BingeSync Privacy Policy
Last Updated: May 20, 2026 — Version 2.3
Brawn Design LLC ("we," "us," or "our") operates the BingeSync service (the "Service"). The Service includes the BingeSync mobile applications for iOS and Android (together, the "App") and the BingeSync website at bingesync.com (the "Site"), which today hosts our landing page, this Privacy Policy, our Data Deletion Policy, an invite-link bridge (/join/<token>), and a data-export request page. References to the "App" throughout this Privacy Policy also apply to the Site where context permits. This Privacy Policy explains what information we collect, how we use it, who we share it with, and your rights regarding that information.
By creating an account or using the Service, you agree to the collection and use of information as described in this policy. If you do not agree, please do not use the Service.
1. Information We Collect
1.1 Information You Provide
| Data | When Collected | Purpose |
|---|
| Email address | Account registration | Authentication, password reset, account communications |
| Display name | Account registration or profile setup | Identifying you to other users in groups |
| Password | Email/password registration | Authentication (hashed by Firebase Auth; we never see your plaintext password) |
| Profile photo | When you upload one | Displayed on your profile and in groups |
| Country selection | Settings | Filtering streaming availability for your region (US, UK, CA, AU) |
| Content rating preferences | Settings | Filtering out content you do not wish to see (e.g., R, NC-17) |
| Movie/show lists | When you create or edit lists | Core App functionality |
| Group memberships | When you create or join groups | Social features, shared lists |
| AI movie search queries | When you use the AI recommendation feature | Generating personalized movie recommendations |
| Age group (under 13, 13–17, or 18+) | Registration (age verification) | Legal compliance (COPPA), age-appropriate experience |
| Terms acceptance | Registration | Legal compliance |
1.2 Information From Third-Party Sign-In
If you sign in with Google or Apple, we receive:
- Google Sign-In: Your name, email address, and profile photo URL. We also request read-only access to your Google Contacts to help you find friends on BingeSync. We do not store your contacts.
- Apple Sign-In: Your name and email address (or Apple's private relay email if you choose "Hide My Email").
We do not receive or store your Google or Apple password.
1.3 Information Collected Automatically
| Data | Technology | Purpose |
|---|
| App usage events (screens viewed, features used, searches performed) | Firebase Analytics | Understanding feature usage and improving the App |
| Crash reports and error logs | Firebase Crashlytics | Identifying and fixing bugs |
| App version and build number | Package Info | Displayed in-app; helps with support requests |
| Device type and operating system | Firebase (automatic) | Ensuring compatibility and diagnosing issues |
| Firebase App Check tokens | Firebase App Check | Preventing abuse and unauthorized API access |
| Push notification tokens | Firebase Cloud Messaging | Delivering push notifications (if enabled) |
1.4 Information We Do NOT Collect
- Date of birth (we ask for your date of birth during registration solely to calculate your age group; the date itself is not transmitted to our servers or stored anywhere)
- Precise geolocation or GPS data
- Contacts (we request read-only scope for Google Sign-In but do not download or store your contacts)
- Financial or payment information (subscriptions are processed by the Apple App Store or Google Play Store; we do not see your payment details)
- Health or biometric data
2. How We Use Your Information
- Provide the Service: Authenticate your account, display your profile to group members, manage your movie lists and groups, show streaming availability for your country, and deliver AI-powered movie recommendations.
- Improve the App: Analyze usage patterns to prioritize features, fix bugs identified through crash reports, and optimize performance.
- Communicate with You: Send password reset emails, email verification links, and (if you enable notifications) push notifications about group activity.
- Ensure Security: Validate App Check tokens to prevent abuse, enforce authentication on all data access, and monitor for unauthorized activity.
- Display Advertising: We may display ads through Google AdMob. AdMob may use device identifiers and usage data to serve relevant advertisements. See Section 4 for details.
- Process Subscriptions: We use RevenueCat to manage subscription entitlements for BingeSync Plus. Payment information is never transmitted to RevenueCat or to us; payments are handled entirely by the Apple App Store or Google Play Store. See Section 4 for details.
2.1 Advertising and Ad Personalization
Free-tier users see advertisements served by Google AdMob. Depending on your device settings and jurisdiction, these ads may be personalized using device identifiers (such as the Advertising ID on Android or the Identifier for Advertisers on iOS), coarse location, and general usage data.
