Privacy Policy

This Privacy Policy explains how Winksi collects, uses, and protects information when you use the Winksi mobile application and related services.

Winksi is a location-based social platform that allows users to publish content and connect with other users who are present at the same Point of Interest (POI).

1. Information We Collect

We collect only the information necessary to operate and secure the Winksi platform.

• Account Information: Email address, Password (stored securely), and Date of birth.
• Date of Birth Entry: The date of birth provided during registration is a one-time entry used for age verification and placement into the appropriate age group. Users cannot modify their date of birth after account creation. If entered incorrectly, the user must delete their account and create a new one.
• Verification Signals: Where available, we utilize platform-provided age verification signals (Apple Declared Age Range, Google Play Age Signals) strictly to confirm a user's age group. These are not used for tracking.

2. Age Groups and Safety Restrictions

Winksi strictly separates users into two distinct age groups: 13–17 and 18+. Users from different age groups cannot interact, exchange messages, or view each other’s profiles.

• Age Group Transitions: If a user’s age group changes, profiles belonging to users in their former age group will no longer be visible. Existing connections between users whose age groups have diverged will be permanently removed upon the next message delivery attempt. Note: Due to system synchronization, enforcement of these restrictions may experience a short delay.
• Under 13: If we become aware that a user under 13 has created an account, the account and all data will be immediately removed.

3. Profile Information & Visibility

Users may create a profile containing a Username, Profile picture (thumbnail), Bio text, and displayed age or age group.

Profile image, bio text, and displayed age or age group are profile information made visible to eligible users within Winksi according to the app’s age-group and POI visibility rules. Winksi does not edit or repurpose this information except as needed for technical display, safety enforcement, or moderation.

Visibility Mechanics: Users who are pinned to the same Point of Interest (POI) may view each other’s profiles, provided they are in the same age group. Pinning is allowed when a user is within a proximity radius of the POI (which may extend up to approximately 600 meters), and visibility is based on this POI-based interaction rather than precise real-time location sharing.

4. User-Generated Content

Users may publish public posts, images, and comments. This content is public by default and may be viewed by anyone (including non-users), indexed by search engines, or shared. Winksi may moderate profile images, profile bios, public posts, images, and comments, and may review reported content. Content that violates platform rules or applicable laws may be removed at any time.

5. Private Messaging

Messaging is available only between users who are permitted to interact under Winksi’s age-group rules.

• No E2E Encryption: Messages are not end-to-end encrypted.
• Routing and Storage: Messages may be temporarily retained on our backend systems until delivery confirmation is received from the recipient’s device, or until expiration (up to 10 days). After delivery confirmation or expiration, message data is deleted from our backend systems and not retained in user-accessible systems.
• Delivered Messages: Once delivered, messages are stored on the recipient’s device and automatically delete after 30 days. Because messages are not retained on our backend systems after delivery confirmation, server-side moderation of message content is generally not possible after delivery.

6. User Safety, Blocking, and Moderation

Winksi provides tools allowing users to report inappropriate public content and block other users.

• Block Limit: Users can block up to 200 accounts at one time to prevent further messages and profile visibility. If the limit is reached, an existing blocked account must be removed before a new block is applied.
• Managing Unwanted Messages: If you receive disturbing, offensive, or inappropriate messages, we strongly recommend that you block the sender or remove the connection.

7. Push Notifications

Winksi uses Firebase Cloud Messaging (FCM) to send notifications. Notification metadata (e.g., recipient ID, timestamp, and message length, but not message content) is processed for push delivery and is deleted shortly after successful delivery.

8. Location Data

Winksi may use device location (approximate or precise GPS) to fetch nearby POIs and display location-relevant content. Location data may be used in real time to enable POI functionality and display relevant content. This data may be temporarily stored for active session functionality but is not retained long-term or used for tracking purposes.

9. Technical and Security Data

To maintain service reliability and prevent abuse, we may process IP addresses, Device models, App versions, and Crash logs strictly for security and diagnostics. IP addresses may be processed for security, abuse prevention, and diagnostics purposes and are retained only as long as necessary.

10. Advertising (Google AdMob)

Winksi displays advertisements through Google AdMob, which may collect data such as device identifiers, advertising identifiers, ad interactions, and approximate location.

• Ad Personalization and Consent: Ad personalization and targeting are managed entirely by Google. While Winksi chooses to integrate this service, we do not control Google's ad-serving decisions. To protect user privacy in regulated regions (such as the EEA and UK), Winksi strictly implements Google's User Messaging Platform (UMP). This means no personalized advertising data is processed without the user’s prior consent where consent is required. For details on how Google handles your data, please refer to Google's Privacy Policy.
• User Control: Winksi does not link advertising identifiers with user identities. Winksi does not collect, store, or analyze user behavior for advertising purposes, nor does it sell or share user data with third parties for advertising. Users may manage advertising preferences through device settings or via the in-app consent management options.

11. Data We Do Not Collect

Winksi does not collect contact lists, financial, health, or biometric information, device photos (unless explicitly uploaded), message content after delivery, or cross-app tracking data.

12. Data Retention Summary

• Account Data / FCM Tokens: Until account deletion
• Public Posts: Until deleted by user
• Messages: Retained temporarily until delivery confirmation or up to 10 days max, then deleted. Delivered messages are stored on device (30-day auto-delete).
• Notification Metadata: Deleted shortly after successful delivery
• IP Logs: Retained only as long as necessary for security and diagnostics
• Location Data: Temporarily stored for active session functionality; not retained long-term.

13. Lawful Disclosure

We may preserve or disclose information where required by law, legal process, or to protect rights, safety, and platform integrity.

14. Your Rights & International Privacy Compliance

Depending on your location, you may have rights including access to your personal data, deletion, restriction of processing, and data portability. Users may delete their account at any time through the application settings, which removes all profile data and content from live systems and user-accessible backups, except where retention is legally required.

• GDPR (European Union / EEA): The contact email provided below serves as the official Data Protection Contact for inquiries related to data subject rights.
• CCPA / CPRA (California): Winksi does not sell or share personal information as defined under the CCPA/CPRA.

Winksi is designed with global privacy principles in mind, prioritizing data minimization, user control, and transparency.

15. Changes to This Policy

This Privacy Policy may be updated from time to time. Users will be notified of material changes through the application or app updates.

16. Privacy Contact Information

If you have questions about this Privacy Policy, your data rights, or need to contact our Data Protection representative, please reach out to:

Company: HEKOM – Gjorgje DOOEL
Location: Skopje, North Macedonia
Email: winksi.app@gmail.com