Privacy Policy

BarMatch LLC ("BarMatch," "we," "us," or "our") provides a mobile and web platform that helps people 21+ discover local venues, meet other patrons in real time, and transact directly with participating venues. This Privacy Policy describes how we collect, use, share, and protect personal information when you use the BarMatch mobile app, the BarMatch website at barmatch.com, the venue-owner dashboard, and related services (collectively, the "Service").

By using BarMatch, you agree to this Privacy Policy. If you do not agree, please do not use the Service.

1. Who this policy applies to

This Privacy Policy applies to three audiences:

Consumer users — adults 21+ who download the BarMatch mobile app to find venues, match with people, and transact. Venue owners and staff — businesses that claim their venue listing and use the BarMatch venue-owner dashboard at barmatch.com/venue-owner to manage deals, events, VIP offers, drink menus, and other tools. Website visitors — anyone who browses barmatch.com without an account.

Sections below indicate which audience they apply to when the practices differ.

2. Information we collect

2.1 Information you provide when you sign up

To create a consumer account, we collect:

Authentication identifier — an Apple ID or Google account, used to sign you in. We do not see or store your Apple/Google password. Phone number — verified via SMS through Twilio. We store the number in standardized international format (E.164). Phone numbers enable friend discovery, contact-import matching, and protection against bot signups. Self-attested identity information at signup: first name, last name, date of birth, and gender. You confirm this information is accurate before completing signup. We use it to enforce the 21+ eligibility requirement and personalize matches. Profile photos — at least one is required; you may upload up to five. Photos are scanned for safety using automated content moderation before they go live. Match preferences and personal tags — preferred genders, favorite drink and vibe tags, optional bio (up to 250 characters).

2.2 Information you provide if you verify your identity

Identity verification is optional for most consumer features but required to send drinks to other users, accept drinks sent to you, and buy event or VIP tickets. Verification is a paid one-time purchase or included free with the Premium subscription. Vibe checks (the peer-safety polling feature) do not require verification. When you choose to verify:

Government-issued ID — captured and processed by our identity-verification partner, Persona Identities, Inc. ("Persona"). Persona collects a photo of your ID and a live selfie, performs verification, and returns to us your legal name, date of birth, gender as printed on the ID, and a record of the verification result. We receive and store the verified name, date of birth, and gender. We also store the Persona inquiry ID for audit purposes. We do not store your government ID image or your verification selfie. Persona retains those materials in accordance with their data processing agreement and privacy policy (available at withpersona.com/legal/privacy-policy).

2.3 Information collected automatically

Location information — when you ask the app to check you in at a venue, we use your device's GPS to verify you are physically at that venue. Location is collected only at check-in time and during the active check-in window (default four hours). We do not run background location. Device and connection information — device model, operating system, app version, IP address, and approximate network location. We use this for fraud detection, analytics, debugging, and abuse prevention. Usage information — features you use, screens you view, taps you make, and the timestamps of those events. We use this to improve the Service and measure feature performance.

2.4 Information generated through use

Check-ins — venue, start time, and expiry time for each check-in. Check-ins are visible to other users at the same venue under the rules of your selected privacy mode (see Section 3.3 below). Matches and messages — when two people Like each other on our Match Game, a chat thread opens. We store the match record, the messages exchanged, message timestamps, and any voice notes or images sent. Messages are retained for 60 days from the match's creation, then automatically purged. Vibe checks (peer-safety polling) — when you fire a vibe check about another user (the "subject"), we share the subject's profile with the friends you select so those friends can vote on their impression of the subject. What we share: the subject's public profile fields (name as "First L.", age, profile photos, bio, vibe and drink tags, verified-badge status) and the context in which you fired the poll (e.g., "pre-meeting" or "you matched"). We do not share the subject's contact information, exact location, message history, or unrelated activity. We store the poll, the verdict counts, and which friends voted what way. Poll results are visible to the requester and the friends invited to vote. The subject is notified that a vibe check has occurred (so they know their profile was shared) but is not shown who fired the poll or how each friend voted, and is not given any identifying information about the friends. Pre-drink and post-match profile share to friends. When a user is considering sending you a drink (Buy-a-Drink flow), or has just matched with you (Match Game flow), that user may share your profile with their friends through a vibe check before deciding whether to proceed. The shared profile consists only of the public profile fields described in the preceding paragraph. We share this data on the basis of your decision to make your profile visible in the relevant flow (Match Game requires Public visibility; drink-acceptance is a decision you make when the offer is presented). You may adjust your privacy settings at any time to limit who can consider you in these flows; see Section 5. Drink offers, ticket purchases, VIP reservations, deals, and venue invites — we store records of each transaction or social action you take in the app, including counterparties, amounts, venue, and timestamp. Friendships and pending requests — records of who you are friends with, who you have invited or blocked, and the per-friend manage-blacklist toggles you set. Reviews and ratings — venue reviews you submit, tied to a verified check-in.

