Legal

Privacy notice.

What we collect, why we collect it, who we share it with, and how to control it. In plain English, the way we'd want it explained to us.

EFFECTIVE: JUN 1, 2026 · LAST UPDATED: JUN 1, 2026
Heads up. This is a starting template written in plain English. Before twekes signs paying partners, processes payments, or operates outside Lebanon, this document should be reviewed by counsel and aligned with applicable data-protection law (Lebanese Law 81/2018, EU GDPR for users in Europe, etc.).

1. Who's collecting your data.

twekes ("twekes", "we", "us") is the data controller for the personal information you share with the Service. The Service includes our mobile apps for iOS and Android, our website at www.twekes.com, our partner portal at twekes.com/partners, our super-admin tooling at twekes.com/admin, and any related services we run.

2. What we collect.

Account information.

When you sign up we collect your email, password (hashed, never in plain text), display name, handle, and city. Partners also provide a business name. Coaches also provide specialty tags and contact details. Super-admins are flagged on their profile.

Profile information.

Optional fields you can fill in: bio, age range, run types, other sports, your area within a city, your preferred avatar tone. You decide what to share.

Run and activity data.

RSVPs to club runs, solo runs you post, distance, pace, duration, time of day, meeting points (including GPS coordinates if you attach a map pin), and your run log history.

Location.

If you allow it, we use your device's foreground location to figure out the nearest of our six cities so the Feed and Explore tabs surface runs around you. We do not run a continuous background location tracker. You can revoke location permission at any time in your phone's system settings; twekes falls back to "Beirut" as a default city.

Photos and media.

Photos and videos you post to the camera flow, "Seen on the road" posts, partner cover photos, your profile picture. We store the files in our Supabase storage buckets.

Messages.

Direct messages between runners, event chat threads, solo-run chat threads, partner inbox messages, and coach AI conversations.

Device and technical data.

Expo push-notification token (so we can send the run-reminder push), basic device information (OS, app version), IP address and request logs (for security and abuse prevention).

Partner-specific data.

For partners: venue name, category, address, opening hours, perk, phone, website, Instagram handle, cover photo URL, the tier you signed up under, and your account's approval status.

What we don't collect.

3. Why we collect it.

4. Who we share it with.

Other runners.

Your display name, handle, city, profile photo, RSVPs to club runs you join, and any solo runs or "Seen on the road" posts you've made are visible to other runners on twekes. That's the whole point — twekes is a coordination layer. Don't post anything you wouldn't want a fellow runner to see.

Partners.

When you DM a partner, the partner sees your display name and message contents. Partners do not get your email, phone number, or location unless you share them in the message.

Coaches.

Coaches see the messages you send them and your display name. We do not pass them your training history without your explicit consent.

Service providers.

The third-party providers we use to deliver the Service. We share only the minimum data each one needs to do its job:

Legal authorities.

We may disclose your data when required by Lebanese law or a valid legal request from a competent authority. We push back on requests we think are overbroad.

Acquirers.

If twekes is ever acquired or merged, your data may transfer to the acquirer under the same protections set out in this notice. We'll notify you in-app before that happens.

5. Cookies and similar technology.

On the website we use a small set of strictly-necessary cookies and local storage entries to keep you signed in to the partner portal and the admin panel. We don't run advertising or cross-site tracking cookies. In the mobile app we don't use cookies — sessions are stored in the device's secure storage.

6. How long we keep it.

7. Your rights.

Subject to applicable law, you have the right to:

Most of these you can do yourself from the Profile screen in the app. For the rest, email privacy@twekes.app — we'll respond within 30 days.

8. Security.

We protect your data with row-level security on the database, TLS encryption in transit, encryption at rest for backups, rate-limited APIs, and admin-only access to operational tooling. No system is perfectly secure — if a breach affects you, we'll notify you and the appropriate authorities as required by law.

9. Children's privacy.

twekes is not for people under 16. We don't knowingly collect data from anyone under 16. If you believe a child has an account, please tell us at privacy@twekes.app and we'll remove it.

10. International data transfers.

Our service providers (Supabase, Expo, Anthropic, Resend, etc.) host infrastructure outside Lebanon — typically in the EU and the United States. When your data crosses borders, we rely on each provider's standard data-transfer protections and contractual commitments.

11. Updates.

We may update this Privacy Notice. Material changes will be announced in the app or by email at least 14 days before they take effect. The "Last updated" date at the top of this page always shows when the current version went live.

12. Contact.

Privacy questions, data requests, or breach reports go to privacy@twekes.app. Everything else goes to hello@twekes.app.