Legal

Privacy Policy

This Privacy Policy explains the categories of information we collect, how we use and share that information, and the choices you have when you use XPLR.

Last updated: March 12, 2026 Contact: support@xplr.events Applies to the XPLR app and related services

1. Overview

XPLR is operated by the individual owner of the service based in Serbia. In this Privacy Policy, "XPLR", "we", "us", and "our" refer to that operator and the XPLR services.

This Privacy Policy applies to the XPLR mobile app, website, deep links, and related services.

At a glance

  • We do not sell your personal data.
  • We use information to operate, secure, support, and improve XPLR.
  • Some information may be visible to other users where that is part of the service.
  • You can manage permissions and request account deletion through the app or our public deletion page.

2. Information We Collect

Information you provide

  • Account, sign-in, and profile information, such as your email address, display name, username, profile image, bio, and supported authentication identifiers made available by your sign-in provider.
  • Location or place information you provide, search for, select, or otherwise choose to use in the service, such as your selected city or place context.
  • Content you submit through the service, such as community-created event details, direct messages or chat content, reports, blocks, saved items, and moderation-related submissions.
  • Communications you send to us.

Information we collect automatically

  • Device, technical, and app information, such as platform, device model, operating system version, app version, language, and push-notification token.
  • Usage, analytics, and diagnostics information, such as screen views, feature interactions, engagement duration, navigation source, and similar service-usage data.
  • Crash, error, and performance information.

Information stored locally on your device

  • Cached content, settings, preferences, and similar local app data.
  • Data needed for optional device integrations you choose to use, such as calendar-related data stored on your device.

3. Permissions And Optional Features

Some XPLR features are optional and only work if you grant relevant device permissions. Depending on the feature, XPLR may request access to:

  • notifications, to deliver message alerts, reminders, and service notifications;
  • camera or photos, so you can add or update your profile image;
  • calendar, so you can add XPLR events to your device calendar.

If you decline a permission, the related feature may be limited or unavailable.

XPLR does not request your device's current location for core app use. City, place, and map-related features are based on locations you choose, search for, or enter in the service.

4. How We Use Information

We use information we collect to:

  • provide and maintain XPLR;
  • personalize and improve the service;
  • communicate with you, including service and support communications;
  • enable social, interactive, and optional device-based features;
  • monitor performance, fix issues, and protect the security and integrity of the service;
  • review reports, prevent abuse, and comply with legal obligations.

Depending on the context, we process information to perform our contract with you, pursue legitimate interests such as operating, securing, and improving XPLR, comply with legal obligations, and, where required, based on your consent or device permissions for optional features.

5. When We Share Information

We share information only where reasonably necessary to operate XPLR, comply with law, or protect the service.

  • with authentication providers to support sign-in and account access;
  • with hosting, storage, and infrastructure providers that help us run XPLR;
  • with messaging, diagnostics, and analytics providers to deliver notifications, measure performance, troubleshoot issues, and protect the service;
  • with map and place providers to support place search, map display, and other location features based on locations you choose or enter;
  • with other users where sharing is part of the service;
  • with regulators, courts, law enforcement, or other parties where disclosure is legally required or reasonably necessary;
  • in connection with a reorganization, transfer, or sale of the service, if that ever occurs.

These providers may include services from Google, Apple, Firebase, and similar operational partners.

What other users may see

When you use social or community features, other users may be able to see information that is part of those features, such as:

  • your display name, username, profile image, and profile details you choose to add, such as bio or interests;
  • community events you create, including the creator identity shown with those events;
  • participant or creator identity where an event feature shows who created, joined, or is otherwise associated with a community event;
  • messages and chat content shared with the recipients or participants in the relevant conversation;
  • other information you intentionally share through social, profile, or community-event features.

We do not sell personal data to third parties for their own marketing purposes.

6. Security

We use reasonable administrative, technical, and organizational measures designed to help protect personal information, such as transport security where supported, authenticated access controls, monitoring, and limiting access to information to those who need it for service operations.

We also use logs, diagnostics, and abuse-prevention controls to help protect the service and its users.

No method of transmission, storage, or processing is completely secure, and we cannot guarantee absolute security.

7. Data Retention

Different categories of information may be kept for different periods. For example:

  • account and profile information is generally kept while your account is active, unless retention is needed for legal, security, or abuse-prevention reasons;
  • community event submissions, messages, and other user content may be kept while needed to operate XPLR or until removed, subject to limited backup or operational retention;
  • support communications, abuse reports, and moderation-related records may be kept as long as reasonably needed to review the issue, maintain necessary records, and protect the service;
  • crash logs, diagnostics, and analytics are retained under the relevant service or provider retention settings and for as long as needed for troubleshooting, service improvement, and security;
  • backups may remain until they are overwritten under our normal backup rotation.

If you delete your account, XPLR generally anonymizes or deletes core account data and removes related account connections, sign-in records, location preferences, and device tokens. Some limited information may remain temporarily in backups, logs, or records kept for legal, security, abuse-prevention, or operational reasons.

8. Your Choices

  • You can update certain account and profile information in the app.
  • You can manage notifications and device permissions through the app or your device settings.
  • You can delete your account through the app.
  • If you cannot access the app, you can request deletion through our Delete Account page or by contacting us.
  • You can contact us with privacy questions or requests.

Subject to applicable law, you may also have rights to request access, correction, deletion, restriction, objection, or portability, and to withdraw consent where processing is based on consent.

To exercise these rights, contact us at support@xplr.events and describe the request and the account it relates to. We may request reasonable information to verify your identity before acting, and some requests may be limited by law, security needs, or technical necessity.

We will review and respond to privacy requests within the time required by applicable law. You may also have the right to lodge a complaint with the Serbian Commissioner for Information of Public Importance and Personal Data Protection or another relevant data protection authority.

9. Children

XPLR is not intended for children under 15. If you are under 15, you may not use the service. If you believe a child under 15 has provided personal information to XPLR, please contact us so we can review and act on the issue.

10. International Processing

Some information may be processed in countries other than your own, including through service providers we use to operate XPLR. Where required, we rely on applicable transfer mechanisms or safeguards that are designed to support lawful international processing.

11. Changes To This Policy

We may update this Privacy Policy from time to time to reflect product changes, legal requirements, or operational updates. If we make a material change, we will update the "Last updated" date on this page and may provide additional notice inside the app or on the website where appropriate.

12. Contact

Questions about privacy, data handling, account deletion requests made outside the app, or formal legal notices can be sent to support@xplr.events.

If you need the controller's full legal name for a formal privacy or legal request, please contact us at that address.

XPLR support contact

Email: support@xplr.events
Operator status: individual owner of XPLR based in Serbia