← Back to home

Privacy Policy

Drift is a location-based social app. The core experience lets you create an account, find friends, share location-based posts, see friends at places, and receive location and friend activity notifications. Some features require permissions such as Location, Contacts, Camera, Photos, Microphone, Motion & Fitness, Bluetooth, and Notifications. You can deny or later revoke permissions in your device settings, but some features may not work without the relevant permission.

1. Information we collect

We collect information directly from you, from your device with your permission, through your use of the Service, and from service providers that help operate the Service.

A. Account and profile information

B. Location and motion information

If you grant location permissions, including background location permission, Drift may collect precise device location, latitude, longitude, accuracy, altitude, heading, speed, timestamps, location event identifiers, and related location payloads while the app is open and, when enabled, in the background. Drift uses this information to power maps, detect arrivals and departures, identify likely places, show friends who are at places, send location confirmation prompts, and improve location reliability.

If you grant Motion & Fitness permission, Drift may use device motion activity signals, such as walking, biking, driving, stationary, and similar motion states, to improve location detection and reduce unnecessary location processing. We do not use Motion & Fitness data for advertising or marketing.

C. Contacts information

If you grant Contacts permission, Drift reads names and phone numbers from your address book to help you find people you may know on Drift. Contact phone numbers may be normalized and compared with Drift profile phone numbers to show which contacts are already on Drift. We do not sell your contacts, use them to build a contact database for advertising, or contact people from your address book unless you choose to initiate a specific invitation or communication.

D. Photos, videos, camera, microphone, and user content

If you use avatar, camera, or posting features, Drift may collect:

Your posted content may be visible to friends or other users according to the feature, your settings, and the audience selected at posting time.

E. Bluetooth proximity information

If you allow Bluetooth access or if Drift uses Bluetooth-enabled background features, Drift may process Bluetooth service identifiers, temporary proximity tokens, scan request identifiers, RSSI signal strength, timestamps, scan status, scan duration, and related diagnostic fields. Drift uses this information to privately detect nearby friends at places and improve place-presence features. Bluetooth proximity tokens are designed to be temporary and are used for Drift functionality, not for advertising.

F. Notifications and device information

If you allow notifications, Drift may collect and store Expo push tokens, APNs device tokens, location push tokens, notification environment values, and token update timestamps so we can send friend requests, comments, arrival prompts, location confirmations, and other Service notifications.

We may also collect device and app information such as app version, platform, operating system, network status, app state, language/locale, and limited device or installation identifiers needed for security, push delivery, diagnostics, and app functionality.

G. Usage, diagnostics, logs, and support information

We collect app interactions and technical information needed to operate, troubleshoot, protect, and improve Drift, including activity feed events, search history stored on device, place searches, notification interactions, crash logs, performance data, background geolocation diagnostics, queue sizes, error logs, and support messages or reports you submit. Some diagnostic logs may include location payloads or other personal data when needed to investigate a problem.

H. Information from third-party services

Drift relies on service providers and SDKs that may process information on our behalf, including Supabase for authentication, database, storage, realtime, and serverless functions; Expo and Apple Push Notification service for push and app services; Mapbox for maps; Sentry for crash and error reporting; Google Places or similar place data providers for place search and place details; and cloud hosting or infrastructure providers used to operate the Service.

2. How we use information

We use information for the following purposes:

We do not use precise location, Contacts, Photos, Camera, Microphone, Motion & Fitness, or Bluetooth proximity data for third-party advertising or for data broker tracking.

3. App permissions and your choices

You can control permissions through iOS Settings or in-app flows where provided. Withdrawing a permission stops future collection that depends on that permission, except where information has already been collected and retained as described in this policy.

4. How we disclose information

We disclose information only as described below:

Each third party or service provider with access to user data must provide the same or equal protection for user data as described in this Privacy Policy and as required by applicable App Store guidelines and privacy laws. We do not sell your personal information. We do not share personal information with data brokers. We do not use App Tracking Transparency tracking unless Drift separately requests and receives your permission through Apple's ATT prompt.

