Privacy Policy

1. Information We Collect

We collect information you provide directly to us, including (depending on how you use the Service):

• Profile data (name, apartment number, phone number, email address, anonymous handle)
• Building membership and access data (building name, access codes, membership status)
• Listings and needs data (titles, descriptions, photos, prices, categories, deadlines)
• Order and transaction data (items bought/sold, amounts, timestamps, refund/return status)
• Payment-related information (Stripe customer ID, Stripe Connect account ID, but not full card or bank numbers)
• Support and communication records (emails, in-app support messages, feedback)

We also automatically collect certain technical and usage information when you use the Service, such as:

• Device information (device type, operating system, app version, language)
• Log data (IP address, timestamps, app crashes, performance data)
• Usage data and analytics (screens viewed, taps, scroll behavior, session duration)
• Notification tokens (for push notifications to your device)

We may collect approximate location information at the building level, but we do not provide precise GPS location to other users.

2. How We Use Information

We use the information we collect to:

• Operate, maintain, and improve the Service and its features
• Verify building membership and control access to building-specific marketplaces
• Process transactions and payments through Stripe
• Show you relevant listings, needs, and offers within your building
• Provide AI-powered suggestions for listing titles, descriptions, categories, and pricing
• Communicate with you about your account, transactions, building membership, and the Service
• Send you transactional notifications (order status, pickup codes, refund status)
• Provide customer support and respond to your requests
• Detect, prevent, and address fraud, abuse, security incidents
• Comply with legal obligations and enforce our rights
• Analyze usage patterns and trends to improve performance and user experience

3. Data Storage

Your data is stored using Firebase services (including Firebase Firestore, Authentication, and Storage) and may also be stored locally on your device. We retain your information for as long as your account is active or as needed to:

• Provide the Service
• Maintain transaction and refund records
• Comply with legal obligations
• Resolve disputes
• Enforce our agreements and Terms of Use

When you delete your account, we will delete or anonymize your personal information within a reasonable period, except where we are required or permitted by law to retain certain data.

4. Anonymous Handles

2Doors uses anonymous handles (usernames) instead of real names to protect your privacy. Handles are randomly generated and generally cannot be changed. Your handle is visible to other users in your Building in the app (for example, on listings or needs), but:

• Your real name, apartment number, and phone number are not shown to other residents
• Your real identity is only shared when reasonably necessary for transactions, safety, or verification

We do not publish your real name publicly on the Service.

5. Payment Information & Refund Data

All payment processing is handled by Stripe, a third-party payment processor. We do not store your credit card numbers, bank account information, or other sensitive payment data on our servers. Instead:

• We store Stripe-related identifiers (such as Stripe customer ID and Stripe Connect account ID)
• Stripe processes payments in accordance with PCI DSS standards
• When you make a payment, your payment information is sent directly to Stripe

Refund Data and Codes: When you request or receive a refund or return, we generate a pickup or return code that may contain or be linked to your name and apartment number. This information is only visible to authorized building desk/receiving staff. Buyers and sellers remain anonymous to each other throughout the process.

6. Third-Party Services

We use third-party services that may collect, receive, or process your information:

• Stripe (payments): Processes payments, payouts, refunds, and disputes
• Firebase (Google) services: Provide authentication, cloud database, file storage, analytics, and crash reporting
• OpenAI (AI features): Processes text and images you choose to send to generate AI-powered suggestions

These providers use your information in accordance with their own privacy policies and terms of service.

7. Data Sharing

We do not sell your personal information.

We may share your information in the following limited situations:

• With other users in your Building: We share your anonymous handle, listings, needs, and relevant transaction information
• With building management and front desk staff: We may share limited information when necessary for package verification, delivery, returns, security, or enforcement of building rules
• With service providers and vendors: Such as Stripe, OpenAI, Firebase, solely to provide, maintain, and improve the Service
• For legal, safety, and compliance reasons: We may share information if we believe it is reasonably necessary to comply with laws, regulations, legal processes, or governmental requests
• Business transfers: In connection with a merger, acquisition, sale of assets, or similar transaction

8. Data Security

We implement reasonable technical and organizational security measures to protect your information, including:

• Encryption in transit (HTTPS/TLS)
• Encryption at rest for certain data
• Secure authentication and session management
• Access controls and logging
• Regular monitoring for abnormal activity

However, no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

9. Your Rights

Depending on your jurisdiction, you may have some or all of the following rights regarding your personal information:

• The right to access the personal information we hold about you
• The right to correct or update inaccurate or incomplete information
• The right to delete your account and personal information
• The right to object to or restrict certain types of processing
• The right to request a copy of your data in a portable format
• The right to opt out of non-essential marketing or promotional communications

To exercise these rights, please contact us at support@msparllc.com.

10. Children's Privacy

The Service is not intended for children under 21 years of age. We do not knowingly collect personal information from children under 21. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at support@msparllc.com.

11. International Data Transfers

Your information may be transferred to, stored on, and processed on servers located in countries other than your country of residence, including the United States. By using the Service, you consent to the transfer of your information to the United States and other countries where our service providers operate.

12. Changes to Privacy Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last Updated" date at the top of this page and may provide notice through the Service or by email where required by law. Your continued use of the Service after changes become effective constitutes your acceptance of the updated Policy.

13. Contact

If you have any questions about this Privacy Policy or our data practices, please contact: