· Privacy

Your data, protected.

Last updated: May 25, 2026

Version française

1. Data controller

The data controller is Sami El Khoury Salem, publisher of Pingr, residing at Floarea Residence – 609, Dubai, United Arab Emirates.

For any data-related question: support@ping-r.com

Data protection officer (DPO): no external DPO has been appointed at this stage of the service. Requests are handled directly by the publisher at the address above.

2. Data we collect

We only collect data necessary to operate the service:

  • Identity: first name, last name, username, date of birth, gender.
  • Contact: email address, phone number (optional).
  • Avatar: profile photo, where applicable.
  • Contacts you add: first name, last name, date of birth and phone number of the people you choose to add to your address book.
  • Events: title, date, location, message, links and guests you create.
  • Technical identifiers: Supabase user ID, push notification token (OneSignal), and technical activity logs (IP, user-agent) limited to what is strictly necessary for operating and securing the service.
  • Sign-in via third-party providers: if you choose to sign in with Apple or Google, we only receive your email address and, where applicable, your name (depending on what you agree to share). No other Apple or Google data is collected.

3. Purposes

  • Creating and managing your account.
  • Organizing events and inviting your people.
  • Sending reminders and notifications related to your events and birthdays.
  • Connecting you with your people already on Pingr.
  • Service security (abuse prevention, fraud detection).
  • Improving the service.

4. Legal basis

Your data is processed on the basis of:

  • Performance of the service contract you request (GDPR art. 6.1.b), for account management, event organization, and reminders.
  • Your consent (GDPR art. 6.1.a) for push notifications and any optional contact import.
  • Our legitimate interest (GDPR art. 6.1.f) for service security and abuse prevention.

5. Recipients and processors

Your data is never sold. It is entrusted to the following processors, strictly within the scope of the service:

  • Supabase Inc. (Singapore) — database hosting and authentication. Storage region: Asia (ap-south-1).
  • Vercel Inc. (United States) — web app and API hosting.
  • Resend, Inc. (United States) — transactional emails (confirmation, reminders, account notifications).
  • OneSignal, Inc. (United States) — iOS and Android push notifications.
  • Apple App Store and Google Play — mobile app distribution.

6. Transfers outside the European Union

Some of our processors are established outside the European Union (United States, Singapore). These transfers are governed by Standard Contractual Clauses (SCCs) adopted by the European Commission, and where applicable by the Data Privacy Framework for certified US processors.

7. EU representative

Given that the publisher is established in the United Arab Emirates, and given the occasional and small-scale nature of processing at the current stage of the service, no representative within the meaning of GDPR article 27 has been appointed. Such an appointment will be made if the service is opened to regular use by EU residents.

8. Retention period

Your data is kept for as long as your account is active. Upon account deletion (from the app: Profile > Account > Delete my account), all your data — including your avatar — is erased immediately, except for technical logs needed to meet our legal obligations (maximum 12 months).

9. Your rights

Under GDPR, you have the right to access, rectify, erase, restrict, object to, and port your data.

You can exercise most of these rights directly from the app (Profile > Account) or by emailing support@ping-r.com. We respond within a maximum of one month.

You also have the right to lodge a complaint with the supervisory authority of your country of residence (in France: the CNIL — cnil.fr).

10. Cookies and trackers

The website only uses cookies strictly necessary for authentication and service operation. No third-party analytics cookies are placed without your consent.

Pingr does not track your activity across other apps or websites.

11. Security

Your data is stored encrypted in transit (HTTPS/TLS) and at rest. Data access is restricted to operations necessary for the service via Supabase Row-Level Security. Passwords are stored hashed and are never accessible in plain text.

12. Changes

This policy may be updated to reflect changes to the service or to regulations. Any substantial modification will be notified by email or via the app.

13. Contact

For any question related to your data: support@ping-r.com

Legal notice · Terms · Support