Privacy Policy

Effective Date: February 9, 2026

Lockd In ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the Lockd In mobile application and related services (collectively, the "Service"). Please read this policy carefully. By using the Service, you agree to the collection and use of information in accordance with this policy.

1. Information We Collect

1.1 Account Information

When you create an account, we collect:

• Email address
• Full name
• Password (stored in hashed form using bcrypt; we never store your plaintext password)
• Profile photo (if uploaded)
• Timezone

1.2 Goal and Activity Data

As you use the Service, we collect:

• Goal details (title, description, milestones, progress, status)
• Check-in posts and associated photos
• Crew membership information
• Meeting details (date, time, location, attendees)

1.3 Technical and Device Information

We automatically collect:

• Push notification tokens (Expo Push Notification tokens)
• Device information (device type, operating system)
• Venue search queries (when using the venue search feature)

2. Third-Party Services

Lockd In integrates with the following third-party services:

2.1 Stripe

Users may connect their own Stripe accounts for crew-related fines and payments. We facilitate the connection between your Stripe account and the app. Stripe collects and processes payment information in accordance with its own privacy policy. We do not store your credit card numbers or bank account details.

2.2 Google Calendar

If you choose to sync meetings with Google Calendar, we access your calendar data solely to create and manage meeting events. We do not read or store other calendar data unrelated to Lockd In meetings.

2.3 Google Places API

We use the Google Places API to enable venue search for meeting locations. Your search queries are sent to Google to return relevant results. Please refer to Google's privacy policy for information on how Google handles this data.

2.4 Expo Push Notifications

We use the Expo push notification service to send you notifications about crew activity, goal updates, meeting reminders, and other relevant events. Your push notification token is stored on our servers to facilitate delivery.

3. How We Use Your Data

We use the information we collect for the following purposes:

• Account Management: To create, maintain, and secure your account
• Crew Functionality: To enable crew creation, membership, and collaboration features
• Goal Tracking: To track and display your goals, progress, and check-ins
• Meeting Scheduling: To coordinate and manage crew meetings, including venue search and calendar sync
• Push Notifications: To send you timely updates about your crew, goals, and meetings
• App Improvement: To analyze usage patterns and improve our Service
• Communication: To respond to your inquiries and provide support

4. Data Storage and Security

Your data is stored securely in a PostgreSQL database. We implement the following security measures:

• Passwords are hashed using bcrypt before storage
• Session-based authentication is used to manage user sessions
• Data is transmitted over encrypted connections (HTTPS)
• We regularly review our security practices and update them as needed

While we strive to use commercially acceptable means to protect your personal data, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security.

5. Data Sharing

We do not sell, trade, or rent your personal information to third parties. Your data is shared only in the following circumstances:

• Third-Party Service Providers: With the services listed in Section 2 (Stripe, Google Calendar, Google Places API, Expo Push Notifications), solely for the purposes described
• Crew Members: Certain data (such as your name, profile photo, goals, and check-in posts) is visible to other members of your crew as part of the core functionality of the Service
• Legal Requirements: If required by law, regulation, legal process, or governmental request
• Safety: To protect the rights, property, or safety of Lockd In, our users, or the public

We will never sell your personal data to advertisers or marketing companies.

6. Your Rights

You have the following rights regarding your personal data:

• Access: You may request a copy of the personal data we hold about you
• Correction: You may request that we correct inaccurate or incomplete personal data
• Deletion: You may request that we delete your personal data. Please see our Data Deletion Policy for more details
• Portability: You may request your data in a structured, commonly used format

To exercise any of these rights, please contact us at Support@lockdin.com.au.

7. Data Retention

We retain your personal data for as long as your account is active or as needed to provide you with the Service. If you delete your account, we will delete your personal data in accordance with our Data Deletion Policy, except where retention is required by law or for legitimate business purposes (such as anonymized analytics).

8. Children's Privacy

Lockd In is not intended for use by children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that a child under 13 has provided us with personal data, we will take steps to delete that information. If you believe a child under 13 has provided us with personal data, please contact us at Support@lockdin.com.au.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy within the app and updating the "Effective Date" at the top of this page. Your continued use of the Service after changes are posted constitutes your acceptance of the updated policy.

10. Contact Us

If you have any questions or concerns about this Privacy Policy, please contact us:

• Email: Support@lockdin.com.au
• Website: lockdin.com.au