Privacy Policy

This Privacy Policy explains how Locally (“we”, “us”, or “our”) collects, uses, stores, and shares information when you use the Locally mobile app for Android (“App”).

Locally helps newcomers settle in and meet people in the Netherlands. The App provides guided checklists, social discovery content, and optional human support via WhatsApp.

If you have questions about this policy or your data, contact us at info@locallyforexpats.com.


1. Who is responsible for your data?

Data controller:
Locally

For privacy-related requests, email info@locallyforexpats.com.

This policy is intended to meet the requirements of the EU General Data Protection Regulation (GDPR) and the Dutch Implementation Act (AVG), as well as Google Play’s data disclosure requirements.


2. What information we collect

We collect only the information needed to operate the App. We do not sell your personal data.

2.1 Information you provide

Data When collected Purpose
Google account sign-in When you sign in with Google Create and secure your Locally account
Onboarding answer When you complete onboarding Personalize your experience (e.g. settling in vs. meeting people)

When you sign in with Google, we receive information made available by Google, which typically includes:

Your onboarding answer is one of: help getting settled, help meeting people, both, or just exploring.

2.2 Information stored in our systems

When you use the App while signed in, we store the following in Google Cloud Firestore (via Firebase), linked to your account identifier:

We do not currently store your checklist progress or Meet screen selections on our servers. Those choices exist only in the App during your current session unless you contact us separately (for example via WhatsApp).

2.3 Information collected automatically

We use Firebase Analytics (Google) to understand how the App is used and to improve it. Analytics may include:

We do not set a custom analytics user ID in the App. Firebase may still associate events with an app installation or authenticated session using identifiers managed by Google.

We do not request access to your precise location, contacts, camera, microphone, or photo library through the App.

2.4 Information we do not collect

The App does not:


3. How we use your information

We use your information to:

  1. Provide the App — authenticate you, remember onboarding completion, and deliver core features.
  2. Improve the product — understand feature usage through analytics.
  3. Support you — when you choose to contact us via WhatsApp or external links.
  4. Protect the service — maintain security, prevent abuse, and troubleshoot issues.
  5. Comply with law — respond to lawful requests where required.

Legal bases (GDPR)

Processing activity Legal basis
Account creation, authentication, and storing onboarding data Performance of a contract / steps at your request before using the App
Product analytics Legitimate interests in understanding and improving the App, balanced against your privacy rights
Responding to support requests you initiate Performance of a contract and/or legitimate interests
Legal compliance Legal obligation

Where required by law, we will rely on consent instead of legitimate interests.


4. Third-party services

We use trusted service providers to run the App. They process data on our behalf and under their own privacy terms as well.

4.1 Google / Firebase

We use Google services for:

Google’s privacy information:
https://policies.google.com/privacy

Firebase data processing information:
https://firebase.google.com/support/privacy

4.2 WhatsApp (Meta)

If you tap a “Ask Locally” or similar WhatsApp button, the App opens WhatsApp (or a browser fallback) with a prefilled message. We do not receive the contents of any conversation you have in WhatsApp unless you send it to us there voluntarily.

WhatsApp is operated by Meta. Meta’s privacy policy applies to your use of WhatsApp:
https://www.whatsapp.com/legal/privacy-policy

4.3 External websites and apps

The App may link to third-party websites (for example, government resources, venue websites, or YouTube). We do not control those sites and are not responsible for their privacy practices.


5. How long we keep your information

Data type Retention
Account and onboarding data in Firestore Until you delete your account or ask us to delete it
Firebase Authentication account Until you delete your account or ask us to delete it
Firebase Analytics event data According to Firebase/Google retention settings (commonly up to 14 months, depending on project configuration)
Support messages you send us via WhatsApp As long as needed to handle your request and meet legal/accounting obligations

When you delete your account in the App, we delete your Firestore user document and your Firebase Authentication account. Analytics data already collected may remain in aggregated or pseudonymous form according to Google’s retention rules.


6. How to delete your account and data

You can delete your Locally account and associated onboarding data in two ways:

Option A — In the App (recommended)

  1. Open the App and go to Account.
  2. Tap Delete account.
  3. Confirm by typing DELETE and complete Google re-authentication when prompted.

This permanently deletes your Firebase Authentication account and your Firestore user document.

Option B — Request by email or web form

If you cannot access the App, you may email info@locallyforexpats.com from the address linked to your Google account.

We may ask you to verify your identity before processing the request.

Deletion is permanent and cannot be undone.


7. Your privacy rights

If you are in the European Economic Area (EEA), the United Kingdom, or another jurisdiction with similar laws, you may have the right to:

In the Netherlands, the supervisory authority is the Autoriteit Persoonsgegevens (AP): https://autoriteitpersoonsgegevens.nl

To exercise your rights, contact info@locallyforexpats.com. We will respond within the timeframe required by applicable law (generally one month under GDPR).


8. International data transfers

Google/Firebase may process and store data on servers located outside your country, including outside the EEA. Where required, Google uses appropriate safeguards such as Standard Contractual Clauses. See Google’s documentation for current transfer mechanisms.


9. Security

We use industry-standard measures provided by Firebase and Google Cloud to protect data in transit and at rest. No method of transmission or storage is 100% secure, but we work to protect your information using reasonable technical and organizational safeguards.

You are responsible for keeping your Google account secure.


10. Children’s privacy

The App is not directed at children under 16, and we do not knowingly collect personal data from children under 16. If you believe a child has provided us personal data, contact info@locallyforexpats.com and we will take appropriate steps to delete it.


11. Changes to this policy

We may update this Privacy Policy from time to time. When we do, we will revise the “Last updated” date at the top of this page. If changes are material, we may provide additional notice in the App or by other reasonable means.

Continued use of the App after an update means you accept the revised policy, to the extent permitted by law.


12. Contact us

Locally
Email: info@locallyforexpats.com
Website: www.locallyforexpats.com