Privacy Policy for GeoCart

Last Updated: December 1, 2025

1. Introduction

Welcome to GeoCart ("we," "our," or "us"). This Privacy Policy explains what information we collect, how we use it, how it may be shared, and the choices you have. It also describes measures we take to safeguard your information and how you can contact us about our privacy practices.

We comply with applicable privacy regulations, including GDPR and CCPA. By using GeoCart, you agree to the practices described in this policy.

2. Information We Collect

2.1 Personal Information You Provide

Account & Profile: Name, username, display name, email, phone number, profile photos/avatars, bios
Verification: Phone verification status and timestamps, identity signals (if applicable)
Preferences: Privacy preferences including phone sharing and location visibility settings

2.2 Marketplace & Requests

Listings and requests content, images, categories, prices, and metadata
Pings and messages exchanged between users
Ratings, reviews, reports, favorites, hidden items, blocked users

2.2.1 Blood Donation Feature

Donor Profiles: Blood type, years of donating experience, total donations count, phone number, location (latitude, longitude, location label), active/inactive status
Blood Requests: Requested blood type, urgency level, location, contact information
Donor Statistics: Aggregated counts of registered donors by blood type (for display purposes only)

2.3 Device, Usage & Analytics

Device details (model, OS), app version, performance and error logs
Usage metrics (features used, session data) for product improvement

2.4 Location

Approximate or precise location (if you grant permission) to enable nearby search and distance calculations

2.5 Permissions & Platform Access

Camera: To capture listing photos and profile images (with your consent)
Media Library: Access to images/videos via modern scoped permissions (e.g., READ_MEDIA_IMAGES/VIDEO) or system photo picker
Location: To power nearby search and distance calculations (optional)
Notifications: Device token for push notifications (optional, can be disabled)

3. How We Use Information

Provide and improve marketplace and request features
Enable messaging, pings, notifications, and support
Show nearby content using your location settings
Implement verification and trust indicators on profiles and listings
Moderate and enforce policies (including usernames, listings, and requests)
Detect and prevent fraud, abuse, and security incidents
Measure performance and enhance user experience
Manage OMNI rewards, achievements, and leaderboards (no monetary value)
Facilitate blood donation matching by connecting donors with blood requests based on blood type compatibility and location proximity

4. Phone Sharing & Visibility

You control whether your phone number is visible to others. Your preference can be changed at any time in the app settings. When enabled, your phone number may be shown to the other party in relevant interactions; when disabled, it remains hidden.

We store your preference and the time it was last updated
We do not sell your phone number or share it for advertising

Important:

We are not responsible for how other users use your phone number once shared
Sharing your phone number is at your own risk
We recommend exercising caution when sharing contact information with other users

5. Location Sharing & Visibility

Location access is optional and used to power nearby search and relevance. You can disable precise location in your device settings. When disabled, the app may use approximate location or allow manual selection.

Used to sort listings/requests by distance and relevance
Not shared with third parties for advertising purposes
Can be turned off at any time in system settings

Location Accuracy Disclaimers:

Location data may be approximate and we do not guarantee accuracy
We are not responsible for location data errors or inaccuracies
Distance calculations are estimates and may not reflect actual travel distances
We are not liable for any harm resulting from location sharing or inaccuracies

6. Verification & Trust

We process verification data (e.g., phone verification and identity signals) to enhance trust and safety. Your verification status may be visible on your profile and content.

Verification records are retained for a limited period (typically up to 3 years)
Used only for safety reviews and Trust & Safety measures

Verification Limitations:

Verification does not guarantee user identity, credibility, or trustworthiness
We do not conduct comprehensive background checks or identity verification
Verification badges are for informational purposes only and do not constitute endorsements
We are not responsible for verification failures, impersonation, or identity fraud
Users should independently verify the identity and credibility of other users

7. Information Sharing

We do not sell personal data. We may share limited data in these cases:

With other users as part of marketplace functionality (e.g., profile details, verification status, listing/request content)
With service providers strictly to operate the app: Supabase (hosting & auth), Google Analytics (usage), Sentry (error reports), Google Maps (location & maps)
To comply with laws or enforce our policies

Important Disclaimers:

We are not responsible for how other users use information you share through the platform
We do not control or monitor communications between users
We are not liable for misuse of your information by other users or third parties
Sharing information with other users is at your own risk

8. Security

Encryption in transit and at rest where applicable
Row Level Security (RLS) and access controls to isolate user data
Audit logging, periodic reviews, and security updates

Security Disclaimers:

While we implement security measures, no system is 100% secure
We cannot guarantee absolute security of your data
We are not liable for unauthorized access, data breaches, or security incidents
You are responsible for maintaining the security of your account credentials
You should use strong passwords and enable available security features
We are not responsible for security breaches caused by third-party services

9. Retention

Account data: retained until account deletion
Communications: retained while account remains active
Verification: retained typically up to 3 years after verification
Analytics logs: time-limited and aggregated where possible

10. Your Rights

Subject to applicable law (e.g., GDPR/CCPA), you may access, rectify, delete, export your data, withdraw consent, and manage privacy preferences. You may also request updates to non‑compliant identifiers (including usernames) that violate policies.

10.1 How to Exercise Your Rights

To exercise any of these rights, contact us at:

Email: geocartindia@gmail.com

Phone: +91 8281 29 9264

Address: Kozhikode, Kerala, India

We will respond to your request within 30 days (GDPR) or 45 days (CCPA). We may require verification of your identity before processing your request.

