Legal

Privacy Policy

Last updated: June 25, 2026

JumpIn Pitt, LLC, a Pennsylvania limited liability company ("JumpIn Pitt," "we," "us," or "our"), operates the JumpIn Pitt mobile application ("App") and website at jumpinpitt.com ("Website"). This Privacy Policy explains how we collect, use, and protect your information when you use the App, the Website, or our membership redemption pages (such as jumpinpitt.com/redeem) at participating partner venues.

1. Information We Collect

Account information you provide

  • Email address or phone number — used to create and authenticate your account via a one-time passcode (OTP). Phone-based sign-in is the primary method; an email address may be used instead.
  • Display name — the name you enter during profile setup. This is screened for profanity and may be shown to other users (see Section 4).
  • Profile photo — optional, only if you choose to upload one from your device's photo library.
  • Onboarding preferences — if you complete the welcome survey, the neighborhoods, interests, vibes, and "how did you hear about us" answers you select. This helps us tailor discovery and understand where users come from.

Membership redemption information (QR / 5% member program)

At participating partner venues, you can scan a table QR code to claim a member discount (typically applied to your bill at the register). To prevent fraud and abuse and to log the visit, claiming a discount requires you to verify a phone number via SMS one-time passcode. When you redeem a member discount, we collect:

  • Phone number — verified by SMS one-time passcode. This is your identity for the redemption and links the visit to your JumpIn Pitt account (the same phone number that signs you into the App).
  • Verified-visit record — the venue, the discount percentage applied, the date and time, and (for fraud reconciliation) an optional table number, server reference, or hostess reference encoded in the QR or selected at the venue.
  • Email address (optional) — only if you choose to provide one on the redemption screen.
  • Marketing opt-in (optional) — a separate, unchecked-by-default consent to receive promotional messages (by SMS and/or email) from JumpIn Pitt and the venue you visited. This consent is never required to receive the discount. See Section 6 for SMS and marketing details.

Photos and other user-generated content

  • Profile photo — uploaded from your photo library to our storage if you choose.
  • Venue, event, and menu photos — if you are a venue partner or administrator, photos you upload to populate a venue page, event, or menu are stored in our image storage and shown publicly in the App. The App uses your device's photo library for these uploads; it does not access your live camera to capture photos.
  • Reviews and feedback — the mood you select after a check-in ("OK," "Great," or "Incredible") and any text you write. See Section 3 for how this is routed.

Information collected via the Website

  • Name, email address, and phone number (if you sign up for the waitlist or submit a venue partnership inquiry)
  • Venue name and location (if submitted via the partner interest form)

Information collected automatically

  • Precise location data — used for nearby venue discovery, proximity check-ins, and geofence-triggered notifications, only while the App is in use. See Section 5.
  • Check-in records (which venues you have visited and when, and your visit count per venue)
  • Saved venues and lists, and search history (saved venues/search are stored locally on your device via AsyncStorage; lists you create are also stored in our database)
  • Product-usage analytics events (anonymous; see Section 19)

If you grant notification permission, the App may schedule local notifications on your device (for example, when you walk near a partner venue). We do not require a server-stored device push token for these proximity notifications.

2. How We Use Your Information

We use the information we collect to:

  • Authenticate your account via email or phone one-time passcode
  • Enable proximity-based check-ins within range of partner venues
  • Verify a phone number and log a visit when you claim a member discount, and enforce a once-per-day-per-venue cooldown to prevent abuse
  • Provide participating venues with aggregate, verified counts of member visits and redemptions (we do not share the underlying personal data except as described in Section 4)
  • Display your Pittsburgh Passport progress and explorer level
  • Power the check-in leaderboard (using your first name only)
  • Send notifications about deals and events (if you opt in)
  • Send promotional messages or run giveaways by SMS and/or email — only if you have opted in to marketing, and you can opt out at any time (see Section 6)
  • Communicate with waitlist subscribers about launch updates and early access opportunities
  • Process venue partnership inquiries submitted via the Website
  • Detect, prevent, and address fraud, abuse, and security issues
  • Improve and maintain the App and Website

3. Review Routing & Feedback

After a check-in, users may leave feedback about a venue by selecting one of three moods: “It was OK,” “Great time!” or “INCREDIBLE!”

