Privacy Policy

Shishi ("we," "our," or "us") built the Shishi mobile application to help groups discover activities they all want to do. This policy explains what information we collect, how we use it, and your rights regarding that information.

By using Shishi, you agree to the collection and use of information in accordance with this policy.

Information We Collect

Account information. When you register, we collect your name, email address, and a hashed password. You may also upload a profile photo.

Content you create. Activities you post (title, description, category, location, images, and videos), swipe decisions, chat messages, group memberships, and time slot votes are stored to operate the service.

Device and usage information. We collect your device's push notification token to send you alerts (e.g. when your group gets a match). We do not collect device identifiers for advertising purposes.

Payment information. If you book a paid activity, payment is processed by Stripe. We do not store your card number or full payment details — only the outcome of the transaction.

Waitlist. If you sign up before launch, we store your email address to notify you when the app is available.

How We Use Your Information

• Create and manage your account
• Match your group to activities based on collective swipe decisions
• Deliver push notifications about matches, messages, and scheduling
• Process and record bookings through Stripe
• Display your profile and content to members of your groups
• Respond to support requests
• Improve and debug the service

We do not sell your personal information. We do not use your data to serve you third-party advertising.

Information Shared with Third Parties

We share information with the following service providers, only as necessary to operate the app:

• Stripe — payment processing. Subject to Stripe's Privacy Policy.
• Apple (APNs) / Google (FCM) — delivery of push notifications to your device.
• Cloudflare — storage of uploaded images and videos via Cloudflare R2, and global content delivery.
• Railway — API hosting and database infrastructure.

We may disclose information if required by law or to protect the rights and safety of our users.

Device Permissions

Shishi requests the following device permissions:

• Photo library — to let you choose a profile photo or add images to an activity. We access photos only when you explicitly select them.
• Microphone / audio — required by an underlying framework dependency. Shishi does not currently record or transmit audio.
• Push notifications — to notify you of matches, messages, and scheduling updates. You can disable these in your device settings at any time.

Data Retention

We retain your account and content for as long as your account is active. You may request deletion of your account and associated data at any time by contacting us at privacy@tryshishi.com. We will delete or anonymize your data within 30 days of a verified request.

Waitlist email addresses are retained until the app launches or you unsubscribe, whichever comes first.

Your Rights

Depending on your location, you may have the right to:

• Access the personal information we hold about you
• Request correction of inaccurate data
• Request deletion of your account and data
• Export your data in a portable format
• Object to or restrict certain processing

To exercise any of these rights, contact us at privacy@tryshishi.com.

Children's Privacy

Shishi is not directed at children under 13. We do not knowingly collect personal information from anyone under 13. If you believe a child has provided us with personal information, please contact us and we will delete it promptly.

Changes to This Policy

We may update this policy from time to time. We will notify you of material changes via the app or email. Continued use of Shishi after changes take effect constitutes acceptance of the updated policy.

Contact

Questions about this policy? Reach us at privacy@tryshishi.com.