Fortuito is committed to protecting your privacy and being transparent about how we collect, use, and protect your personal information.
1. Information We Collect
Information You Provide
- Phone Number: Required for account creation, verification, and push notifications
- Profile Information: Age, gender, interests, relationship preferences, education level, personality traits, values, life goals, and other details you choose to share
- Location Data: GPS coordinates when location sharing is toggled on and you are outside one of your designated Privacy Zones, used to find nearby matches (automatically deleted after 2 hours)
- Messages: Content of messages sent through the app once you have been matched with another user
Information Automatically Collected
- Usage Data: How you interact with the app, features used, and timestamps
- Device Information: Device type, operating system, app version, unique device identifiers
- Match Data: Match acceptance/rejection decisions, match durations, and outcomes
2. How We Use Your Information
We use your information to:
- Provide the Service: Match you with compatible people nearby and facilitate communication
- Send Push Notifications: Alert you about matches and important updates
- Matching: Generate compatibility scores and create personalized match descriptions based on values, personality traits, life goals, and other personal attributes, and improve matching algorithms
- Account Management: Verify your identity through SMS one-time passwords (OTP)
- Safety & Security: Prevent fraud, investigate reports, enforce our Terms of Service and Safety Policy, and maintain user safety
- Improve the Service: Analyze usage patterns, fix bugs, develop new features, improve matching algorithms and prompts
- Legal Compliance: Respond to legal requests and protect our rights
3. How We Share Your Information
With Other Users
- Match Information: When matched, users see your age, gender, level of education, and a compatibility description (your raw profile information is never shown)
- Messages: Delivered to other users in the in-app messaging service
- Location: Only used to determine proximity (never shared directly with other users and automatically deleted after 2 hours)
With Service Providers
- Supabase: Database hosting for user profiles, match data, and app content
- Twilio: SMS delivery service for OTP verification and announcements
- OpenAI: We share profile information you provide (such as personality traits, values, and relationship preferences) with OpenAI's API to generate compatibility assessments, match descriptions, and opening questions. This data is sent via API and is not used by OpenAI to train or improve their AI models. No location data, phone numbers, or direct contact information is shared with OpenAI.
- Firebase Cloud Messaging (Google): Push notification delivery service for match alerts, reminders, and service updates
- Vercel: Application hosting
- Google Play / Apple App Store: App distribution and subscription management
Legal Requirements
We may disclose your information if required by law, court order, or to protect the rights, property, or safety of Fortuito, our users, or others.
We Never Sell Your Data
We do not sell, rent, or trade your personal information to third parties for marketing purposes.
4. Push Notifications & SMS Communications
By providing your phone number and enabling notifications, you consent to receive communications from Fortuito, including:
- SMS one-time verification codes during account setup
- Push notifications when compatible users are nearby
- Push notifications about match responses and connections
- In-app messages from matched users
- Periodic reminders that location sharing is active
- Important service and safety updates
- Occasional promotional messages from Fortuito (you may opt out)
SMS Messages
SMS text messages are used only for:
- Account Verification: One-time password (OTP) codes when creating your account or signing in
- Service Updates: Important account or safety-related notifications
- Marketing: Occasional promotional messages (you may opt out by replying STOP)
SMS is not used for match notifications or messaging between users—those are handled through push notifications and in-app messaging.
Push Notifications
Push notifications are our primary communication method for match alerts, connection updates, and time-sensitive information. You can manage push notification preferences in your device settings or the app.
Notification Frequency: Varies based on your activity and matches. You may receive multiple notifications per day when actively using the service.
SMS Message & Data Rates: Standard SMS rates may apply as determined by your mobile carrier for verification codes.