Positive reviews (“Great time!” or “INCREDIBLE!”)

Users are invited to share their experience publicly on Google. The app copies the review text to the clipboard and the user can manually paste it on the venue’s Google page by tapping “COPY & POST TO GOOGLE.” This step is entirely optional — users may tap “Skip posting to Google” at any time. No review is ever posted automatically on the user’s behalf.

Constructive feedback (“It was OK”)

Feedback is sent privately and directly to the venue’s email so they get a chance to make it right. This feedback is never posted publicly. Users choose whether to include their name and email via a toggle: “Let [venue] reach out to make this right.” If disabled, feedback is sent anonymously — no name, no email, no way for the venue to identify the reviewer.

Reviews are associated with your first name only when you opt in. Your email address and contact information are never shared with venues unless you explicitly enable the contact toggle.

4. How We Share Your Information

We do not sell your personal information to third parties. We do not share your personal data with third parties for their own marketing or advertising purposes, except that, if you have opted in to marketing in the membership program (Section 6), we may send you messages on behalf of the specific venue you visited — we do not hand your contact details to that venue for them to use independently.

Mobile Information and Opt-In Consent

Mobile information (including your phone number and SMS opt-in) will not be shared with third parties or affiliates for their own marketing or promotional purposes. Text-messaging originator opt-in data and consent are never shared with any third parties for any purpose. We use a messaging provider solely to deliver the messages you have consented to receive.

Sharing with partner venues

When you check in or redeem a member discount at a partner venue, that venue may receive aggregate, verified counts of visits and redemptions (for example, "120 verified member visits this month") for reconciliation and billing. Venues do not receive your phone number, email, name, or location through these counts. If you submit private "OK" feedback with the contact toggle enabled, the venue receives only the name and email you chose to share (see Section 3). If you opt in to marketing, we may message you about that venue, but we do not transfer your contact information to the venue for independent use.

Third-Party Service Providers

We share limited information with the following service providers strictly so they can perform the services we have engaged them to perform. Each of these providers is contractually required, through their own terms of service or a data processing agreement, to provide the same or equal protection of user data as described in this Privacy Policy:

  • Our cloud infrastructure provider (secure database, authentication, one-time passcode delivery, and encrypted file storage) — bound by a data processing agreement
  • The SMS provider used by our authentication and messaging stack (delivery of one-time passcodes and any marketing messages you have opted in to) — bound by its own terms and a data processing agreement
  • Our mobile app-build and over-the-air update platform (app builds, updates, and push-notification tooling) — bound by a data processing agreement
  • Our email-delivery provider (transactional and opted-in email for venue feedback, waitlist communications, giveaways, and marketing you opted in to) — bound by a data processing agreement
  • A places/mapping data provider (used by our team to populate venue details such as hours, address, price level, and rating — no personal user data is sent to this provider)
  • Our product-analytics provider (anonymous event data linked to a random on-device identifier, bound by a data processing agreement; this data is not sold and is not shared with data brokers or advertising networks)
  • Apple and Google (required for iOS and Android app distribution and platform services) — apple.com/legal/privacy · policies.google.com/privacy

Link-outs to ticket and reservation pages

The App may show "Get Tickets" or "Reserve" buttons that open a third party's page (for example, an event ticketing provider such as Eventbrite, or a restaurant reservation service) in your device browser or that company's own app. JumpIn Pitt does not process the ticket purchase or reservation, does not collect or store payment information, and does not pass your name, phone number, or email to those services. Once you reach the third party's page, that company's own privacy policy governs your interaction with it. See Section 16 for what we may append to a sponsored link.

Your first name may be visible to other users on the check-in leaderboard. Your email address, phone number, and precise location are never visible to other users. We do not share your personal data with any party other than those listed above without first obtaining your explicit permission.

5. Precise Location Data

We access your precise (GPS) location only while the App is in use ("When In Use" permission). We do not track your location in the background, and we do not need or request "Always" location access. While the App is open, your device's location is read approximately every 3 seconds to detect when you are within range of a partner venue, so we can offer a check-in, run the post-check-in passport timer, and (if you have enabled notifications) send a "you're near a venue" notification.

