Sip
Privacy

Privacy Policy

Effective May 28, 2026

Sip is a live map of nightlife — bars, crews, and the people you actually go out with. To make that work we collect some information about you, what you do in the app, and where you are. This policy explains what, why, and what you can do about it. If anything here is unclear, email sam@sipapp.coand we’ll answer plainly.

This policy applies to the Sip mobile app, the Sip website at sipapp.co, and any related services operated by White Pine Enterprises, LLC (“Sip,” “we,” “us”). By using Sip you agree to this policy and to our Terms of Service.

Who can use Sip

Sip is a 21+ product. We do not knowingly collect information from anyone under 21. If you believe a minor has created an account, email sam@sipapp.co and we will remove it.

Information we collect

You give us directly

  • Account details: first and last name, username, email, date of birth (used to confirm 21+), city, and optionally gender. For bar administrator accounts, the venue you represent.
  • Authentication credentials: if you sign up with email, a password that is hashed and stored by Firebase Authentication. If you sign in with Google, the email and basic profile Google returns to us.
  • Profile: initials shown in place of a photo, a public/private toggle, and the bars you follow, favorite, or have visited.
  • Content you create: posts, photos, comments, event RSVPs, line-report photos, and messages in crews.
  • Permission choices: which of Location, Notifications, Contacts, and Camera you have allowed.

We collect as you use the app

  • Location: when you grant location access, we use your precise location to place you on the map, to gate features that require you to be at a bar (for example contributing a line report), and to surface nearby bars and events. Some events let you choose how precisely your location is revealed to the group.
  • Social graph: friend connections, crews you join, and the people you attend events with.
  • Check-ins and visits: bars you currently are at, have visited, follow, or favorite.
  • Line-report signals: when you submit a line report, we analyze your photo on your device using Apple Vision to estimate how many people are visible, then store the photo and its derived signals (for example a headcount estimate, timestamp, and bar) so the wait-time estimate can be shown to others.
  • Promotion redemptions: when you redeem a bar promotion, we record the redemption with a timestamp and short-lived QR code so the bar can verify it.
  • Device and log data: device model, OS version, app version, language, crash reports, and service logs collected by our backend providers.

We access only with your permission

  • Contacts: if you allow contact access, we use it solely to help you find friends who already use Sip. We do not upload your address book and we do not send invitations on your behalf without an explicit tap.
  • Camera and photos: used when you take a photo for a post, a profile element, or a line report. We do not scan your camera roll.
  • Notifications:used to send you RSVPs, friend requests, and nearby-bar alerts when you’ve opted in.

How we use your information

  • Power the core product — the live map, crews, events, line intelligence, and bar profiles.
  • Show your posts, comments, RSVPs, and visits to the audiences you choose (public, friends, or a specific crew).
  • Compute wait-time estimates and crowd signals from reports contributed by you and others.
  • Protect the service: detect spam, abuse, harassment, fake accounts, and content that violates our Terms.
  • Respond to reports, block requests, and support emails.
  • Comply with legal obligations — for example, responding to a valid subpoena.
  • Improve Sip: understand which features get used, where things break, and what to build next.

How information is shared

With other people, by design

  • Your username, initials, city, and posts are visible to other Sip users within the visibility you choose. Setting your profile to private limits what people who aren’t your friends see.
  • Friends, crew members, and people you invite to an event can see details you share into those surfaces — for example your current bar, RSVPs, or messages in the crew.
  • Bars you check into, visit, or represent can see aggregate signals about their venue (headcount estimates, visitor count, regulars vs. discovery) and the content you post tagged to them.

With service providers (“processors”)

Sip runs on third-party infrastructure. These providers process data on our behalf, under contract, only to operate Sip:

  • Google / Firebase— Authentication, Firestore, Cloud Storage, Cloud Functions, Hosting, and Crashlytics (crash reporting). We rely on Google’s data processing addendum so these services act as service providers on our behalf. We do not run Google Analytics, AdMob, or any other Google advertising product against your Sip data.
  • Apple— Push Notification Service, Sign in with Apple (if you choose it), and on-device Vision used for headcount estimation.
  • Google Sign-In— authentication when you choose it.
  • Vercel— hosting for this website.
  • Resend— transactional email delivery (waitlist confirmations, password resets, account notifications).

For legal reasons and safety

We may disclose information if we believe in good faith it is necessary to comply with law, enforce our Terms, protect the rights and safety of Sip’s users, or investigate fraud.

In a business transaction

If Sip is involved in a merger, acquisition, or sale of assets, your information may be transferred, subject to this policy or one at least as protective.

We do not sell or share your data for advertising

Sip does not sell personal information for money. Sip does not share personal information with third parties for cross-context behavioral advertising as those terms are defined under the California Privacy Rights Act (CPRA). We do not run Google Analytics, AdMob, or any other advertising technology against your Sip data. Promotions you see inside Sip come from bars listed on Sip and are targeted using your Sip account information only — not by external ad networks.

Data retention

  • While your account exists — we keep the data needed to run Sip for you.
  • After deletion — when you delete your account from Edit profile → Delete my account, we remove your profile and personally identifying information within 30 days. Aggregate signals that are no longer tied to you (for example anonymized wait-time estimates) may be retained.
  • Line-report photos — retained for up to 24 hours, the window in which the estimate is useful, and then deleted.
  • Backups and logs — retained up to 90 days for security and recovery.

Your choices and rights

  • Access, correct, export, delete: edit or delete your profile at any time from inside the app, or email sam@sipapp.co for a copy of your data.
  • Permissions: revoke Location, Notifications, Contacts, or Camera access in iOS Settings at any time. Sip will keep working, with fewer features.
  • Block and report:any profile, post, or comment can be reported, and any user can be blocked, from inside the app. Once blocked, that user can’t see your content, friend you, or appear in your feed.
  • EEA/UK (GDPR): if you use Sip from the EEA or UK, our legal basis for processing is your consent, performance of our contract with you, and our legitimate interest in running a safe, functional service. You may object, request portability, or lodge a complaint with your local data-protection authority.

California privacy rights (CCPA / CPRA)

If you are a California resident, the California Consumer Privacy Act, as amended by the California Privacy Rights Act, gives you the rights described below. The look-back period for the disclosures in this section is the prior twelve months.

Categories of personal information we collect

  • Identifiers— name, username, email, account ID, IP address, device identifiers.
  • Customer records— date of birth (used to confirm 21+), city, hashed password.
  • Commercial information— promotions you redeem, bars you follow or favorite, events you RSVP to.
  • Internet and network activity— in-app interactions, screens viewed, and crash reports.
  • Geolocation— precise location while the app is in use. This is “sensitive personal information” under CPRA.
  • Audio, visual, or similar information— photos you upload (posts, profile elements, line-report photos).
  • Inferences— derived signals such as the headcount estimate from a line-report photo or whether you are a regular versus first-time visitor at a bar.
  • Sensitive personal information— precise geolocation and the hashed password used to log in to your account.

Sip does not collect: government identification numbers, financial account information, racial or ethnic origin, religious beliefs, union membership, genetic data, biometric identifiers, health information, or information about sex life or sexual orientation.

Where we collect from

Directly from you (account creation and app use); from your device (location, camera, contacts — with your permission); from authentication providers you choose (Apple, Google); and from other Sip users who interact with you in the product.

Why we collect

To operate Sip (map, crews, events, line and crowd intelligence, bar profiles); to authenticate and protect your account; to enforce our Terms and respond to abuse, fraud, and safety reports; to comply with legal obligations; and to understand how Sip is used in aggregate so we can improve the product.

Who we disclose personal information to

The categories of recipients identified earlier in this policy: service providers operating Sip on our behalf (Google/Firebase, Apple, Vercel, Resend); bars whose venues you check into or represent (limited to the signals and content you share into those surfaces); other Sip users (limited to your visibility settings); and law enforcement or other parties where required by law. We do not sell personal information and we do not share personal information for cross-context behavioral advertising.

Your California rights

  1. Right to know. Request the categories and specific pieces of personal information we have collected, the sources, the purposes, and the categories of third parties we disclose to.
  2. Right to correct. Ask us to correct inaccurate personal information we hold about you.
  3. Right to delete. Request deletion of personal information we hold about you, subject to limited statutory exceptions (for example, completing a transaction you requested, security, or legal compliance).
  4. Right to opt out of sale or sharing. We do not sell personal information and we do not share personal information for cross-context behavioral advertising, so there is nothing to opt out of today. If that ever changes, we will update this policy, notify you in the app, and add the opt-out mechanism required by California law.
  5. Right to limit the use of sensitive personal information. Sip already limits the use of sensitive personal information (precise geolocation, hashed credentials) to providing the service you requested and to safety and fraud purposes permitted by law. You may ask us in writing to further restrict our use.
  6. Right to non-discrimination. We will not deny service, charge different prices, or provide a different quality of service because you exercised any of these rights.
  7. Authorized agents. You may designate an authorized agent to make a request on your behalf, with written authorization that we can verify.

How to exercise your California rights

Email sam@sipapp.co with the subject line “California privacy request” and tell us which right you want to exercise. We will verify your identity by asking for information that matches your Sip account. We respond within 45 days, with one 45-day extension if reasonably necessary (we will tell you in writing if we need the extension). You can also delete your account from inside the app at Edit profile → Delete my account.

Security

Sip uses industry-standard encryption in transit (TLS) and at rest, Firebase security rules to scope what each account can read and write, and short-lived credentials for sensitive actions. No system is perfect. If you believe your account has been compromised, email sam@sipapp.co immediately.

Children

Sip is not directed to children under 13, and because Sip is a nightlife product we do not permit anyone under 21 to create an account at all.

International transfers

Sip’s infrastructure is hosted primarily in the United States. If you use Sip from outside the U.S., your information will be transferred to and processed in the U.S.

Changes to this policy

When we make material changes, we’ll update the effective date above and, where appropriate, notify you inside the app before the change takes effect.

DMCA Notice

Sip respects the intellectual property rights of others and expects users of the platform to do the same.

If you believe content available on Sip infringes your copyright, you may submit a notification under the Digital Millennium Copyright Act (DMCA) by providing our designated copyright agent with the following information:

  • Identification of the copyrighted work claimed to have been infringed
  • Identification of the infringing material and information reasonably sufficient to permit us to locate the material
  • Your contact information, including name, address, telephone number, and email address
  • A statement that you have a good faith belief that the disputed use is not authorized
  • A statement, under penalty of perjury, that the information in the notification is accurate
  • Your physical or electronic signature

DMCA notices should be sent to:

White Pine Enterprises, LLC Copyright Agent
Email: sam@sipapp.co

Sip may remove allegedly infringing content and terminate repeat infringers where appropriate. Full takedown and counter-notification procedures are in our DMCA & Copyright Policy.

Contact

White Pine Enterprises, LLC — privacy questions, deletion requests, and complaints: sam@sipapp.co.

Questions? Email sam@sipapp.co.