPEDA)
- Japan: Rights under the Act on Protection of Personal Information (APPI)
- Philippines: Rights under the Data Privacy Act of 2012
- South Africa: Rights under the Protection of Personal Information Act (POPIA)
- South Korea: Rights under the Personal Information Protection Act (PIPA)
For all other countries, we respect and comply with applicable local privacy laws. Contact us at fourtrendapp@gmail.com or through the Support section to exercise any of these rights.
16. Cross Border Data Transfers
Your data may be transferred internationally as part of our use of Supabase and Google AdMob services. We ensure appropriate safeguards are in place for all international data transfers. For users in countries with specific data localization requirements, we will make reasonable efforts to comply with applicable local laws.
17. Data Protection Contact
For privacy related inquiries from users in jurisdictions that require a Data Protection Officer or similar contact, please reach out through the Support section in the app settings. We will respond to all privacy related requests within 30 days in accordance with applicable local laws.
18. Google Cloud Vision API
Fourtrend uses Google Cloud Vision API to scan uploaded photos for inappropriate content. When you upload a photo, it is temporarily transmitted to Google Cloud Vision API for safety analysis. Images are analyzed for adult content, violence, and other inappropriate material. Images that pass the safety check are then uploaded to our servers. Images that fail are discarded immediately and never stored. Google Cloud Vision API is subject to Google's Privacy Policy available at privacy.google.com. By uploading photos to Fourtrend you consent to this analysis.
19. Google AdMob
Fourtrend uses Google AdMob to display advertisements. AdMob may collect and use the following data to serve ads: device identifiers (IDFA/GAID), IP address, general location, app usage data, and ad interaction data. This data is used to serve relevant advertisements and measure ad performance. For EU users we request consent before serving personalized ads in compliance with GDPR. You can opt out of personalized advertising at any time in your device settings under Privacy → Tracking. AdMob is subject to Google's Privacy Policy available at privacy.google.com..
20. Supabase
Fourtrend uses Supabase as our database and authentication provider. Most user data including profiles, posts, swipes, and preferences are stored securely on Supabase servers. Supabase uses industry standard encryption and security measures to protect your data. Supabase is subject to their own privacy policy available at supabase.com/privacy. Data may be stored on servers located in the United States.
21. Content Moderation
Fourtrend employs both automated and manual content moderation. Automated moderation uses Google Cloud Vision API to scan photos before upload. Manual moderation is performed by Fourtrend staff in response to user reports. Users can report inappropriate content using the flag button on any post. Reported content is reviewed and may be removed if it violates our community standards. Repeated violations may result in account suspension.
22. Data We Do Not Collect
Fourtrend does not collect precise GPS location data. Location information is limited to country and state/region as voluntarily provided by users for Products and Services listings. We do not collect contacts, call logs, or any data from other apps on your device. We do not sell your personal data to third parties.
23. Social Media Links
When you tap on social media links within Fourtrend, you will be redirected to external platforms such as Instagram, YouTube, Facebook, and others. These platforms have their own privacy policies and data collection practices. Fourtrend displays a safety warning before redirecting to any external link. We are not responsible for the privacy practices of external platforms.
24. Data Retention Period
We retain your personal data for the following periods: Account data is retained until you delete your account. Post data including photos and videos is deleted when you delete the post or your account. Swipe history is retained for leaderboard calculations and deleted when your account is deleted. Flag reports are retained for 90 days for moderation purposes. Analytics data is retained for 12 months in anonymized form.
25. GDPR Compliance (EU Users)
For users in the European Union, Fourtrend complies with the General Data Protection Regulation (GDPR). Specifically: Legal Basis: We process your data based on your consent (given during sign up), contract performance (providing our services), and legitimate interests (improving the app and preventing fraud). Data Minimization: We only collect data that is necessary for providing our services. Purpose Limitation: Your data is only used for the purposes stated in this policy. Storage Limitation: We retain your data only as long as necessary. Data Portability: You can request a copy of your data at any time through the Support section. Right to Object: You can object to processing of your data for marketing purposes at any time. Automated Decision Making: We do not make automated decisions that significantly affect you without human review. To exercise any GDPR rights contact us through the Support section. We will respond within 30 days.
26. GDPR Data Processing Agreement
Our third party service providers act as data processors under GDPR: Supabase processes authentication and database data, Google processes advertising data through AdMob, and Google Cloud Vision processes image data for content moderation. All processors are contractually bound to process data only according to our instructions and maintain appropriate security measures.
27. GDPR Consent Withdrawal
EU users who provided consent for data processing may withdraw their consent at any time. Withdrawing consent will not affect the lawfulness of processing based on consent before its withdrawal. To withdraw consent contact us through the Support section or delete your account. Note that withdrawing consent may affect your ability to use certain features of Fourtrend.
28. CCPA Compliance (California Users)
For California residents, Fourtrend complies with the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA). Your rights include:Right to Know: Request disclosure of personal information collected, used, disclosed, and sold in the past 12 months.Right to Delete: Request deletion of personal information we have collected, subject to certain exceptions.Right to Correct: Request correction of inaccurate personal information. Right to Opt-Out: Opt out of the sale or sharing of personal information. Note: We do not sell personal information. Right to Limit: Limit use and disclosure of sensitive personal information. ight to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.To exercise these rights contact us through the Support section. We will respond within 45 days as required by CCPA.