Your precise coordinates are processed on your device in real time and are used to compute proximity. We do not store your raw GPS coordinates on our servers; what we store is the resulting event — that you checked in at a particular venue at a particular time. Your precise location is never shown to other users and is never shared with venues, advertisers, or data brokers. You can revoke location permission at any time in your device Settings; doing so disables proximity check-ins.

6. SMS Messaging, Phone Number & Marketing Consent

Two distinct types of text message

We use SMS for two separate purposes, and we treat them differently:

  • Account & transactional messages (no marketing consent required): one-time passcodes (OTP) to verify your phone number when you sign in or claim a member discount, and other security or service messages. These are required to use phone-based features. Message and data rates may apply.
  • Marketing messages (express opt-in required): promotional texts about deals, events, and giveaways. We send these only if you affirmatively opted in — for example, by checking the unchecked-by-default marketing box on a redemption screen. Marketing consent is never a condition of receiving a discount, creating an account, or using the App.

How to stop messages

You can reply STOP to any message to unsubscribe from that channel, and HELP for help. You can also email support@jumpinpitt.com to be removed. We honor opt-outs globally across all venues; once you opt out, we suppress your number from future marketing sends. Opting out of marketing does not stop the security/OTP messages you need to log in.

How we protect your number

Your phone number and your SMS opt-in status are never sold and never shared with third parties or affiliates for their own marketing. Mobile-originator opt-in data and consent are excluded from any data sharing. We use our messaging provider only to deliver the messages you have consented to receive.

7. Data Storage and Security

Your account data (display name, email or phone number, check-in records), membership redemption records (phone, optional email, marketing opt-in flag, venue, time, discount), reviews, lists, and onboarding survey answers are stored securely on Supabase infrastructure with row-level security policies that prevent other users from accessing your data. Waitlist and partner inquiry submissions are stored in the same infrastructure with equivalent protections. Profile photos and venue/event/menu images are stored in Supabase Storage. We implement reasonable technical safeguards, but no system is completely secure.

8. Data Retention, Consent Withdrawal, and Deletion

Retention: We retain your account data (display name, phone number, optional email, profile photo, check-in history, review moods, membership redemption records, and onboarding answers) for as long as your account is active. Analytics events collected through our analytics provider are retained for up to 1 year from the date of collection and are then permanently deleted. Waitlist and partner-inquiry submissions are retained for up to 2 years after your last interaction, or until you request deletion.

How to withdraw consent: You can withdraw consent and disable data collection at any time:

  • Disable analytics event collection from Profile > Privacy > Product analytics.
  • Revoke location permission from your device Settings > JumpIn Pitt > Location.
  • Revoke notification permission from your device Settings > JumpIn Pitt > Notifications.
  • Stop receiving marketing SMS or email by replying STOP to any text, clicking unsubscribe in any email, or emailing support@jumpinpitt.com.

How to request deletion of your data:

  • In-app: Profile > Delete Account. This permanently deletes your account, check-ins, reviews, redemption records, saved lists, profile photo, onboarding answers, and other associated records from our database.
  • By email: send a deletion request to support@jumpinpitt.com from the email or phone number on file (or to our administrator at josephdaniel417@gmail.com). We will delete your personal information within 30 days and confirm deletion by email.

We may retain a minimal record (e.g., a phone number on a suppression/opt-out list) solely to honor your deletion or opt-out request and prevent re-creation of the deleted account, and to comply with legal obligations. No human-readable personal data is retained after deletion beyond what is strictly necessary for these purposes.

9. Children's Privacy

The App and Website are not directed to children under 13, and we do not knowingly collect personal information from children under 13. Because the App surfaces bars, breweries, and other 21+ venues, it is rated for older teens and adults (17+) in the app stores. If we become aware that we have collected personal information from a child under 13, we will take steps to delete it promptly. If you believe a child has provided us information, contact support@jumpinpitt.com.

10. Your Choices

  • You can revoke location permission in your device Settings at any time (this disables check-ins)
  • You can revoke notification permission in your device Settings at any time
  • You can opt out of marketing SMS/email at any time (reply STOP, click unsubscribe, or email us) without affecting account security messages
  • You can browse the App without creating an account by tapping "Browse Without an Account" on the Login screen
  • You can permanently delete your account and all associated data at any time from the Profile screen by tapping "Delete Account." You can also email support@jumpinpitt.com to request deletion.