Opt-Out:
- SMS Marketing: Reply STOP to any promotional SMS to opt out
- Push Notifications: Disable in your device settings or app settings (this will effectively pause your account)
5. Location Data & Privacy Zones
Fortuito uses location data responsibly:
- Background Location: The app shares your location only when you have enabled location sharing to detect nearby compatible matches
- 2-Hour Auto-Deletion: All location data is automatically deleted after 2 hours
- Privacy Zones: You can set privacy zones (like your home, workplace, or other sensitive locations) where the app will not track your location or notify you of matches. Privacy Zones are stored on your device only—Fortuito does not have access to your Privacy Zone locations
- No Longitudinal Tracking: We do not build a historical record of where you've been
- Proximity Only: Other users never see your exact location—only whether you're nearby
6. Data Retention
- User Profiles: Retained until you delete your account
- Location Data: Automatically deleted after 2 hours
- Active Matches: Match data and messages retained until the match is deleted by both users (may be retained longer for a match that is reported by a user for safety concerns)
- Match History: Basic match metadata (date, outcome) retained for safety and service improvement purposes
- Deleted Accounts: Personal data deleted within 30 days (some safety-related data retained as detailed below)
Data Retained After Account Deletion (For Safety)
For user safety and to prevent abuse, we retain the following after account deletion:
- Phone number retained for 90 days to enforce account creation cooldown
- Safety reports and investigations indefinitely
- Banned user identifiers indefinitely
7. Your Privacy Rights
You have the right to:
- Access: Request a copy of your personal data
- Correction: Update inaccurate or incomplete information through the app
- Deletion: Request deletion of your account and personal data (subject to safety-related retention)
- Opt-Out: Disable notifications in app settings
- Data Portability: Receive your data in a portable format
- Object: Object to certain uses of your data
To exercise these rights, contact us at the information below or use the in-app account deletion feature.
8. Security
We implement reasonable security measures to protect your information, including:
- Encryption of data in transit and at rest
- Secure SMS OTP authentication
- Anonymous messaging to protect personal information
- Device token authentication for all app requests
- Regular security audits and updates
- Limited employee access to personal data
- Rate limiting to prevent abuse
However, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.
9. Children's Privacy
Fortuito is not intended for users under 18 years of age. We do not knowingly collect information from minors. If we become aware that we have collected personal information from someone under 18, we will delete it immediately.
10. International Users
Fortuito is operated in the United States. If you are accessing the service from outside the U.S., your information will be transferred to, stored, and processed in the United States. By using our service, you consent to this transfer.
11. California Privacy Rights (CCPA)
California residents have additional rights under the California Consumer Privacy Act (CCPA):
- Right to know what personal information is collected, used, shared, or sold
- Right to delete personal information (subject to safety-related exceptions)
- Right to opt-out of the sale of personal information (we do not sell personal information)
- Right to non-discrimination for exercising CCPA rights
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last Updated" date. We may also notify you through the app. Your continued use of the service after changes constitutes acceptance of the updated policy.
13. Contact Us
Email: support@fortuito.app
For privacy-related inquiries, data requests, or to exercise your privacy rights, please email us with "Privacy Request" in the subject line.
14. SMS Terms & Compliance
By using Fortuito and providing your phone number, you agree that:
- You are the account holder or have authorization to use the phone number provided
- You consent to receive automated SMS messages for verification purposes
- You consent to receive occasional promotional SMS messages from Fortuito
- Standard message and data rates may apply
- Message frequency varies: verification codes are sent only when you initiate sign-in; promotional messages are sent occasionally (typically 1-4 per month)
- You may opt out of promotional SMS at any time by replying STOP to any message
- For help, reply HELP to any SMS or contact support@fortuito.app
SMS Use Cases
- Verification: One-time passwords (OTP) sent during account creation and sign-in
- Promotional: Information about new features, events, or special offers (opt-out available)
- Transactional: Important account alerts or safety notifications
Match notifications and user messaging are handled through push notifications and in-app messaging, not SMS.
Our SMS service is provided via Twilio. For questions about SMS delivery or carrier-specific issues, see Twilio's Privacy Policy at twilio.com/legal/privacy.