Groovr Privacy Policy

Effective Date: May 15, 2026 · Last Updated: May 15, 2026

This Privacy Policy explains how Groovr (“we,” “us,” or “our”) collects, uses, and shares your personal data when you use our mobile application (“App”).

1. Who We Are

Groovr is a social platform for vinyl record collectors to connect and arrange in-person record swaps. The data controller responsible for your personal data is Groovr. You can reach our privacy team at privacy@groovr.me.

2. What Data We Collect

We collect the following categories of personal data:

Category	Examples	Source
Account Data	Name, email address, username, password (hashed)	You, on registration
Profile Data	Profile photo, bio, location (city/region only)	You, when setting up your profile
Listing Data	Record titles, artists, labels, condition notes, photos	You, when creating listings
Album Artwork	Images fetched from the Discogs API for identification	Discogs API
Communications	Messages sent between users within the App	You, when messaging
Usage Data	Pages visited, features used, timestamps, crash reports	App automatically
Device Data	Device model, OS version, app version, device identifiers	App automatically
Location Data	Approximate location (city/region) to surface nearby swappers	You (permission required)

We do not collect precise GPS coordinates. We do not access your contacts, camera roll, or microphone without explicit in-app permission.

3. How We Use Your Data

We use your personal data to:

Create and manage your account
Display your profile and listings to other users
Fetch album artwork from Discogs to identify records
Connect you with nearby collectors
Enable in-app messaging between users
Send service notifications (e.g. new swap requests)
Improve the App and fix bugs
Prevent fraud, abuse, and policy violations
Comply with legal obligations
Send marketing communications (with your consent)

4. Album Artwork & the Discogs API

When you add a record, Groovr may retrieve album artwork from Discogs to help identify and display it. This artwork is owned by the respective rights holders and is used solely for record identification within the App. Groovr does not claim any rights in Discogs-sourced images.

5. Sharing Your Data

We do not sell your personal data. We may share it in the following circumstances:

Other Groovr Users: Your public profile, city-level location, and listings are visible to other users.
Service Providers: Contracted partners who process data on our instructions (e.g. hosting, analytics).
Legal & Safety: When required by law, court order, or to protect the safety of any person.
Business Transfers: If Groovr is acquired or merged, data may transfer to the new entity under equivalent protections.

6. International Data Transfers

Your data may be transferred to and processed in countries outside your home country. Where we transfer data outside the UK or EEA, we ensure appropriate safeguards such as Standard Contractual Clauses are in place.

7. Data Retention

We retain your personal data for as long as your account is active and for a reasonable period thereafter to comply with legal obligations, resolve disputes, and enforce our agreements. When data is no longer needed, we delete or anonymise it.

8. Your Rights

Depending on where you live, you may have the right to:

Access — request a copy of your personal data
Rectification — ask us to correct inaccurate data
Erasure — ask us to delete your data (subject to legal obligations)
Restriction — ask us to pause processing in certain circumstances
Portability — receive your data in a machine-readable format
Object — to processing based on legitimate interests
Withdraw Consent — for any consent-based processing, at any time

To exercise any of these rights, contact us at privacy@groovr.me. We respond within 30 days.

To request deletion of your account and personal data, visit our Account Deletion page.

9. Cookies & Tracking

The Groovr mobile app does not use browser cookies. We may use device identifiers and analytics SDKs to understand app usage and improve performance. You can reset your mobile advertising identifier via your device settings.

10. Children's Privacy

Groovr is not directed at children under 18. We do not knowingly collect personal data from anyone under 18. If you believe a child has provided us with personal data, please contact us at privacy@groovr.me and we will promptly delete it.

UAE — Child Digital Safety Law: In compliance with Federal Decree-Law No. 26 of 2025 on Child Digital Safety (in force from 1 January 2026), Groovr implements age verification at registration to prevent under-18s from accessing the App. We do not collect, process, or share personal data of children under any circumstances.

11. Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or destruction. If you become aware of a security issue, please contact us at security@groovr.me.

12. UAE Compliance (PDPL)

If you are located in the United Arab Emirates, your personal data is processed in accordance with Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data (PDPL). You have the right to access, correct, and request deletion of your personal data by contacting privacy@groovr.me.

13. California Residents (CCPA)

If you are a California resident, the CCPA provides you with the right to know what personal information we collect, the right to delete it, the right to opt out of the sale of your information (we do not sell personal information), and the right not to be discriminated against for exercising your rights.

14. Contact Us

For questions about this Privacy Policy, please contact us at privacy@groovr.me.