2.5 Contacts (with your permission)

If you grant the app permission to access your device contacts, we collect the phone numbers and names from your contacts and send them to our server as one-way SHA-256 hashes. We use the hashes to match you with BarMatch users you already know. We do not transmit your contacts' raw names or numbers to our server, and we do not share your contact list with other users.

2.6 Payment information

For payments processed in the BarMatch app:

In-app purchases (chat refreshments, Premium subscription, identity verification) — processed by Apple App Store on iOS and Google Play Store on Android. We see only the receipt and transaction identifier, not your payment card. Card-on-file purchases (drinks, event tickets, VIP reservations) — your payment card is collected and stored by Stripe, Inc. ("Stripe"), our PCI-compliant payment processor. We receive only a tokenized reference and the last four digits of your card. Refund and dispute records — when refunds are issued, we keep a record of the transaction details and reason for our financial records.

2.7 Venue-owner information

If you operate a venue on the BarMatch platform, we collect:

Business contact information — your legal business name, business address, business phone, and an authorized representative's contact email. Ownership verification documentation — when you claim a venue, we may ask for documentation that proves you are authorized to operate it (e.g., a copy of your liquor license or business license, the venue's tax ID). Payout banking information — bank account or debit-card information you provide to Stripe Connect for receiving drink-purchase, ticket, and VIP payouts. Stripe collects and stores this; we receive only a reference identifier and payout status. POS integration credentials — when you connect your point-of-sale system (currently Square), we receive an encrypted OAuth token allowing us to read your menu and write orders. The token is encrypted at rest with AES-256-GCM. Venue content — photos, menus, drink prices, hours, deals, events, VIP offers, ad campaign creative, and other materials you upload or configure. Employee and staff information — names and emails of staff you invite to access your venue-owner dashboard (limited employees see only the surfaces you grant). Tax-related information — when required for 1099 reporting or VAT/sales tax handling through Stripe Tax.

2.8 Information from third parties

We may receive information from:

Apple and Google — your basic name and email when you sign in with Apple or Google. Apple offers a "Hide My Email" relay option which forwards messages to your real email without disclosing it; if you choose Hide My Email, the relay address is what we have on file. Other users — if another user invites you to BarMatch using their contacts, your phone number hash may identify you to that user once you sign up so they can send a friend request. Public business databases — when verifying venue claims, we may consult public data sources (state liquor control records, business directories) to confirm ownership. Fraud and abuse prevention services — Twilio provides line-type information so we can decline VoIP / burner numbers during phone verification.

3. How we use information

3.1 To provide the Service

We use information to:

Create and maintain your account, including enforcing the 21+ eligibility requirement at signup and on every drink purchase. Match you with other users on the Match Game, surface friends you may know, and enable the social features of the app. Verify you are physically at a venue when you check in. Process payments and deliver the things you purchase (drinks, tickets, VIP reservations, deals). Send transactional messages (SMS verification codes, payment receipts, drink redemption notifications, friend request notifications) via Twilio, Apple Push Notification service, and Firebase Cloud Messaging. Enable venue-owner dashboard functionality.

3.2 To improve and personalize the Service

Recommend venues, deals, events, and matches based on your location, check-in history, and preferences. Measure feature performance, fix bugs, develop new features, and conduct internal research. Send you in-app notifications about activity that relates to you (matches, messages, friend requests, drink offers, etc.) based on the per-category notification toggles you set.

3.3 To enforce safety and trust

Detect and block fraud, abuse, and violations of our Terms of Service or Community Guidelines. Investigate user reports (harassment, fake accounts, illegal content). Each report is reviewed by trained employees; serious violations result in account suspension or termination, with escalation ladder per our published policy (2 weeks → 3 months → indefinite within a rolling 12-month window). Apply rate limits, IP-based throttling, and bot detection. Refuse drink purchases when staff at the venue flag a recipient as too intoxicated to receive additional drinks for the night (the "intoxication flag" expires the next operational morning).

3.4 With your privacy mode

BarMatch supports three privacy modes for consumer accounts: public, friends-only, and incognito. Your privacy mode controls whether other patrons at a venue can see you in their Match Game, whether your check-in is visible to friends in the Friend Map, and whether the Patron Strip on the venue details page shows your photo. Per-friend overrides let you hide your location from specific friends or block specific friends from sending drink offers or vibe checks. We follow the privacy choices you make.

3.5 To comply with legal obligations

Meet tax, accounting, and financial-record retention requirements. Respond to lawful subpoenas, warrants, and court orders submitted via barmatch.com/legal/data-request. Cooperate with law enforcement when required by law to do so. Protect the rights, property, and safety of BarMatch, our users, venue partners, and the public.

4. How we share information

4.1 With other users (per your privacy mode)

Subject to your privacy settings, certain information is visible to other users:

Match Game candidates see your first name and last initial only, your age, your primary profile photo, your vibe and drink tags, and signals of past co-presence at venues (badges like "crossed paths," "same vibe"). Mutual matches see your full Match Game profile including additional photos and bio. Accepted friends see your full last name (you accepted them; they know you), your full profile, and your live location if you have not turned location-sharing off for them. Pending friend request senders/recipients see enough identity information to recognize you (name + photo) so the pending request decision is informed.

We never share with other users your phone number, email address, date of birth, or precise GPS coordinates. We never share who has blocked you.

4.2 With venue owners

Venue owners see aggregate, non-identifiable information:

Aggregate check-in counts and patron demographics (counts by gender, age bucket, vibe tag). Aggregate match counts attributed to their venue. Aggregate ad placard impressions, taps, and conversions. When you purchase from a venue (drink, ticket, VIP), the venue receives the information needed to fulfill: your first name and last initial, the item ordered, a redemption code, and the time window. Venue staff with a refusal-PIN (staff who confirm drink redemptions) record the redemption status (delivered, refused for stated reasons, intoxication flag) but do not see your full identity beyond first name and last initial.

4.3 With service providers

We share information with vendors who help us operate the Service. They are contractually obligated to use the information only to provide their service to us. Key providers include:

Supabase, Inc. — our hosted database and authentication infrastructure. Persona Identities, Inc. — identity verification (ID images, selfie, verification result). Persona's own privacy policy applies to data they collect. Amazon Web Services, Inc. ("AWS"). AWS Rekognition performs (a) explicit-content moderation on all profile photo uploads and (b) face-geometry comparison between verified users' uploaded photos and their Persona-verified ID face geometry. AWS acts as a service provider on BarMatch's behalf for these operations. AWS's practices, including data handling and security certifications, are described at aws.amazon.com/rekognition. The face-geometry vector for verified users is stored in an AWS-managed Rekognition Face Collection per our BIPA Notice. Stripe, Inc. — payment processing for card-on-file purchases (drinks, tickets, VIP) and Stripe Connect payouts to venue owners. Stripe's own privacy policy applies to data they collect. Twilio Inc. — SMS verification at signup and SMS-based friend invites. Twilio sees your phone number to deliver messages. Resend Communications, Inc. — transactional and marketing email delivery. Resend sees your email address only. RevenueCat, Inc. — App Store / Play Store in-app purchase orchestration and entitlement tracking. Square, Inc. — venue point-of-sale integration if your venue connects Square as their POS. Apple Inc. and Google LLC — sign-in, in-app purchases via Apple App Store and Google Play Store, push notifications via APNs and Firebase Cloud Messaging, and pass delivery to Apple Wallet and Google Wallet. Hive AI, Inc. — automated content moderation of uploaded photos. Cloudflare, Inc. — bot-protection via Turnstile on the law-enforcement data-request webform. Vercel Inc. — hosting of the barmatch.com marketing site, venue-owner dashboard, and admin CMS. Cloudflare R2 (or Supabase Storage) — storage for venue map tiles (PMTiles) used by the in-app map. Google Cloud Platform — Safe Browsing URL scanning for venue-owner-pasted menu links. Sentry and PostHog — error monitoring and product analytics. Both providers see aggregated event data; neither receives raw identifiers.