11. Children's Privacy

GeoCart is not intended for children under 13. If we learn that we have collected personal information from a child under 13, we will delete it and take appropriate steps to prevent further collection.

12. International Transfers

Your information may be processed in countries outside your own. Where required, we implement appropriate safeguards such as Standard Contractual Clauses and data processing agreements.

13. Blood Donation Feature

13.1 Data Collection and Use

The blood donation feature allows users to register as blood donors and create blood requests. We collect and process the following information for this feature:

Blood type information provided by users
Donation history (years donating, total donations) as self-reported by users
Location data to facilitate matching donors with nearby requests
Phone number for contact purposes (subject to your phone sharing preferences)
Active/inactive status to control profile visibility

13.2 How Blood Donation Data is Used

Display donor profiles to users searching for blood donors
Match blood requests with potential donors based on blood type compatibility and location
Calculate and display distance between donors and requests
Show aggregated statistics about registered donors (for informational purposes only)
Enable communication between requesters and potential donors

13.3 Important Medical and Liability Disclaimers

CRITICAL: We are a technology platform that facilitates connections between users. We are NOT a medical service, healthcare provider, or blood bank.

No Medical Verification: We do not verify, validate, or confirm any medical information provided by users, including blood type, eligibility to donate, health status, or medical history
No Medical Advice: We do not provide medical advice, recommendations, or guidance regarding blood donation, transfusion, or medical procedures
No Guarantee of Matches: We do not guarantee that blood requests will be fulfilled or that suitable donors will be available
No Guarantee of Compatibility: Blood type compatibility information displayed is for informational purposes only and should be verified by qualified medical professionals
No Medical Liability: We are not responsible for any medical outcomes, complications, adverse reactions, or health issues arising from blood donation or transfusion
User Responsibility: Users are solely responsible for:
- Verifying their own blood type through proper medical testing
- Confirming their eligibility to donate blood according to applicable medical guidelines
- Consulting with qualified healthcare professionals before donating or receiving blood
- Ensuring proper medical screening and testing before any blood donation or transfusion
- Complying with all applicable laws, regulations, and medical standards
No Endorsement: Listing as a donor or creating a blood request does not constitute medical endorsement, recommendation, or guarantee by GeoCart
Location Accuracy: Location-based matching is approximate and may not reflect actual travel distances or availability
Third-Party Services: We are not responsible for the actions, services, or medical practices of any healthcare facilities, blood banks, or medical professionals that users may contact
No Warranty: We provide the blood donation feature "as is" without any warranties regarding accuracy, completeness, or suitability for any medical purpose

By using the blood donation feature, you acknowledge and agree that:

You understand that GeoCart is not a medical service or healthcare provider
You will consult with qualified medical professionals before donating or receiving blood
You assume all risks associated with blood donation, transfusion, and related medical procedures
You release GeoCart from all liability related to medical outcomes, health complications, or any consequences arising from the use of this feature
You will not hold GeoCart responsible for any medical decisions, treatments, or outcomes

13.4 Data Sharing for Blood Donation

Donor profiles (blood type, location label, donation history) are visible to other users searching for donors
Blood requests are visible to registered donors
Contact information (phone number) is shared according to your phone sharing preferences
We do not share blood donation data with third parties for advertising or marketing purposes

13.5 Retention of Blood Donation Data

Donor profiles: retained until you delete your account or remove your donor profile
Blood requests: retained until you delete the request or your account
Aggregated statistics: retained for display purposes (individual data is not identifiable in statistics)

14. Rewards and Virtual Points (OMNI)

GeoCart uses OMNI as virtual points for gamification and user engagement only. OMNI points:

Have no monetary or cash value and are not redeemable or convertible to real currency or cryptoassets
Are earned through app engagement (e.g., check-ins, achievements, referrals)
May be used for in-app features (e.g., badges, boosts) that do not confer monetary value
Are not securities, investments, financial instruments, or deposit products
Cannot be withdrawn, sold, or transferred outside the app and are not person-to-person transferable

We collect and process data related to OMNI points solely to provide gamification features and improve user experience.

15. Changes to This Policy

We may update this policy. We'll notify you of material changes in‑app or by email. Continued use of GeoCart after changes become effective constitutes acceptance.

For material changes, we will provide at least 30 days' notice before the changes take effect. We may take reasonable administrative actions to maintain safety and compliance, including editing non-compliant usernames, avatars, bios, listings, and requests.

16. Contact Information

15.1 General Privacy Inquiries

For questions about this privacy policy or our data practices:

Email: geocartindia@gmail.com

Phone: +91 8281 29 9264

Address: Kozhikode, Kerala, India

Business Hours: Monday to Friday, 9:00 AM to 6:00 PM IST

Response Time: We aim to respond to privacy inquiries within 48 hours

15.2 Data Protection Officer (GDPR)

For EU users, you can contact our Data Protection Officer at:

Email: geocartindia@gmail.com

15.3 California Privacy Rights (CCPA)

For California residents exercising CCPA rights:

Email: geocartindia@gmail.com

This privacy policy is effective as of December 1, 2025. For previous versions, please contact us at geocartindia@gmail.com.

Changelog

2025-02-20: Added comprehensive security and liability disclaimers; clarified limitations on verification, location accuracy, and information sharing; strengthened user responsibility provisions for data security and sharing.
2025-09-22: Clarified OMNI as non-cash rewards (non-redeemable, non-withdrawable); updated permissions to modern media access; minor wording updates for compliance
2025-12-01: Added comprehensive blood donation feature section with medical disclaimers, data collection details, and liability limitations; clarified that GeoCart is not a medical service or healthcare provider