11. Notifications

If you grant notification permission, the App may send you notifications about new venue deals, events, app updates, or when you are near a partner venue. You can opt out at any time by disabling notifications in your device Settings.

12. Email & Authentication

When you sign up or log in, you will receive a one-time passcode (OTP) to the email address or phone number you provide. This is used solely to verify your identity. By signing up for the waitlist, you consent to receive launch-related communications at the email address you provide. You may unsubscribe at any time.

13. Your US State Privacy Rights

Depending on where you live, applicable US state privacy laws (such as those in California, Colorado, Connecticut, Virginia, Utah, and other states) may give you the following rights regarding the personal information we hold about you:

  • Right to know / access — request a copy of the personal information we have collected about you and how we use and share it.
  • Right to correct — request that we fix inaccurate personal information.
  • Right to delete — request that we delete your personal information (see Section 8).
  • Right to opt out — opt out of targeted advertising, the "sale" of personal information, and certain profiling. We do not sell your personal information and we do not use it for cross-context behavioral / targeted advertising (see Sections 18 and 19), so there is nothing to opt out of in this respect; you may still opt out of marketing messages at any time.
  • Right to non-discrimination — we will not deny you service, charge a different price, or provide a different quality of service for exercising these rights.
  • Right to appeal — where provided by law, you may appeal a decision we make about your request by replying to our response or emailing us.

To exercise any of these rights, email support@jumpinpitt.com. We will verify your request using the phone number or email on file and respond within the timeframe required by applicable law (generally within 45 days). You may use an authorized agent to submit a request on your behalf where the law permits. We do not knowingly sell or share the personal information of minors.

14. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes through the App or Website. Continued use of the App or Website after changes constitutes acceptance.

15. Governing Law

This Privacy Policy is governed by the laws of the Commonwealth of Pennsylvania. Any disputes shall be resolved in Allegheny County, Pennsylvania.

16. Contact Us

If you have questions about this Privacy Policy or want to request access to, correction of, or deletion of your data, contact us at:
support@jumpinpitt.com (administrator: josephdaniel417@gmail.com)

17. Menu & Dietary Information

Menu items, dietary labels, and nutritional information displayed in the App are provided by partner venues and have not been independently verified by JumpIn Pitt. We do not guarantee the accuracy, completeness, or currency of menu data. If you have food allergies or dietary restrictions, always confirm directly with the venue before ordering.

18. Sponsored Content & External Links

The App displays paid placements — featured events, venues, or partners who have paid JumpIn Pitt for visibility. Every paid placement is clearly labeled with a disclosure badge on the Explore tab. The badge text may read “SPONSORED,” “EXCLUSIVE,” “FEATURED,” “PARTNER,” or a similar short word that identifies the block as a paid commercial placement. Regardless of which word is displayed, the placement is always a paid arrangement between the sponsor and JumpIn Pitt and is always visually and textually distinguishable from organic venue listings.

What happens when you tap a paid placement: The App opens the sponsor’s destination URL (a ticket purchase page, event page, or social media profile) in your device’s default browser (Safari) or the sponsor’s native app if you have it installed. JumpIn Pitt does not process ticket purchases, does not collect payment information, and does not store payment credentials. All transactions on the sponsor’s site are governed by the sponsor’s own terms and privacy policy, which we encourage you to review. JumpIn Pitt is not responsible for the content, accuracy, or availability of any third-party page.

What we append to the outbound URL (and why): We may add up to two query parameters to the sponsor’s URL so the sponsor can report, in aggregate, how many JumpIn Pitt users reached their page:

  • “ref=jumpinpitt” — a static string identifying JumpIn Pitt as the referrer.
  • “uid=[random on-device identifier]” — the random UUID that our analytics SDK generates on your device. This value is not your name, phone number, email address, advertising identifier (IDFA), or any other identifier issued by another company. It exists only to deduplicate clicks and cannot be used by the sponsor to contact you or identify you outside the JumpIn Pitt ecosystem.

These parameters are transmitted only to the specific sponsor URL you tap; they are not shared with any other party.

What we do NOT share with sponsors: We do not share your name, phone number, email address, profile photo, precise GPS coordinates, check-in history, review text, feedback text, search queries, or any payment information. The random on-device UUID is not linked with data from any other app, website, or offline source for targeted advertising or advertising measurement, and is not shared with any data broker.

