Privacy Policy

Last updated: April 2026  ·  Effective: March 2026

1. Information We Collect

We collect the following information when you use Connect The Dots:

• Name, age, and profile photo (provided by you during signup)
• Email address or phone number (used for login and verification)
• Real-time GPS location (used to find nearby users)
• Bio text and dating intent preferences
• Chat messages sent within the app
• Device information and usage analytics

2. How We Use Your Information

We use your information to:

• Display your profile to nearby users within the app
• Enable real-time chat, wave, and referral features
• Send push notifications for messages and activity
• Improve app functionality and user experience
• Investigate and act on reports of misconduct
• Comply with legal obligations under Indian law

3. Location Data

Your GPS location is used solely to calculate proximity to other users. Your precise coordinates are never shared with other users — they only see an approximate distance (e.g. "42m away"). Location data is updated in real time while the app is active and is not stored permanently.

You can revoke location permission at any time from your device settings, though this will limit the core functionality of the app.

4. Data Sharing and Operator Access

We do not sell your personal data to third parties. We may share data with:

• Firebase (Google) — our database, authentication, and cloud storage provider
• Firebase Cloud Messaging — for push notification delivery
• Law enforcement — when required by Indian law, court order, or to protect user safety

All third-party services we use are GDPR-compliant and process data under standard contractual clauses.

Operator access: Connect The Dots is operated by Manifesting Solutions. As the service operator, we have technical access to data stored on Firebase, including chat message contents. We commit to accessing message content only for the following purposes:

• Investigating user-reported abuse, harassment, or safety concerns
• Responding to security incidents
• Complying with valid legal requests under Indian law
• Performing essential service maintenance and debugging

We do not read user messages for any other purpose. Access to operator-level Firebase credentials is restricted to authorised personnel only and protected by two-factor authentication.

5. Data Retention

Your data is retained for as long as your account is active. When you request account deletion via Settings → Delete Account, the following happens immediately:

• Your Firebase Authentication account is deleted — you cannot log back in
• Your profile is marked invisible and removed from Nearby, Events, and all discovery features
• You are no longer visible to any other user in any part of the app

The following data is then permanently and irreversibly purged within 30 days:

• Profile, display name, bio, age, gender, and photo
• All chat messages (both sides)
• Waves sent and received
• Referrals and introductions
• Connections and star ratings
• Events you created
• All location data

The 30-day window exists for legal compliance and account recovery purposes. You may cancel your deletion request within 30 days by signing in — after that, all data is gone permanently and cannot be recovered. Some data may be retained beyond 30 days only if required by applicable Indian law or active legal proceedings.

6. Your Rights

Under applicable data protection law, you have the right to:

• Access the personal data we hold about you
• Correct inaccurate or incomplete information
• Request deletion of your data (via Delete Account in Settings)
• Withdraw consent for location access at any time
• Lodge a complaint with the relevant data protection authority

7. Children's Privacy

Connect The Dots is strictly for users aged 18 and above. We use in-app age verification to enforce this. We do not knowingly collect personal information from minors. If we discover a minor has created an account, we will immediately delete their data and terminate their account.

8. Security

We implement the following security measures to protect your data:

• Encryption in transit: all data sent between your device and our servers is encrypted using HTTPS/TLS
• Encryption at rest: all data stored on Firebase is encrypted using Google's standard AES-256 encryption
• Access control: Firebase security rules ensure that no other user can read your private chats, waves, or referrals through the app — only the participants in a conversation can access its contents
• Screenshot prevention: the app blocks screenshots and screen recording on every screen to prevent third-party capture of your conversations
• Account access protection: two-factor authentication on operator accounts
• Regular security reviews of code, security rules, and access logs

Important — no end-to-end encryption (E2EE): Your messages are not end-to-end encrypted. This means that while no other user can read your messages, the service operator (Manifesting Solutions) and Google (as our cloud provider) have technical access to message content. See Section 4 for the limited circumstances under which we will access this data.

No method of transmission over the internet is 100% secure. We recommend not sharing highly sensitive personal information (e.g. financial credentials, government IDs) via in-app messaging.

9. Analytics and Crash Reporting

We use Firebase Crashlytics to detect, diagnose and fix app crashes. When the app crashes or experiences errors, Crashlytics collects:

• Device model and operating system version
• App version
• The technical stack trace of the error
• Anonymous device identifier (Firebase install ID — not your personal identity)

We do not collect the contents of your messages, your name, your photos, or any other personal content as part of crash reporting. We do not use advertising cookies, tracking pixels, or any third-party advertising networks. We do not share crash data with advertisers or marketers.

10. International Users

Connect The Dots is operated from India. If you access the app from outside India, your data will be transferred to and processed in India. For users in the European Economic Area, this transfer is governed by standard contractual clauses under GDPR. By using the app, you consent to this transfer.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes through the app. Your continued use of the app after changes are posted constitutes your acceptance of the updated policy.

12. Grievance Officer

In accordance with the Information Technology Act 2000, the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules 2021, and the Digital Personal Data Protection Act 2023, a Grievance Officer has been appointed to address any concerns regarding the processing of your personal data.

Grievance Officer: Adv. Akhil K Sabu
Organisation: Connect The Dots (Manifesting Solutions)
Email: legal@ctd.today
Address: Cochin, Kerala, India

Grievances will be acknowledged within 48 hours and resolved within 30 days of receipt. If you are not satisfied with our response, you may approach the Data Protection Board of India once it is constituted under the DPDP Act 2023.

13. Contact Us

For general questions or concerns about this Privacy Policy or how we handle your data, please contact us at:

hello@ctd.today
Connect The Dots, Thiruvananthapuram, Kerala, India