29. Cookie and Tracking Policy
Fourtrend is a mobile app and does not use traditional browser cookies. However we and our third party partners including Google AdMob use similar tracking technologies such as device identifiers and SDKs to: serve personalized advertisements, measure ad performance, and analyze app usage. You can opt out of personalized advertising by going to your device Settings → Privacy → Tracking and disabling tracking for Fourtrend.
30. Data Breach Notification
In the event of a data breach that affects your personal information, Fourtrend will: notify affected users within 72 hours of becoming aware of the breach (as required by GDPR), notify relevant supervisory authorities as required by law, provide information about what data was affected and steps taken to address the breach, and recommend steps you can take to protect yourself.
31. Children's Privacy (COPPA)
Fourtrend is strictly intended for users aged 18 and older. We do not knowingly collect personal information from anyone under 18. If we discover that a user is under 18 we will immediately: delete their account and all associated data, notify the user that their account has been terminated, and take steps to prevent future access. Parents or guardians who believe their child has created an account should contact us immediately through the Support section.
32. Privacy by Design
Fourtrend incorporates privacy by design principles: We collect only the minimum data necessary for our services, all data is encrypted in transit using HTTPS/TLS, database access is protected by Row Level Security (RLS), profile pictures and posts are scanned for inappropriate content before publishing, and users have full control over their data through account settings.
33. Accessibility
Fourtrend is committed to making our app accessible to all users. We follow Apple's accessibility guidelines and support VoiceOver and Dynamic Type. If you experience any accessibility issues please contact us through the Support section.
34. App Tracking Transparency Data
When you grant tracking permission through Apple's ATT framework, the following data may be collected by Google AdMob:
- Device advertising identifier (IDFA)
- App usage data
- Ad interaction data
- Coarse location data
When you decline tracking permission, none of the above data is collected for advertising purposes. Your ATT preference is stored on your device and can be changed at any time in iPhone Settings → Privacy & Security → Tracking. Fourtrend never receives your IDFA directly — it is only used by Google AdMob for ad serving purposes.
35. Blocking and Safety Data
When you block another user, Fourtrend stores the following data:
- Your user ID (blocker)
- The blocked user's ID
- The date and time of the block
- An automatic report is generated and sent to Fourtrend for safety monitoring
This data is used solely for enforcing the block and monitoring platform safety. Block data is deleted when either user deletes their account. You can view and manage all blocked users in Settings → Blocked Users.
36. Content Moderation
Fourtrend employs multiple layers of content moderation: automated photo scanning via Google Cloud Vision API before upload, user flagging system for objectionable content, user blocking for abusive users, community pledge required during sign up, and manual review of flagged content by Fourtrend staff. We are committed to maintaining a safe environment for all users.
37. Cloudflare R2 Storage
Fourtrend uses Cloudflare R2 to store user-uploaded photos and videos. When you upload media:
- Your media is transmitted securely to our Cloudflare Worker proxy using HTTPS.
- The Worker stores your media in Cloudflare R2 cloud storage.
- Media is served through Cloudflare's global CDN network for fast delivery.
- Cloudflare may process your media data in data centers located worldwide.
- Cloudflare's privacy policy applies to data processed through R2 and is available at cloudflare.com/privacypolicy.
Your media is associated with your user ID for organization and deletion purposes. When you delete content or your account, deletion requests are sent immediately to remove your media from storage.
38. Data Security Measures
Fourtrend implements the following security measures to protect your personal data:
- Encryption in transit: All data is encrypted using HTTPS/TLS during transmission.
- Encryption at rest: Data stored in Supabase and Cloudflare R2 is encrypted at rest.
- Access control: Row Level Security ensures users can only access their own data.
- Authentication: Secure token-based authentication with automatic session management.
- API security: All API endpoints are protected with authentication and rate limiting.
- Content scanning: All uploaded photos are scanned by Google Cloud Vision before storage.
- Proxy architecture: Storage credentials are never exposed to client devices.
39. API Security
Fourtrend implements multiple layers of security to protect our systems and your data:
- All API communications use HTTPS/TLS encryption.
- Media uploads are processed through a secure Cloudflare Worker proxy — no storage credentials are stored in the app.
- Database access is protected by Supabase Row Level Security (RLS) — users can only access their own data.
- Authentication tokens are stored securely in the iOS Keychain.
- All API keys are stored server-side and never exposed to the client app.
- Rate limiting is applied to all API endpoints to prevent abuse.
40. App Tracking Transparency
Fourtrend uses Apple's App Tracking Transparency framework to request your permission before tracking your activity. Specifically:
- We request ATT permission when you first launch the app.
- If you grant permission Google AdMob may collect your device's IDFA for personalized advertising.
- If you deny permission your IDFA is not shared and you will see non-personalized ads only.
- Your tracking preference is stored on your device and respected by all advertising within Fourtrend.
- Changing your preference in iOS Settings takes effect immediately on the next ad load.
Fourtrend never accesses your IDFA directly. It is only used by Google AdMob for ad serving purposes subject to Google's privacy policy.
41. Blocking Data and Privacy
When you use our blocking feature the following data is processed:
- Your user ID and the blocked user's ID are stored in our database.
- The date and time of the block is recorded.
- An automatic safety report is generated for Fourtrend's review.
- The blocked user is never notified of the block.
- Block data is deleted when either user deletes their account.
- Block data is never shared with third parties.
You can view and manage all your blocked users in Settings → Blocked Users at any time.