PRIVACY POLICY

Effective Date: November 1, 2025

This Privacy Policy ("Policy") describes how Social Moment Club Technologies Private Limited ("Company", "we", "our", or "us") collects, uses, stores, and protects personal data of individuals ("you", "user", or "data principal") who access or use the SoMo mobile application and website ("App" or "Platform").

This Policy is published in compliance with the Digital Personal Data Protection Act, 2023, the Information Technology Act, 2000, and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011.

By using the App, you consent to the collection and processing of your data in accordance with this Policy.

1. Data Collected

We collect the following personal and device information when you register or use SoMo:

Identity Information — First Name, Last Name, Gender, Date of Birth (used to determine your age bracket).
Photograph/Selfie — Used to generate your avatar and for the feed’s "vibe updates".
Location Data — Collected (a) once, (b) while using the App, or (c) always, based on your choice. Used to verify event venues, enhance safety, and enable location-based features.
Contact Information — When you invite others through SMS or WhatsApp, basic contact information is used to send the invitation.
User Content — Feed updates, Posts, Prompts, Comments, Direct Messages (DMs) to other users, Event Participation Data, Tokens, vibes, badges, Event Posts, and feedback forms and safety reports submitted by you.
Device and Usage Information — IP address, device type, operating system, app version, crash logs, and related metadata to maintain security and performance.

We do not intentionally collect any sensitive personal data such as passwords, financial data, or health information unless voluntarily provided for a specific purpose.

2. Purpose of Processing

Your data is collected and processed for legitimate business and safety purposes, including:

  1. To create and manage your account and profile.
  2. To match you with other users, relevant events, and content (using AI-based personalisation).
  3. To provide App features such as feeds, comments, avatar generation, and event participation.
  4. To send personalised notifications (including but not limited to push notifications) and updates.
  5. To verify event venues and ensure participant safety.
  6. To monitor user content and maintain community standards.
  7. To detect spam, fraud, abuse, harmful behaviour, or safety risks using automated systems including AI-based classifiers.
  8. To provide event-related access information (for example: event details, joining instructions, or links to third-party video platforms such as Google Meet or Whereby).
  9. To process payments for paid events or features (including through third-party service providers, payment processors, or app stores as applicable).
  10. To communicate updates, notifications, and service-related information.
  11. To comply with applicable law and respond to lawful requests.

We may use anonymised or pseudonymised data and user interactions to train, improve, or evaluate our AI models (for example: spam detection, safety classification, content understanding) without identifying you personally.

We do not sell, rent, or trade your personal data.

3. Legal Basis for Processing

Processing is based on your consent provided at the time of registration and through in-app permissions (for example, location access or photo uploads).

You may withdraw your consent at any time by deleting your account or writing to us at privacy@somoclub.com.

Certain processing may continue even after consent withdrawal if required for legal or safety purposes.

4. Data Retention and Deletion

  1. We retain your personal data only for as long as necessary to fulfil the purposes described in this Policy or as required by law.
  2. Upon deletion of your account or withdrawal of consent, we will erase or anonymise your personal data within thirty (30) days, except where retention is required:
    • To comply with legal obligations or law enforcement requests;
    • For fraud prevention, safety investigations, or dispute resolution;
    • For the establishment, exercise, or defence of legal claims.
  3. Where anonymised or pseudonymised data has been used to train or improve our AI models (e.g. spam detection, safety classifiers, content understanding), such model outputs may not be capable of being reversed, isolated, or “rolled back” to remove specific historical training inputs. However, this does not result in retention of personal data in identifiable form.
  4. Non-personal or anonymised data may be retained for analytics and improving services.

