← ProxiNet

Privacy Policy

Last updated: April 15, 2026

ProxiNet is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our application and services. We comply with the General Data Protection Regulation (GDPR) and applicable Czech data protection laws.

1. What Data We Collect

Account & Authentication

When you sign up, we collect your email address. We use magic link authentication (one-time password via email), so we don't store passwords. No profile photos or social login information.

Location Data

To show you messages nearby, we collect your GPS location. Location is used only to deliver proximity-based messages. An approximate area is stored with each message for its 7-day lifetime, then deleted automatically. Your location is never tracked or logged for analytics or surveillance.

Early Access Signup

If you signed up for early access, we collected your email and postal code to understand our user base geographically. Postal codes are treated as general location hints and not linked to exact addresses.

Messages & Content

We store the text content of messages you post and replies you make. Messages are deleted automatically after 7 days. User-generated content (messages) is stored with an author name and timestamp.

Device Information

We may collect basic device type (mobile/desktop) for debugging and app optimization purposes.

Reports & Moderation

If you report a message, we store your report (content and timestamp) for moderation purposes. This helps us maintain a safe community.

2. Legal Basis for Processing

Under GDPR, we process your data on these bases:

  • Legitimate Interest: Email address, device type, and postal code (early access) — necessary to provide the core service and maintain the app.
  • Explicit Consent: Location access — you must grant permission in your browser/device settings. We request this consent upfront.
  • Contractual Necessity: Message content — required to deliver the service you've agreed to use.
  • Legal Obligation: Report data — kept for moderation and potential legal compliance.

3. How We Use Your Data

  • Service Delivery: Email and location to authenticate you and show nearby messages.
  • Push Notifications: We may send web push notifications (via VAPID keys) to notify you of new messages in your area. You can disable these in your browser settings.
  • Moderation & Safety: Reports are reviewed to remove spam, abuse, or harmful content.
  • App Improvement: Anonymized device data helps us debug and optimize performance.
  • No Tracking: We do not use cookies for tracking, analytics, or advertisements. No third-party ad networks.

4. Location Data & Proximity Delivery

ProxiNet's core feature is proximity-based messaging. Here's how location data flows:

  • Collection: With your explicit permission, we collect your GPS coordinates.
  • Usage: Your location is used only to calculate which messages are near you (based on a radius you choose) and to attach location to the messages you post.
  • Retention: An approximate area is not stored permanently. It exists only within each message record until the message expires and is deleted (7 days).
  • Not Tracked: We do not create a location history or timeline of where you've been. Each message is a snapshot, not a breadcrumb trail.

5. How Long We Keep Your Data

  • Messages: Deleted automatically after 7 days.
  • Account Data: Email, device type, and other account information are kept until you delete your account.
  • Location: Attached to messages; deleted with the message (7 days).
  • Reports: Kept for moderation purposes; retained as long as necessary for moderation purposes, then deleted.
  • Early Access Data: If you no longer use the app, you may request deletion of early access signup information.

6. Third-Party Services & Data Processors

ProxiNet uses the following services to operate:

Supabase (Backend & Database)

Supabase hosts our PostgreSQL database in the EU/Europe region, ensuring your data stays within EU borders under GDPR. They provide authentication, database storage, and real-time APIs. Supabase Privacy Policy.

Vercel (Hosting)

Vercel hosts our frontend application. Content may be served from edge nodes globally, but Vercel maintains a GDPR-compliant Data Processing Agreement. Vercel Privacy Policy.

AWS SES (Email Service)

Amazon SES sends magic link authentication emails. Email addresses are transmitted to AWS for delivery. AWS Privacy Policy.

No analytics cookies, no ads, no tracking pixels. We do not use Google Analytics, Meta Pixel, or third-party ad networks.

7. Cookies & Local Storage

  • Essential Cookies Only: We use minimal session cookies required for authentication. No tracking cookies, no analytics cookies, no third-party cookies.
  • Local Storage: Your browser may store session tokens and preferences locally for faster loading.
  • Push Notification Registration: Browser push notification subscriptions (VAPID) are stored on your device and our servers to send notifications.

8. Your GDPR Rights

You have the following rights under GDPR:

  • Right of Access: Request a copy of all personal data we hold about you.
  • Right to Rectification: Correct inaccurate or incomplete data.
  • Right to Erasure: Request deletion of your data ("right to be forgotten").
  • Right to Restrict Processing: Limit how we use your data.
  • Right to Data Portability: Receive your data in a standard format.
  • Right to Object: Opt out of certain data processing.
  • Right to Lodge a Complaint: Contact your national data protection authority.

To exercise these rights, contact us at tibor@proxinet.app. We will respond within 30 days.

9. Children's Privacy

ProxiNet is intended for users 15 years of age or older (as required by Czech Act No. 110/2019 Coll.). We do not knowingly collect personal data from children under this age. If we become aware that a child has provided us with personal data, we will delete it promptly. Parents or guardians may contact us if they believe a child has created an account.

10. Contact & Data Protection Officer

Questions about this Privacy Policy? Contact us:

Email: info@proxinet.app

Domain: proxinet.app

Operator: ProxiNet

Czech Data Protection Authority: Úřad pro ochranu osobních údajů (ÚOOÚ)

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you via email or by posting an updated version on this page with a new "Last Updated" date. Your continued use of ProxiNet after changes indicates your acceptance of the updated policy.

This Privacy Policy is aligned with GDPR (EU 2016/679) and Czech Act No. 110/2019 Coll., on Personal Data Protection. Last updated: April 15, 2026.