5. App Store privacy label summary

Based on the current app implementation, Drift expects the following App Store privacy disclosures to be reviewed and kept consistent with App Store Connect:

Apple data category Examples in Drift Typical use Linked to you?
Contact Infophone number, name fieldsapp functionality, account management, friend discoveryyes
Precise Locationlatitude/longitude, accuracy, heading, speed, timestampsapp functionality, product personalization, diagnosticsyes
Coarse Locationinferred places and place presenceapp functionality, product personalizationyes
Contactscontact names and phone numbers when permission is grantedapp functionality/friend discoveryyes
User Contentavatars, photos, videos, comments, likes, stories, support contentapp functionality, personalization, supportyes
Identifiersuser ID, handle, push tokens, device tokens, request IDsapp functionality, notifications, securityyes
Usage Dataactivity events, notification interactions, search history, settingsapp functionality, diagnostics, personalizationyes
Diagnosticscrash data, performance data, background location logs, error reportsdiagnostics, app functionalitymay be linked
Fitnessmotion activity states from Motion & Fitness APIsapp functionality for location accuracyyes
Other DataBluetooth proximity tokens, scan status, RSSI, place metadataapp functionality, diagnosticsyes or may be linked

This summary is provided to help keep the App Store privacy label accurate. The actual App Store Connect answers must be updated whenever Drift's code, SDKs, backend, data collection, or data uses change.

6. Data retention and deletion

We retain information for as long as reasonably necessary to provide the Service, maintain security, meet legal obligations, resolve disputes, enforce agreements, and support legitimate business needs.

Typical retention practices include:

You may request deletion of your account or personal information by using any in-app account deletion tool that Drift provides or by contacting us at the email listed in Section 13. After we verify your request, we will delete or de-identify personal information unless retention is required or permitted for legal, security, fraud prevention, dispute resolution, accounting, or legitimate business purposes. Backup copies may persist for a limited time before automatic expiration.

7. How to revoke consent and manage data

You can revoke consent or limit collection in these ways:

Revoking a permission may limit core features that depend on that permission, such as background location sharing, nearby-friend detection, friend discovery, media capture, or notifications.

8. Security

We use administrative, technical, and organizational measures designed to protect information from unauthorized access, loss, misuse, disclosure, alteration, and destruction. These measures include authenticated backend access, row-level or similar access controls where applicable, transport security, token-based sessions, secure token storage on device, and restricted provider access. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.

9. International transfers

Drift and its service providers may process and store information in the United States and other countries where we or our providers operate. These countries may have privacy laws that differ from those in your jurisdiction. Where required, we use appropriate safeguards for international transfers.

10. Children

Drift is not intended for children under 13 or for anyone under the minimum age required to use the Service in their jurisdiction. We do not knowingly collect personal information from children under 13. If you believe a child provided us personal information, contact us and we will take appropriate steps to delete it. Drift is not intended to be listed in the App Store Kids Category.

11. Regional privacy rights

Depending on where you live, you may have rights to request access to, deletion of, correction of, portability of, restriction of, or objection to certain processing of your personal information. You may also have the right to withdraw consent where processing is based on consent and the right to appeal a privacy request decision.

California and other U.S. state privacy laws may provide rights to know, access, correct, delete, and opt out of certain sharing or targeted advertising. Drift does not sell personal information and does not share personal information for cross-context behavioral advertising as those terms are commonly used under U.S. state privacy laws. If our practices change, we will update this policy and provide required opt-out controls.

European Economic Area, United Kingdom, and Swiss users may have rights under the GDPR or similar laws. Where applicable, our legal bases may include performance of a contract, consent, legitimate interests, compliance with legal obligations, and protection of vital interests.

12. Changes to this policy

We may update this Privacy Policy from time to time. If we make material changes, we will update the "Last updated" date and provide additional notice when required, such as in-app notice or other appropriate communication. Your continued use of the Service after an update means the updated policy applies to your use of the Service, to the extent permitted by law.

13. Contact us

For privacy questions, requests, or complaints, contact us at: