Twofer Privacy Policy

Effective date: June 7, 2026

Twofer helps people discover and redeem local deals from participating businesses. This Privacy Policy explains what we collect, how we use it, who helps us operate the service, and the choices you have.

1. Information We Collect

When you use Twofer, we may collect:

Account and profile information

  • Email address and authentication identifiers.
  • Consumer ZIP code, optional birthdate, and legacy age range.
  • Business name, owner or contact name, business email, phone number, address, hours, category, and profile details.
  • Business invite validation information during the pilot.

Location information

  • GPS location from your device if you allow location access.
  • ZIP code or general area if you choose not to share GPS location.
  • Business latitude, longitude, and address information used for maps and nearby sorting.

Photos, audio, and user content

  • Deal photos, business logos, menu photos, and other images you upload or capture.
  • Voice input you record for AI Compose.
  • Deal titles, descriptions, prices, menu items, business descriptions, reports, and other content you submit.

App activity and diagnostics

  • Deals you view, claim, redeem, share, or save.
  • Businesses you view, favorite, or report.
  • Push notification preferences and Expo push tokens.
  • App version, platform, first-party analytics events, and sanitized error and diagnostic data.

Twofer collects sanitized error and diagnostic data, such as error source, fatal flag, error name, error hash, app version, app build, and platform. This diagnostic data is not linked to your identity, is not used for tracking, and is used only to diagnose errors and improve reliability. We do not collect raw crash logs or performance data.

Payment information

The first iOS release is a free pilot. No in-app purchase, paid upgrade, external payment, or subscription flow is exposed in the app for v1.

2. How We Use Information

We use information to:

  • Create, authenticate, and manage your account.
  • Show nearby deals and businesses.
  • Let you claim, redeem, save, and share deals.
  • Help businesses create, publish, manage, and measure deals.
  • Send service-related messages, deal alerts, reminders, and push notifications when enabled.
  • Prevent fraud, abuse, duplicate redemptions, and unauthorized business access.
  • Provide aggregated or de-identified reporting to participating businesses.
  • Operate, debug, secure, and improve the app and website.

3. AI Features and Audio Transcription

Twofer includes AI-assisted business tools. These tools can help draft deal copy, extract menu items from photos, polish or generate deal images, translate deal copy, and transcribe voice input.

If you use voice input, your recorded audio is sent from the app to our backend and then to an AI transcription service. The transcript is returned to the app so you can review and edit it before publishing.

Photos, typed prompts, business profile details, and draft deal content may also be sent to AI service providers when you choose to use AI-assisted creation features.

4. What Businesses Can See

Businesses do not receive your personal contact information just because you view, claim, or redeem a deal.

Twofer may provide businesses with aggregated or de-identified reporting, such as:

  • Total claims and redemptions.
  • Redemption rate and time-of-day trends.
  • General age bands and ZIP-based trends.
  • New versus returning customer trends.
  • Claim and redemption delay patterns.

We do not intend to provide businesses with your direct identity, email address, exact birthdate, precise GPS location, or detailed personal activity history for ordinary app use.

5. Service Providers

We use service providers to operate the app and website. They may process information for us only as needed to provide their services.

  • Supabase for authentication, database, storage, and Edge Functions.
  • OpenAI for AI transcription and AI-assisted text, menu, translation, and image features.
  • Expo, Firebase, and Apple push services for push notification delivery.
  • Google Maps and Places services for maps, directions, and business lookup support.
  • Vercel for website hosting and website analytics.

6. How We Share Information

We may share information:

  • With service providers who help us operate the app and website.
  • With participating businesses in aggregated or de-identified form.
  • When a public deal or share link intentionally shows deal and business preview information.
  • If required by law or needed to protect rights, safety, security, or platform integrity.
  • In connection with a merger, acquisition, financing, or sale of assets.

We do not sell personal information in the ordinary meaning most users expect. We do not use your data for cross-app tracking.

7. Data Retention

We keep information for as long as needed to operate the service, comply with legal obligations, resolve disputes, prevent fraud and abuse, enforce agreements, and improve the platform.

Some information may remain in aggregated, de-identified, backup, security, or compliance records after account deletion.

8. Your Choices

You can:

  • Update account and profile information in the app.
  • Control location permissions through your device settings.
  • Choose ZIP code instead of GPS for nearby features.
  • Turn push notifications on or off in the app or device settings.
  • Request account deletion in the app or by email.
  • Contact us with privacy questions.

9. Account Deletion

Consumer accounts can start deletion from Settings. Business accounts can start deletion from the Account tab. If you cannot access the app, contact us at twoferadmin@gmail.com.

We may retain limited information where required for legal, security, fraud-prevention, accounting, backup, or compliance purposes. Aggregated or de-identified information may remain.

10. Children

Twofer is not directed to children under 13. If you believe a child under 13 has provided personal information to us, contact us so we can review and delete it as appropriate.

11. Security

We use reasonable administrative, technical, and organizational measures to protect information. No system is completely secure, and we cannot guarantee absolute security.

12. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will update the effective date and may provide additional notice where appropriate.

13. Contact

If you have questions about this Privacy Policy, contact us at: twoferadmin@gmail.com