Privacy Policy

Last updated: June 12, 2026

This Privacy Policy describes how Sometime Inc. ("Sometime," "we," "us," or "our") collects, uses, and discloses information in connection with the Sometime mobile application, the websites located at sometimeirl.com and partysometime.com, and related services (collectively, the "Service"). This Privacy Policy is incorporated into and forms part of our Terms of Service.

By using the Service, you acknowledge the practices described in this Privacy Policy. If you do not agree with this Privacy Policy, do not use the Service.

1. Information We Collect

Information you provide

Account and profile information. Email address, name, username, and, at your option, profile photograph, date of birth, hometown, school, profession, industry, and similar profile details. Certain optional fields (such as gender and relationship status) are used solely for personalization, are not displayed to other users, and are not transmitted to other users' devices.
Verified telephone number. We verify your telephone number via a one-time code. Telephone numbers are protected as described in Section 2.
Contacts (optional). If you enable contact synchronization (disabled by default), the telephone numbers in your device's address book are transmitted to our servers, where each number is immediately converted to a one-way cryptographic hash. Contact names are not transmitted and remain on your device. Hashed values are used solely to identify which of your contacts are registered users of the Service. Disabling contact synchronization deletes the synchronized data.
Calendar information (optional). If you enable calendar synchronization (disabled by default), we receive only free/busy time intervals, limited to a rolling 21-day window — never event titles, attendees, locations, or descriptions. Intervals are replaced in full upon each synchronization and are deleted entirely if you disable the feature. Where you connect a Google Calendar, the associated OAuth access tokens are stored in encrypted form, together with the email address of the connected account.
Preferences and interests. Information you provide to improve recommendations, such as activity interests, dietary restrictions, cuisine and budget preferences, and preferred group sizes.
Communications with the AI agent. Your conversations with the Service's artificial-intelligence agent, and structured information derived from those conversations (such as stated preferences), are stored to provide and personalize the Service. AI personalization may be disabled in the application's privacy settings.
Relationship context. Optional descriptions you provide about your relationships with other users, together with numerical representations ("embeddings") derived from those descriptions, used to generate recommendations. We also store your connection list and block list.
Messages and media. Messages, photographs, videos, and reactions you send through the Service. Media is stored in access-controlled storage.
Plans and RSVPs. Plans and events you create, join, or respond to, including associated details and attendance status. If you RSVP through our web pages without a registered account, we collect the name and telephone number you provide, verified by a one-time code and protected as described in Section 2.
Waitlist information. If you join our website waitlist, the email address you submit and the source of the signup, used solely to communicate about the Service's availability.

Information collected automatically

Usage and device information. In-application activity (such as plan creation, invitations, and RSVPs) and basic technical information used to operate, secure, and improve the Service.
Push notification tokens. With your permission, a device push token used to deliver notifications. Notification categories may be controlled independently in settings.

We do not use third-party advertising trackers or third-party advertising analytics on the Service, and we do not collect precise background location.

2. Telephone Number Protection

Telephone numbers receive specific technical protections:

Numbers used for contact matching exist in our systems only as one-way keyed cryptographic hashes, which cannot be reversed to reveal the underlying number.
Your own verified number is additionally stored in encrypted form, with keys held server-side, solely to enable SMS messages contemplated by the Service (such as verification codes, invitations, and host messages). Decryption occurs only transiently, server-side, at the time of sending.
Raw telephone numbers of persons invited to plans are processed in memory solely to deliver the relevant message and are not persisted to storage, logs, or analytics.
Raw, readable telephone numbers are not written to our database, not transmitted to client applications, and not logged.

3. How We Use Information

We use the information described above to:

provide, operate, maintain, and secure the Service, including plans, invitations, RSVPs, group messaging, reminders, and host communications;
generate recommendations and personalized suggestions through the Service's AI features;
identify which of your contacts are registered users, where you have enabled contact synchronization;
send communications contemplated by the Service, including SMS verification codes, invitations, and notifications, subject to the controls described in Section 6 and our SMS Terms;
monitor, investigate, and prevent fraud, abuse, and violations of our Terms of Service;
comply with legal obligations; and
analyze and improve the Service, including through aggregated or de-identified data.

We do not use your personal information for third-party advertising, and we do not sell personal information.

4. How We Disclose Information

We disclose personal information only as described below:

Service providers. We use third-party service providers to perform functions on our behalf, in each case limited to the information reasonably necessary for the function: cloud database, authentication, and storage (Supabase); application hosting (Fly.io); SMS delivery and telephone verification (Twilio), which receives the telephone number and message content at the time of sending; and push notification delivery (Expo and Apple), which receives the device token and notification content.
Artificial-intelligence providers. Conversations with the Service's AI agent and associated context are processed by large-language-model providers (currently Anthropic and Google) through their commercial APIs, acting as our service providers, solely to generate the agent's responses and related Service functionality. Under the applicable commercial terms, these providers do not use this content to train their models. We do not transmit your telephone number to AI providers.
Venue, event, and media data providers. Search queries (such as cuisine, neighborhood, date range, or event keywords) are transmitted to providers including Google Places, web-search providers, Ticketmaster, SeatGeek, Eventbrite, Bandsintown, Pexels, Giphy, and Klipy to retrieve results. These queries are not accompanied by your name, telephone number, or other account identity.
Reservation platforms. The Service detects which reservation platform a venue uses and may present you with a pre-filled booking link (for example, party size, date, and time). We do not transmit your personal information to reservation platforms; any information you provide after following such a link is provided by you directly to that platform under its own terms and privacy policy.
Other users. Your profile information designated as visible (such as name, username, photograph, and neighborhood) is visible to other authenticated users. Content you share with other users (such as messages and plan details) is visible to its intended recipients.
Legal and safety. We may disclose information where we believe in good faith that disclosure is required by law, subpoena, or other legal process, or is reasonably necessary to protect the rights, property, or safety of Sometime, our users, or the public.
Corporate transactions. In connection with a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, information may be disclosed or transferred as part of that transaction, subject to this Privacy Policy unless and until you are notified otherwise.

We do not sell personal information and do not share personal information for cross-context behavioral advertising.

5. Location Information

During onboarding you may select a neighborhood on a map. Conversion of map coordinates to a neighborhood name occurs on your device. Your selected neighborhood may be displayed as part of your profile. Precise coordinates associated with your selection are stored privately, used solely server-side for distance-based matching, and are not displayed to other users, returned to client applications, or logged. The Service does not track your location in the background.

6. Your Choices and Controls

The application provides settings that control: contact synchronization (off by default; disabling deletes synchronized data); calendar synchronization (off by default; disabling deletes stored intervals); AI personalization; push notification categories; and SMS plan invitations. These controls are enforced at the points where data enters and leaves our systems. We maintain records of consents granted and withdrawn, including the version of this Privacy Policy in effect at the time.

You may review and update your profile information in the application at any time.

7. Data Retention and Deletion

We retain personal information while your account is active and as needed for the purposes described in this Privacy Policy. Certain data is retained for shorter periods by design (for example, calendar free/busy intervals are limited to a 21-day window and replaced on each synchronization, and optional data is deleted when the corresponding feature is disabled).

You may request deletion of your account and associated personal information in the application or by contacting legal@sometimeirl.com from the email address associated with your account. We verify and process deletion requests promptly, and in any event within the timeframes required by applicable law. Content you contributed to shared contexts (such as messages in group conversations) may remain visible to other participants following deletion, disassociated from your identity. We may retain limited information where required by law or reasonably necessary for legal compliance, dispute resolution, and enforcement of our agreements.

8. Security

We employ technical and organizational measures designed to protect personal information, including one-way keyed hashing of telephone numbers used for matching; encryption of stored verified numbers and calendar tokens, with purpose-separated keys held server-side; row-level security controls on database tables, with the most sensitive tables accessible only to our backend services; and an architecture in which client applications never access the database directly. Information is stored and processed in the United States.

No security measures are infallible. In the event of a security incident affecting your personal information, we will notify you and applicable authorities as required by law.

9. Children's Privacy

The Service is not directed to, and may not be used by, persons under 18 years of age. We do not knowingly collect personal information from persons under 18. If you believe a person under 18 has provided personal information to us, contact legal@sometimeirl.com and we will delete it.

10. California and Other U.S. State Privacy Rights

Residents of California and certain other U.S. states may have rights under applicable law to: (a) request access to the categories and specific pieces of personal information we hold; (b) request deletion of personal information, subject to legal exceptions; (c) request correction of inaccurate personal information; and (d) not receive discriminatory treatment for exercising privacy rights. We honor such requests regardless of whether the applicable statute technically applies to us.

We do not sell personal information and do not share personal information for cross-context behavioral advertising, as those terms are defined under the California Consumer Privacy Act, as amended; accordingly, we do not offer an opt-out because there is nothing to opt out of.

To exercise these rights, contact legal@sometimeirl.com. We will verify your identity (typically by confirming your control of the email address or telephone number associated with your account) and respond within the timeframes required by applicable law. You may designate an authorized agent to submit requests on your behalf, subject to verification.

Do Not Track. The Service does not track users across third-party websites or services and therefore does not respond to "Do Not Track" signals.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The "Last updated" date above indicates when this Privacy Policy was last revised and the date the revision became effective. For material changes, we will provide notice through the Service, by email, or by other reasonable means prior to the change taking effect. The current version is available at sometimeirl.com/privacy.

12. Contact

Sometime Inc.

1819 Polk St PMB 206, San Francisco, CA 94109

legal@sometimeirl.com