← Back to settings

Privacy Policy

Last updated: 2026-05-15 · Draft for invite-only MVP

In plain English

Newrel is a connection app: you build a profile, see other people nearby, swipe to express interest, broadcast short-lived signals for in-person meetups, and chat when both sides have matched. To do that, we collect what you put into your profile, where you are when you publish a signal, and the actions you take in the app. We don't sell this data. We share it with the service providers listed below because we use their infrastructure to run the app.

What we collect

  • Account & identity — your email address and any name / avatar you supply, managed by our auth provider Clerk.
  • Profile — name, headline, location text, summary, experience & education entries, skills, interests, "looking for" tags, social links (LinkedIn, X, Instagram), and your profile photo.
  • Personality questions — your responses to the onboarding personality questionnaire and the seed scores derived from them.
  • Location — your approximate latitude and longitude when you choose to broadcast a signal or browse the map. You can enable "Location Privacy" in Settings to fuzz your published location.
  • Activity — swipe events (like / pass / super like) tied to the candidate shown, signals you publish, responses you send, messages you exchange, push subscriptions, and connection requests / acceptances.
  • Device — basic browser / device info necessary to deliver push notifications when you opt in.

How we use it

  • Show you to other users you might want to connect with.
  • Generate semantic search and ranking suggestions when you search for someone.
  • Deliver signals in your vicinity to relevant nearby users.
  • Route messages between matched users and deliver push notifications you've opted into.
  • Moderate user-generated content (signal text, messages) for prohibited material before it reaches other users.
  • Operate the service: debug issues, prevent abuse, and analyze aggregate product usage.

Service providers we use

We route relevant data through the providers below. Each is contractually limited to processing your data on our behalf.

  • Clerk — authentication and session management.
  • Supabase — primary database, file storage, and realtime delivery of messages, notifications, and signal updates.
  • Modal — runs our recommendation, search, and embedding compute.
  • OpenAI — generates text embeddings, extracts intent from signals, and moderates user-supplied text. The text you publish (signals, profile fields, messages routed for moderation) is sent to OpenAI under their API data-handling terms; OpenAI does not use API content to train its models.
  • Mapbox — renders the map surface. Mapbox receives location queries necessary to render tiles around your view.
  • Vercel — hosts and serves the web app.
  • PostHog — anonymous-ish product analytics on which features are used.
  • Web Push (Apple / Google / Mozilla) — delivers notifications you've opted into. The push endpoint URL is provided by your browser vendor.

What we DON'T do

  • We don't sell your data to advertisers.
  • We don't share your profile data with third parties beyond the operational service providers above.
  • We don't read your messages to anyone except for automated moderation flagging.
  • We don't track you across other websites.

Retention

Profile data, messages, and connections are retained for as long as your account is active. Expired signals are removed automatically. When you delete your account from Settings, we initiate deletion of your account in Clerk and queue removal of your associated rows in our database. Some aggregated, fully anonymized analytics may persist for service health reasons.

Your rights

Subject to the privacy laws that apply to you, you may have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate data (you can edit most of it directly from your profile).
  • Delete your account and associated data.
  • Object to specific uses of your data.
  • Export your data in a portable format.

To exercise any of these, contact us at the address below. We aim to respond within 30 days.

Security

We use HTTPS in transit, row-level security in our database, and scoped API keys for our service providers. No system is perfectly secure; we'll notify affected users without undue delay if we become aware of a breach affecting your data.

Children

Newrel is not directed to anyone under 18. If you believe a minor has created an account, contact us and we'll remove it.

Changes to this policy

We'll update the "Last updated" date above when this policy changes. Material changes will be communicated in-app or by email.

Contact

Questions, requests, or concerns? privacy@newrel.app