- iOS (14.5+) App Tracking Transparency (ATT): On iOS 14.5 and later, the App will present an ATT prompt asking for your permission to track you across apps and websites for ad personalization. If you deny the prompt, AdMob will serve non-personalized ads only, and we will not pass your Identifier for Advertisers (IDFA) to ad networks.
- Android: You can reset your Advertising ID, opt out of ad personalization, or delete your Advertising ID through your device's Google Settings → Ads menu. When deleted, AdMob will serve non-personalized ads only.
- Opting Out: You can also opt out of personalized ads at any time through Google's Ad Settings. Subscribing to BingeSync Plus removes all advertising from the App.
- Under-13 Users and COPPA: Users identified as under 13 are blocked from account creation and therefore cannot view ads within the App. For any context in which a user is known or inferred to be under the age of 13 (for example, through tagged ad requests or child-directed flags), we instruct AdMob to serve only non-personalized, COPPA-compliant ads and we disable the collection of persistent identifiers for advertising purposes. No behavioral advertising data is knowingly collected from children under 13.
3. How We Store and Protect Your Information
3.1 Cloud Storage
Your account data, movie lists, groups, and profile photos are stored on Google Firebase infrastructure (Cloud Firestore and Cloud Storage). Firebase data centers use encryption at rest and in transit. Our Cloud Functions run on Google Cloud Platform.
3.2 Local Storage
The App caches certain data on your device (using SharedPreferences) to improve performance and provide limited offline access:
- Movie and show data (24-hour expiry)
- Your movie lists (refreshed on each app launch)
- Feed content (refreshed on each app launch)
Local cached data is cleared when you uninstall the App or clear the App's data through your device settings.
3.3 Security Measures
- All network traffic uses HTTPS/TLS encryption.
- Passwords are hashed by Firebase Authentication; we never store plaintext passwords.
- Firebase App Check protects our backend functions from unauthorized access.
- Firestore security rules enforce that users can only read and write their own data, with controlled access for group and public features.
- Administrative privileges are managed via Firebase Auth custom claims (server-side only; they cannot be self-assigned by users).
- AI recommendation queries are sanitized to prevent prompt injection attacks.
While we implement industry-standard protections, no system is 100% secure. We cannot guarantee absolute security of your data.
4. Third-Party Services and Data Sharing
We share data with the following third parties only as necessary to operate the App:
| Third Party | Data Shared | Purpose | Privacy Policy |
|---|
| Google Firebase |
Account data, usage analytics, crash reports, push tokens |
Authentication, database, storage, analytics, error reporting, notifications |
Firebase Privacy |
| Google AdMob |
Device identifiers (IDFA on iOS, Advertising ID on Android), IP address, coarse location, ad interaction data. When ATT is denied or the user is under 13, only non-personalized ad signals are sent. |
Displaying personalized or non-personalized advertisements to free-tier users |
Google Privacy Policy |
| RevenueCat |
Anonymous App User ID, platform (iOS/Android), purchase receipts from the App Store or Play Store, subscription status |
Managing BingeSync Plus subscription entitlements and renewal status. RevenueCat does not receive your name, email address, or payment card details. |
RevenueCat Privacy Policy |
| xAI (Grok API) |
Sanitized movie search queries (max 500 characters, no personal data) |
AI-powered movie recommendations |
xAI Privacy Policy |
| TMDB / OMDB / Streaming Availability API |
Movie/show identifiers, country code, genre and rating filters |
Retrieving movie metadata and streaming availability |
TMDB Privacy |
| Apple (Sign in with Apple) |
Authentication tokens |
Account sign-in |
Apple Privacy |
| Google (Google Sign-In) |
Authentication tokens |
Account sign-in |
Google Privacy |
We do not sell your personal information to any third party. We do not share your movie lists, group memberships, or viewing preferences with advertisers.
4.1 Streaming Provider Links and Affiliate Tracking
When you tap a "Watch Now" link, you are redirected to a third-party streaming service (e.g., Netflix, Disney+, Amazon Prime). These links may contain affiliate tracking parameters so that we can attribute referrals and measure whether users found content useful.
We record that a click occurred along with the associated movie/show identifier and the destination provider. Any identifier tying a click to a specific user account is automatically removed after 30 days, after which only aggregate, anonymized click data is retained. The streaming service's own privacy policy governs your use of their platform.