The list above reflects providers currently in use or planned to be in use at launch. We will update this list when material additions or removals occur.

4.4 With law enforcement and in legal processes

We disclose information to law enforcement and government authorities only in response to:

Valid subpoenas, warrants, court orders, or other lawful legal process, submitted through our webform at barmatch.com/legal/data-request . Emergency requests from law enforcement involving imminent danger to life, with documentation that we may verify. Disclosures required by our legal counsel to defend BarMatch or enforce our Terms of Service.

We publish transparency reports periodically describing the volume and type of law-enforcement requests received and our response rate.

4.5 In connection with a business transaction

If BarMatch or substantially all of its assets are acquired, merged, or otherwise transferred, your information may be transferred to the acquiring entity. We will notify you of any such transfer and your options before the transfer takes effect.

4.6 With your consent

We share information for any other purpose with your explicit consent at the time of sharing.

5. Your rights and choices

5.1 Access and correction

You may access most of your information directly in the app under Account → Manage Profile and Account → Privacy. To request a copy of all data we hold about you, email privacy@barmatch.com. We will respond within 30 days.

Persona-verified identity fields (first name, last name, date of birth, gender) are write-once after identity verification — editing requires re-verification through Persona or contact with support.

5.2 Deletion

You may delete your account at any time from Account → Delete Account. After you submit a deletion request:

A 60-day grace period begins during which the account is deactivated but not yet purged. During this period your profile is invisible to other users; matches and conversations are archived but not visible. You may reverse the deletion within the 60-day window by signing back in. After 60 days, your account is permanently deleted: profile, photos, matches, messages, vibe checks, friend graph, and related personal data are removed from active storage. Some information is retained as required by law (e.g., financial transaction records for tax purposes), or in anonymized aggregate form for analytics. Information in legal-hold status (e.g., subject to a law-enforcement preservation order or active investigation) is retained until the hold is released.

5.3 Communication preferences

You may turn off any push notification category in Account → Notifications. You may unsubscribe from marketing emails using the link in any marketing email or the List-Unsubscribe header. Transactional messages (SMS verification, payment receipts, drink redemption confirmations) cannot be turned off while you have an active account.

5.4 Permissions on your device

You may revoke contact, location, camera, and notification permissions at any time through your device's system Settings. Revoking certain permissions may disable corresponding features (e.g., revoking location prevents check-in).

5.5 Data portability

Upon request, we will provide your information in a structured, commonly used, machine-readable format (typically JSON). Email privacy@barmatch.com.

5.6 California residents

If you are a California resident, the California Consumer Privacy Act and California Privacy Rights Act provide you additional rights, including:

The right to know what personal information we collect, use, disclose, or sell about you. The right to delete personal information we collect from you. The right to correct inaccurate personal information. The right to limit our use of your sensitive personal information (we currently use sensitive personal information only for the purposes disclosed in this Policy). The right to opt out of the sale or sharing of your personal information for cross-context behavioral advertising. We do not sell your personal information and we do not share it for cross-context behavioral advertising. The right to be free from discrimination for exercising these rights.

To exercise these rights, email privacy@barmatch.com with the subject line "California Privacy Rights Request." We may need to verify your identity before responding.

5.7 Authorized agent requests

You may designate an authorized agent to make a privacy request on your behalf. The agent must provide signed authorization, and we may also verify your identity directly.

6. Data retention

Specific retention periods are listed below. Retention may be extended where legally required.

Account profile and credentials — kept while the account is active; removed within 60 days of an account deletion request. Matches and chat messages — 60 days from match creation, then automatically purged. Vibe checks — retained until purged with the associated chat record at 60 days. Drink offers, ticket purchases, and other transactions — retained for as long as required by tax and accounting law, typically seven years. Payment records held by Stripe — governed by Stripe's retention policies. Identity verification result records — retained while the account is active and for any legally required period afterward. Check-ins and venue analytics — individual check-in records expire from active storage after a venue season; aggregated counts are retained indefinitely in anonymized form. Audit log entries — kept indefinitely for security investigation. Audit-log entries include only event metadata (who did what when), not message bodies or photo content. Backups and disaster-recovery copies — backup retention follows our infrastructure provider's policy and may temporarily extend deletion timelines by up to 90 days.

7. Children's privacy

BarMatch is intended only for users 21 years of age or older. We do not knowingly collect personal information from anyone under 21. We enforce the age requirement at signup (self-attested date-of-birth check, hardened by Persona identity verification and a database constraint), at every drink purchase (staff PIN confirmation), and at content moderation. If we learn that we have collected personal information from someone under 21, we will delete that information promptly. If you believe we may have collected information from a person under 21, please contact us at privacy@barmatch.com.

8. Security

We use industry-standard administrative, technical, and physical safeguards to protect personal information against unauthorized access, alteration, disclosure, and destruction. These include:

Encryption in transit (TLS 1.2 or higher) for all client-server communication. Encryption at rest for payment-related and POS credentials (AES-256-GCM). Server-side input validation and parameterized queries to prevent injection attacks. Row-level security in our database so each authenticated user can only access rows they are entitled to. Rate limits, bot protection, and abuse detection on authentication, friend-invite, and payment surfaces. Screen-protection on financial and personal screens (Android FLAG_SECURE; iOS secure-text-entry behavior on protected surfaces) to discourage screenshot leakage. Background-process integrity checks for content moderation and fraud detection. Audit logging of administrative actions.

No internet-transmitted information can be guaranteed to be 100 percent secure. If a breach of personal information occurs that is reasonably likely to result in identity theft, fraud, or other material harm, we will notify affected users and applicable authorities as required by law.

9. International users

BarMatch is initially launched only to users physically located in the United States. If you access BarMatch from outside the United States, your information is transferred to, stored in, and processed in the United States. By using BarMatch from outside the United States, you consent to that transfer and processing.

We do not currently offer the Service to users in the European Economic Area, the United Kingdom, Switzerland, or other non-United States jurisdictions. We may expand to additional jurisdictions in the future and will update this Policy with the applicable terms before doing so.

10. Illinois Biometric Information Privacy Act (BIPA) compliance

This Section applies to BarMatch users in Illinois and explains how we handle biometric identifiers and biometric information (collectively, "biometric data") under the Illinois Biometric Information Privacy Act, 740 ILCS 14/1 et seq. ("BIPA"). For the public retention and destruction schedule required by 740 ILCS 14/15(a), see our standalone BIPA Notice, which is incorporated by reference into this Policy.

10.1 Biometric data BarMatch causes to be collected

BarMatch itself does not collect, scan, or store biometric identifiers directly. Two BarMatch features cause biometric data to be processed through service providers; both require your explicit opt-in:

Identity verification. When you choose to verify your identity (an optional paid feature, $2.99 one-time or free with a Premium subscription), our identity-verification partner Persona Identities, Inc. ("Persona") collects a photograph of your government-issued ID, a live selfie, and derives a face geometry from those images to confirm the photo on the ID matches the selfie. Persona is the data controller and retention party for that biometric data; BarMatch receives only the verification result, your legal name, date of birth, gender, and a Persona inquiry ID for audit purposes. BarMatch does not store the ID image, the selfie, or any face-geometry template. Profile photo face-match (verified users only). Once you complete identity verification, each photo you upload to your BarMatch profile is compared, using face geometry, against the face geometry derived from your Persona-verified ID. This face comparison is performed by Amazon Web Services, Inc.'s Rekognition service ("AWS Rekognition"), acting as a service provider on BarMatch's behalf. The comparison runs at upload time; photos whose face geometry does not match the verified ID are rejected and never appear on your profile. The face- geometry vector derived from your verified ID is stored in an AWS-managed Rekognition Face Collection associated with your account. Unverified users do not have face- geometry vectors stored and do not undergo this biometric comparison. Profile photos uploaded by unverified users are subject only to (a) explicit-content moderation (which does not derive biometric data) and (b) perceptual- hash duplicate detection (which compares photos against existing platform photos for re-use, also non-biometric).

10.2 Written informed consent

BarMatch obtains your written, informed consent before any biometric data is collected through our Services, as follows:

For identity verification: by tapping the "Verify Now" button on the Verify Your ID screen, you agree to Persona's biometric collection and processing of your ID image, selfie, and resulting face geometry, and you authorize Persona to return the verification result to BarMatch. For profile photo face-match: by uploading a photo to your BarMatch profile, you consent to BarMatch's face-geometry comparison between that photo and your Persona-verified ID face geometry, solely for the purpose of confirming identity integrity. If you do not wish to consent to face-match processing, do not upload profile photos (an account without profile photos cannot use the Match Game or send drinks, tickets, or vibe checks, but you can still browse venues).

10.3 Retention and destruction schedule

In compliance with 740 ILCS 14/15(a), we maintain the following public retention and destruction schedule for biometric data processed through our Services:

Persona-held biometric data (ID image, selfie, face geometry). Persona retains this data according to their data processing agreement and applicable law. Their public retention schedule is available at withpersona.com/legal/privacy-policy. BarMatch does not control Persona's retention period independently. BarMatch-held biometric-derived data (verified users only). The face-geometry vector derived from your Persona-verified ID is stored in an AWS Rekognition Face Collection. It is retained for the duration of your active BarMatch account plus thirty (30) days after account closure, OR until your account is dormant (no app login) for three (3) consecutive years, whichever comes first. At either trigger, the vector is permanently and irreversibly deleted. If dormancy fires, you will be prompted to re-consent at next login if you wish to continue uploading profile photos.

See the standalone BIPA Notice for the full retention + destruction schedule, including destruction triggered on user request and on expiration of the business need.

10.4 Disclosure, sale, and dissemination

In compliance with 740 ILCS 14/15(d), BarMatch does not sell, lease, trade, or otherwise profit from your biometric data, and does not disclose, redisclose, or otherwise disseminate your biometric data except:

To the service provider (Persona) collecting and processing the biometric data on your behalf and BarMatch's behalf; To comply with a valid warrant, subpoena, or court order issued by a court of competent jurisdiction; or As required by federal, state, or local law or municipal ordinance.

10.5 Standard of care

In compliance with 740 ILCS 14/15(e), BarMatch and its service providers store, transmit, and protect from disclosure all biometric data using the reasonable standard of care within our industry, and in a manner that is the same as or more protective than the manner in which we store, transmit, and protect other confidential and sensitive information.

10.6 Your BIPA rights

Illinois residents may at any time:

Request information about biometric data we cause to be collected from you, the purpose of collection, and our retention schedule. Withdraw consent to future biometric collection (further uploads will be blocked but past data will be destroyed per the schedule above). Request immediate destruction of biometric-derived data we hold about you. We will honor this request within thirty (30) days for data we directly control. For data held by Persona, we will forward the request and identify Persona's contact for direct follow-up.

Send BIPA requests to privacy@barmatch.com with "Illinois BIPA request" in the subject line.

11. Changes to this Privacy Policy

We may update this Policy from time to time. When we make material changes, we will notify you through the app, by email, or by an in-app banner before the change takes effect, and we will revise the "Last updated" date at the top of this document. Continued use of the Service after a change indicates your acceptance of the updated Policy.

12. Contact us

If you have questions about this Privacy Policy or our privacy practices, contact us at:

Mail: BarMatch LLC

980 N MICHIGAN AVE STE 1090 # 943505, CHICAGO, IL 606110000

Or electronically:
privacy@barmatch.com

We will respond to verifiable consumer requests within 30 days, or within 45 days where additional time is required and permitted by law.