5. Data Sharing and Disclosure

We share personal data only when necessary and under appropriate data protection safeguards:

  1. Service Providers — Third-party vendors assisting with hosting, analytics, moderation, AI inference, push notifications, or avatar generation.
  2. Event Partners or Hosts — Limited information (initials, age bracket) shared for event coordination.
  3. Payment Gateways — To process payments securely.
  4. Law Enforcement or Authorities — When legally required or in response to verified safety concerns.
  5. Third-Party Video Platforms (Video-only Events) — For video-based experiences, we may rely on third-party video platforms (e.g. Google Meet, Whereby). We instruct you to set your display name to initials only for privacy. You are responsible for ensuring your display name is set as per our instructions, as we cannot enforce our privacy policy on all platforms, and your display name may be visible to other participants if you do not update it.

We ensure that all third parties receiving personal data provide comparable levels of security and confidentiality.

6. Data Security

We implement reasonable and appropriate technical and organisational measures to protect your data, including:

  1. Encryption in transit and at rest,
  2. Secure cloud storage,
  3. Limited employee access on a need-to-know basis, and
  4. Periodic security audits.

In the event of a data breach, we will notify affected users and relevant authorities in accordance with applicable law.

7. Automated Moderation and AI Processing

We use automated systems, including artificial intelligence, to:

  1. Generate user avatars and group photos;
  2. Detect and moderate inappropriate or unsafe content;
  3. Flag suspicious behaviour or event activity for review.

AI moderation may be supported by human review. No decision with legal or significant personal consequences is made solely through automation.

By using the App, you consent to such AI-based and manual moderation processes.

8. Safety Features

To enhance user safety and community well-being:

  1. The App includes a panic button to alert the authorities or designated contacts in case of distress;
  2. Event hosts must verify venues via Google Maps or FindMyBusiness Google links;
  3. Post-event feedback helps monitor safety and conduct;
  4. Safety-related data, including reports, may be retained for investigation and compliance.

We may take appropriate action, including account suspension or law enforcement reporting, based on verified reports.

9. Your Rights

As a user, you have the following rights:

  1. Right to Access — Obtain a summary of your personal data processed by us.
  2. Right to Correction and Erasure — Request correction or deletion of inaccurate or unnecessary data.
  3. Right to Delete — Request that we permanently delete your personal data held by us (subject to legal retention obligations).
  4. Right to Withdraw Consent — Withdraw consent for processing (subject to legal exceptions).
  5. Right to Nominate — Nominate another person to exercise your rights in case of death or incapacity.

You may exercise these rights by contacting our Privacy Officer at privacy@somoclub.com.

We will acknowledge requests within seven (7) working days and respond within thirty (30) working days.

10. Privacy Officer and Grievance Redressal

We have appointed a Privacy Officer to address all privacy-related concerns, complaints, or data access requests.

Privacy Officer / Grievance Officer

Social Moment Club Technologies Private Limited

Email: privacy@somoclub.com

Address: Shop No. 56/2A, Second Floor, Sadar Patrappa Road, Bangalore — 560 002

We are committed to resolving complaints promptly and transparently.

11. Children's Data

The App is intended for use only by individuals 18 years of age or older.

We do not knowingly collect data from children. If a child's data is inadvertently collected, it will be deleted immediately upon verification.

12. Third-Party Links

The App may contain links to external websites or applications (for example, WhatsApp, Google Maps, or event platforms). We are not responsible for their privacy practices, content, or security measures. Users are encouraged to review their respective privacy policies.

13. International Data Transfers

If personal data is transferred or stored outside India, we ensure that the recipient country or entity provides comparable data protection safeguards in accordance with applicable law.

14. Policy Updates

We may update this Policy periodically to reflect changes in law, technology, or App features. Material changes will be notified through in-app alerts or email.

The latest version will always be available at https://somoclub.com/privacy.html.

15. Contact Us

For privacy queries, complaints, or to exercise your rights, please contact:

Contact Us

Social Moment Club Technologies Private Limited

Email: privacy@somoclub.com

Address: Shop No. 56/2A, Second Floor, Sadar Patrappa Road, Bangalore — 560 002

© 2025 Social Moment Club Technologies Private Limited. All rights reserved.