4.2 Subscription Payments
Subscription payments for BingeSync Plus are processed exclusively by the Apple App Store or Google Play Store in accordance with their respective terms. BingeSync does not receive, store, or process your credit card number, billing address, or other payment details. RevenueCat receives an anonymous purchase receipt from the store in order to unlock and validate your subscription entitlement.
5. Data Retention
- Account Data: Retained for as long as your account is active. When you request account deletion, your account is first placed into a 48-hour grace period during which deletion can be cancelled by signing back in. After the grace period elapses, we permanently delete your profile, movie lists, group memberships, and uploaded photos. See Section 6.1 for details.
- Affiliate Click Logs: Records of clicks on "Watch Now" links are associated with your account for up to 30 days, after which the identifying user reference is removed and only aggregate click totals are retained.
- Analytics Data: Retained by Firebase Analytics for up to 14 months (Google's default retention), then automatically deleted.
- Crash Reports: Retained by Firebase Crashlytics for 90 days.
- Local Cache: Movie/show data expires after 24 hours. All local data is removed when you uninstall the App.
- AI Query Logs: Your movie recommendation queries are logged on our Cloud Functions servers for debugging purposes for up to 30 days, then automatically deleted.
6. Your Rights and Choices
6.1 All Users
- Access and Update: View and edit your profile, display name, email, photo, country, and content rating preferences at any time through the App's Settings screen.
- Delete Your Account: You can request account deletion through the App's Settings screen. When you confirm deletion, your account enters a 48-hour grace period. During this window, signing back in will cancel the deletion. After 48 hours, your profile data, movie lists, group memberships, and uploaded photos are permanently deleted. This is a shorter grace period than the industry-typical 30 days and is designed to honor deletion requests promptly.
- Export Your Data: You can export a copy of your BingeSync data at any time by tapping Settings → Export My Data. A Cloud Function assembles your account, movie lists, groups, and saved preferences into a JSON file and delivers it to you. Exports are rate limited to once per 24 hours per account to prevent abuse. See Section 6.4 for details.
- Profile Visibility: You can set your profile to private, which hides you from user search results.
- Content Filtering: You can exclude specific content ratings (G, PG, PG-13, R, NC-17, etc.) from all browse and search results.
- Push Notifications: You can disable push notifications through your device's system settings.
- Ad Preferences: You can opt out of personalized ads through your device settings, through the App Tracking Transparency prompt on iOS 14.5+, or through Google's Ad Settings. Subscribing to BingeSync Plus removes advertising entirely.
- Manage Subscription: You can view, upgrade, downgrade, or cancel your BingeSync Plus subscription through your device's App Store (iOS) or Play Store (Android) account settings.
6.4 Data Export
You may request a copy of the personal data associated with your BingeSync account at any time. The export is triggered from the App's Settings screen (Settings → Export My Data) and is generated by a Cloud Function that runs against your authenticated account.
- Format: Data is delivered as a structured JSON document that includes your profile, movie lists, group memberships, AI recommendation history (if any), content rating preferences, and account metadata.
- Rate Limit: To prevent abuse and protect backend resources, data export requests are limited to one successful export per rolling 24-hour window per account.
- Delivery: The export is made available to you directly through the App once it has been generated. We do not email or transmit it to third parties.
- GDPR Right to Data Portability: This feature satisfies the right to data portability described in Section 6.2 for EEA residents.
6.2 European Economic Area (EEA) Residents — GDPR
If you are located in the EEA, you have additional rights under the General Data Protection Regulation:
- Right of Access: Request a copy of the personal data we hold about you.
- Right to Rectification: Request correction of inaccurate data.
- Right to Erasure: Request deletion of your data ("right to be forgotten").
- Right to Restriction: Request that we limit processing of your data.
- Right to Data Portability: Receive your data in a structured, machine-readable format.
- Right to Object: Object to processing based on legitimate interests.
- Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent.
- Right to Lodge a Complaint: File a complaint with your local supervisory authority.
Legal Basis for Processing: We process your data based on (a) your consent (account creation, AI queries), (b) contractual necessity (providing the App's features), and (c) legitimate interests (analytics, security, improving the service).