19. Analytics and App Tracking Transparency

Analytics provider

We use our analytics provider (our analytics provider, Inc., posthog.com) as our product analytics provider. our analytics provider receives anonymous product-usage events from the App so we can measure feature usage, diagnose crashes, and report aggregate impression and click-through counts to our sponsored partners. our analytics provider is bound by a Data Processing Agreement that prohibits them from selling this data, sharing it with data brokers, or using it for advertising to third parties. See posthog.com/privacy for our analytics provider’s own practices.

Website analytics

Our website (jumpinpitt.com) uses the same analytics provider to measure anonymous page views, section views, and clicks (including aggregate impression and click-through counts on partner placements). Website analytics are cookieless by default: measurement uses a temporary in-memory identifier that is discarded when you leave the site, so no analytics cookie or persistent identifier is stored on your device and your visits cannot be linked across sessions. Analytics requests are routed through our own domain to our provider; the same no-PII rule applies — we never send your name, email address, or phone number to our analytics provider. Data collected on the website is subject to the same 1-year retention and deletion practices described below.

Consent

We collect analytics events by default once you begin using the App. Even though these events are anonymous, we treat them as requiring your consent. To withdraw your consent, you can:

  • adjust the relevant control in JumpIn Pitt (Profile > Privacy > Product analytics), or
  • contact us at support@jumpinpitt.com.

When you withdraw consent, the App immediately stops transmitting events to our analytics provider.

Specific events we record

  • user_signed_up — when you create an account
  • session_started, application_opened — app launches
  • check_in_started, check_in_completed — when you arrive at and complete a dwell at a venue
  • venue_detail_viewed — when you open a venue page
  • menu_viewed — when a venue’s menu section renders
  • review_submitted — mood selection only (“OK” / “Great” / “Incredible”); never the text of your review
  • google_review_posted — when you tap “Copy & Post to Google”
  • deal_external_tap — when you tap a venue’s reservation link
  • tour_started, search_performed, list_venue_added, onboarding_completed, push_notification_opened
  • sponsored_spotlight_viewed, sponsored_spotlight_tapped — impressions and click-throughs on paid placements
  • passport_shared — when you share your Pittsburgh Passport
  • season_viewed, season_leaderboard_tapped_self, quest_progress_viewed, quest_completed, season_recap_opened, season_recap_shared — Season progression events
  • app_error — crash diagnostics (error message, stack trace first line, current screen name); never includes any user-entered content

Event properties that ARE included

venue_id, venue_name, neighborhood, venue category, search query length (number only, never the query text), deal URL domain (e.g., “resy.com”), season slug and number, season rank (numeric position only), quest key and progress count, and a random on-device UUID.

Event properties that are NEVER included

Your name, phone number, email address, profile photo, precise GPS coordinates, review text, feedback text, search query text, or any payment information.

Retention and deletion

Our analytics provider retains events for up to 1 year from the date of collection, after which they are permanently deleted. Events already transmitted before you withdraw consent remain in the provider’s retention window until deleted by automatic expiry. To request earlier deletion of historical events associated with your device, email support@jumpinpitt.com; we will delete those events within 30 days.

App Tracking Transparency (Apple’s definition of “tracking”)

Apple defines “tracking” as linking data collected from our app about a particular end-user or device with Third-Party Data for targeted advertising or advertising measurement purposes, or sharing data collected from our app about a particular end-user or device with a data broker.

JumpIn Pitt does not engage in any of these activities. We therefore declare our data as “Data Not Used to Track You” in the App Store’s App Privacy details, and we do not present Apple’s App Tracking Transparency permission prompt because none is required under Apple’s rules for our use case.

Specifically, we do NOT:

  • Sell your data.
  • Use your data for targeted advertising or advertising measurement across other apps or websites.
  • Share your data with data brokers.
  • Combine your data with data collected from apps or websites owned by other companies.
  • Use the random on-device UUID, or any other identifier, to recognize you across other developers’ apps.
  • Build a profile of you for advertising purposes.

If this ever changes, we will update this Privacy Policy, update our App Store App Privacy declaration, and present the App Tracking Transparency prompt before any tracking begins.