OUT DARE radar symbolOUT DARE

Privacy Policy

Plain-English summary of what data OutDare collects, why, and who else sees it.

Last updated: 9 May 2026

The short version. OutDare needs your email to sign you in, your location to show nearby paragliding spots, and an anonymous device token to send you flyability alerts. We use Supabase (database), Mapbox (maps), Open-Meteo (weather), Firebase Cloud Messaging (push), and PostHog (analytics). We do not sell your data. We do not track your location in the background.

1. Who we are

OutDare (“we”, “us”) is the operator of the OutDare mobile application. For data-protection purposes, the controller is the publisher of the app. You can reach us at contact@outdare.app.

2. What we collect

Account data

  • Email address — used as your sign-in identifier and for account recovery. Required.
  • Display name and pilot profile fields (skill level, preferred wind range, etc.) — optional, set during onboarding. Used to personalise flyability calculations.
  • Friends and friend requests — pairs of user IDs you have explicitly connected with.

Location

  • Approximate or precise GPS, only while the app is open (“when in use”). Used to centre the map on you and to find nearby spots. We never request background location.
  • Your device sends location to our servers only when you actively perform a search or save a spot to favourites. We do not log a continuous location trail.

App-generated data

  • Favourites, spot alerts (your saved wind/condition thresholds), and any spots you submit to the community. Stored in our Supabase database under your user ID.
  • Activity feed events generated by your friends and yourself (favourited a spot, flew somewhere, etc.).
  • Push notification tokens registered by Firebase Cloud Messaging, paired with your locale, so we can deliver alerts in the right language.

Analytics & diagnostics

  • PostHog events such as which screens you opened and which buttons you tapped. Used only to understand which features get used. We use PostHog's anonymised distinctId; we do not send your email or precise location to PostHog.
  • Crash reports via Flutter's standard error reporting — stack traces with no personal identifiers.

What we do not collect

  • Your contacts, photos, calendar, microphone, or camera.
  • Your background location.
  • Advertising identifiers (we do not run ads).
  • Payment information (the app is free).

3. Third-party services

OutDare relies on the following processors. Each receives only the data needed to perform its function.

ServicePurposeData shared
SupabaseAuthentication, database, edge functionsEmail, app data, device tokens
Firebase Cloud Messaging (Google)Push-notification delivery (Android)Anonymous device token
MapboxMap tiles and geocodingMap viewport, search queries
Open-MeteoWeather forecastsSpot coordinates only — no user identifiers
PostHogProduct analyticsAnonymised event stream
paraglidingearth.comSource of community spot dataCountry code only, no user identifiers
YouTube / VimeoEmbedded webcam streamsSubject to their own privacy policies when you tap a webcam

4. Legal basis (GDPR)

  • Contract — processing your account data is necessary to provide the service you signed up for.
  • Consent — push notifications and location access are only used after you grant the OS-level permission, which you can revoke at any time.
  • Legitimate interest — anonymised analytics to improve the product, balanced against minimal privacy impact.

5. Data retention

Account data is kept while your account is active. If you delete your account (see Section 7), we delete your account record and all linked spot alerts, favourites, friend connections, and submissions within 30 days. Anonymised analytics events are retained up to 12 months.

6. International transfers

Some of our processors (Google, PostHog, Mapbox) are headquartered in the United States. Data transfers rely on Standard Contractual Clauses or equivalent safeguards as required by GDPR.

7. Your rights

Under GDPR and similar regimes you have the right to access, correct, export, or delete your data, and to object to or restrict processing. You can:

  • Edit your profile in the app settings.
  • Revoke permissions (location, notifications) in your device settings at any time. The app continues to work with those features disabled.
  • Delete your account from Settings → Account → Delete account, or by emailing contact@outdare.app.
  • If you believe we have mishandled your data, you have the right to complain to your national data-protection authority (e.g. the CNIL in France).

8. Children

OutDare is not directed at children under 13 (under 16 in the EU). We do not knowingly collect data from anyone in those age brackets. If you believe a minor has created an account, contact us and we will delete it.

9. Security

Database access is gated by Supabase row-level-security policies tied to your user ID. Network traffic uses TLS. We follow industry-standard practices but no system is perfectly secure; promptly report suspected breaches to contact@outdare.app.

10. Changes to this policy

We will post the updated policy at this URL and revise the “Last updated” date above. For material changes affecting your rights, we will notify you in-app before the change takes effect.

11. Contact

Questions, requests, or complaints: contact@outdare.app.