6.3 California Residents — CCPA/CPRA
If you are a California resident, you have the right to:
- Know what personal information we collect, use, and disclose.
- Request deletion of your personal information.
- Opt out of the "sale" or "sharing" of personal information. We do not sell your personal information.
- Non-discrimination for exercising your privacy rights.
To exercise any of these rights, contact us at support@bingesync.com. We will respond within 30 days (45 days for complex requests).
7. Children's Privacy
BingeSync is not directed at children under the age of 13. We take the following measures to protect children's privacy:
7.1 Age Verification
During account registration, all users are required to provide their date of birth through a neutral age verification screen. This date of birth is used solely to determine the user's age group and is never stored, transmitted to our servers, or retained in any form. Only the resulting age group category (under 13, 13–17, or 18+) is stored on the user's account.
7.2 Users Under 13
Users who are determined to be under the age of 13 are blocked from creating an account. We do not knowingly collect, use, or disclose personal information from children under 13. As an additional safeguard, the device is temporarily restricted from retrying account creation for 24 hours to discourage attempts to circumvent the age gate.
7.2.1 Advertising and COPPA Compliance
Because users under 13 cannot create an account, they do not see advertisements within the App. In any circumstance in which a user is known or reasonably inferred to be under the age of 13, we tag ad requests to Google AdMob as child-directed so that:
- Only non-personalized, contextual advertisements are served (or no ads at all, depending on the surface).
- Persistent device identifiers (IDFA, Advertising ID) are not collected or shared for advertising purposes.
- Behavioral profiling, remarketing, and interest-based targeting are disabled.
This approach is designed to comply with the Children's Online Privacy Protection Act (COPPA) in the United States and equivalent protections for minors in other jurisdictions (such as the UK Age Appropriate Design Code).
7.3 Users Ages 13 to 17
Users between the ages of 13 and 17 may create an account and use the App. These users should review this Privacy Policy and our Terms of Service with a parent or legal guardian before using the App. We may apply additional restrictions to accounts in this age group in the future, such as limiting social features.
7.4 Parental Inquiries
If you are a parent or guardian and believe your child under 13 has created an account or provided personal information to us, please contact us immediately at support@bingesync.com. We will promptly investigate and delete any such account and associated data.
8. International Data Transfers
Your data is processed and stored on Google Firebase servers, which may be located in the United States or other countries. By using the App, you consent to the transfer of your data to these locations. We ensure that any international transfers comply with applicable data protection laws, including the use of Standard Contractual Clauses where required.
9. Cookies and Similar Technologies
The mobile App does not use browser cookies. However, the Firebase, RevenueCat, and AdMob SDKs store small amounts of data on your device (such as installation identifiers, session tokens, and App Check attestations) through platform-provided mechanisms. This local storage is cleared when you uninstall the App.
If you access BingeSync through a web browser at bingesync.com (for example, our marketing landing page, the legal documents hosted at that domain, the invite-link bridge, or a future expanded web client), the following cookies and similar technologies may be used:
- Strictly Necessary (Session) Cookies: Used to keep you signed in, maintain your authentication session, and protect against cross-site request forgery. These cookies are essential to the operation of the service and cannot be disabled without breaking functionality.
- Firebase Analytics Cookies and Identifiers: Used to measure anonymized page views, feature usage, and performance. These identifiers are not tied to your real name and are retained in accordance with Section 5.
- Ad-Related Cookies: If web pages display advertising, Google AdMob / Google Ads may set cookies used to frequency-cap ads, measure conversions, and, where you have consented, personalize ads. These are subject to the same opt-out mechanisms described in Sections 2.1 and 6.1.
- Consent / Preference Cookies: Used to remember your cookie preferences and regional consent choices (for example, under the GDPR or ePrivacy Directive) so you are not prompted repeatedly.
You can manage or clear cookies through your browser settings. In regions that require consent for non-essential cookies (such as the EEA and UK), a consent banner is displayed on first visit; declining non-essential cookies disables analytics and ad-related cookies but does not affect strictly necessary cookies.
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. When we make material changes, we will:
- Update the "Last Updated" date at the top of this policy.
- Notify you through the App (e.g., a prompt to review and accept the updated terms).
- For significant changes, require you to re-accept the updated policy before continuing to use the App.
Your continued use of the App after a policy update constitutes acceptance of the revised policy.
11. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, contact us at: