Privacy Policy — 1STBOND

01

Introduction

1STBOND, LLC ("1STBOND," "we," "our," or "us") provides a mobile-first safety platform that enables identity-verified real-world meetups, safety monitoring, emergency escalation tools, and peer-to-peer payment functionality (the "Services").

This Privacy Policy explains how we collect, use, process, disclose, retain, and protect personal information. 1STBOND, LLC is the data controller for personal information processed under this Privacy Policy unless otherwise stated.

By using the Services, you agree to this Privacy Policy. If you do not agree, please do not use the Services.

02

Information We Collect

A. Information You Provide

We collect information you provide directly to us, including:

Name, email address, and phone number

Account credentials

Meetup details (time, location label, notes)

Emergency contact information

Consent confirmations

Customer support communications

You are responsible for ensuring emergency contacts consent to being listed.

B. Identity & Verification Information (Mandatory)

To participate in meetups or certain payment features, users must submit:

Government-issued identification images

Identity selfie

Meetup-time selfie during verification window

Identity verification may involve automated facial comparison technology and/or review by authorized personnel. Processing includes validating government-issued ID authenticity, comparing facial geometry between ID and selfie, and fraud detection.

Identity data is processed solely for identity confirmation, fraud prevention, and safety enforcement.

C. Biometric & Facial Verification

Facial comparison technology is used to confirm identity at the time of verification.

We do

Use facial data for identity verification
Use facial data for safety enforcement
Obtain consent where required by biometric privacy laws

We never

Sell biometric identifiers
Use facial data for advertising
Use facial data for behavioral profiling
Use facial data to train AI systems

D. Marketplace & Payment Information

1STBOND enables peer-to-peer payments through Stripe Connect. Payment credentials are processed directly by Stripe — we do not store full credit card numbers, bank account numbers, or CVV codes. We may collect transaction amounts, timestamps, status, application fee amounts, and partial payment identifiers.

Stripe acts as an independent payment processor and may act as a separate data controller under its own privacy policy. Users must review Stripe's privacy policy when using payment features.

E. Safety Monitoring Information

During active meetup windows, we collect check-in responses, completion confirmations, monitoring state transitions, and incident classification records. Unresolved meetups may generate safety incident records.

F. Location Information (Opt-In)

Location data is collected only during active meetup windows, only with operating system permission, and only when enabled by the user. Users may disable location sharing at any time. Default retention is 24–72 hours; extended retention applies if tied to an incident or required by law.

G. Automatically Collected Information

We may collect device type, operating system, app version, IP address, log data, and crash diagnostics — used for fraud prevention, performance monitoring, and security.

H. Tracking & Analytics

We may use limited analytics tools for performance and reliability. We do not use personal information for third-party behavioral advertising and we do not sell personal information.

03

How We Use Information

Verify identity

Enforce safety protocols

Facilitate marketplace payments

Prevent fraud

Comply with legal obligations

Improve reliability and performance

04

Legal Bases for Processing

For international users (e.g., EEA/UK), we process personal information on the following legal grounds:

Performance of a contract — to provide and maintain the Services

User consent — for biometric processing and optional features

Legitimate interests — fraud prevention, security, safety

Legal obligations — compliance with applicable law

05

How We Share Information

We may share information in the following limited circumstances:

With emergency contacts during panic events

With Stripe for payment processing

With service providers supporting infrastructure

With identity verification vendors

With law enforcement when legally required

We do not sell personal information.

06

Data Retention

We retain information only as long as necessary to provide Services, maintain safety records, prevent fraud, and comply with legal obligations.

Data Category	Retention Period
Government ID & verification selfies	While account active; longer if required for fraud or compliance
Biometric identifiers	Permanently deleted when purpose is satisfied, or within a reasonable period after account deletion
Payment transaction records	As required for accounting, tax, fraud prevention, and compliance
Location data	24–72 hours unless linked to an incident
Incident records	Retained for safety audits and compliance

07

Security

We implement robust safeguards to protect your personal information:

TLS 1.2+ encryption in transit

Encryption at rest

Secure cloud infrastructure

Role-based access controls

Audit logging

In the event of a data security incident, we will provide notice as required by applicable law.

08

Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal information:

Access

Request a copy of your personal information

Correct

Correct inaccurate personal data we hold

Delete

Request deletion of your personal data

Restrict

Restrict how we process your data

Portability

Receive your data in a portable format

Object

Object to certain processing activities

Deletion requests may require identity verification. Certain records may be retained for legal compliance or fraud prevention.

09

U.S. State Privacy Rights

Residents of certain U.S. states (including California) may have rights to know categories of information collected, request deletion, correct inaccurate information, and opt out of certain data sharing.

We do not sell personal information.

10

International Users

Information may be transferred to and processed in the United States. By using the Services, you consent to this transfer. We implement appropriate safeguards for international data transfers as required by applicable law.

11

Children

The Services are not intended for individuals under 16 years of age. We do not knowingly collect personal information from children under 16. If we learn we have collected such information, we will delete it promptly.

12

Changes to This Policy

We may update this Privacy Policy periodically. When we make material changes, we will update the "Revised Date" at the top of this page and notify users as required by applicable law. Continued use of the Services after changes are posted constitutes acceptance of the updated policy.

13

Contact

For questions, requests, or concerns regarding this Privacy Policy or your personal information, send us a message below.

Get in Touch

We'll respond to admin@1st-bond.com

Message Sent!

Thanks for reaching out. We'll get back to you shortly.