Legal
Controller: Knot ("Knot", "we", "us", "our")
This Privacy Policy ("Policy") describes how Knot collects, uses, discloses, retains, transfers, and protects personal information in connection with the Knot mobile application, our website, and any related products or services we offer (together, the "Service"). It applies to all users of the Service, regardless of how you access it.
Knot is a social platform for people aged 13–25 that connects users with shared interests through groups called Knots, sessions, events, a marketplace ("Shop"), and direct messaging.
This Policy is intended to comply with, among others:
If you disagree with any part of this Policy, please do not use Knot. By accessing or using the Service, you confirm that you have read, understood, and agreed to this Policy.
Knot is not directed to children under 13. We do not knowingly collect personal information from any individual under 13. If you are a parent or guardian and believe that your child under 13 has provided us with personal information, please contact us immediately at joinknot.app@gmail.com. We will promptly delete the information and the account.
For users between the ages of 13 and 17, we apply enhanced privacy protections by default:
Parents and guardians may request access to, correction of, or deletion of their child's information by contacting joinknot.app@gmail.com. Where verifiable parental consent is required by applicable law, we will request reasonable proof of parental authority before acting on such requests.
We collect Personal Information in three ways: information you provide directly, information collected automatically when you use the Service, and information we receive from third parties.
Account Registration: name and chosen display name; email address; phone number (optional, for SMS-based verification or notifications); date of birth (used to verify minimum age and apply age-appropriate settings); password (stored only in hashed form using industry-standard hashing); country and language preferences.
Profile and Preferences: profile photo, bio, pronouns (optional); interests, skills, languages, and tags; Knot membership and admin status; visibility and notification preferences.
Identity and Safety Verification (optional / where required): a short selfie video or photo, used solely to confirm you are a real human and not a duplicate account. Government-issued identifiers may be requested only where required by law (e.g. for sellers above certain transaction thresholds), and are deleted after verification unless retention is legally required.
User Content: messages, posts, comments, reactions, polls, listings, photos, video, audio, and any other content you upload, along with metadata such as timestamps, device type, and geolocation if you choose to attach it.
Payment Information: for Paid Knots, payments are managed entirely by Apple In-App Purchase — we receive only a transaction receipt and the product purchased, not your card details. For Shop purchases of physical goods or services, payment is processed by our third-party payment processor (e.g. Stripe); we receive only tokenized references, last four digits of the card, brand, and country. Billing address and tax-related information may be collected where required.
Communications with Us: support requests, bug reports, survey responses, and any other correspondence.
Device and Technical Information: device model, manufacturer, operating system and version; app version and build, language, time zone, region; mobile network carrier and connection type; device identifiers — Apple's "Identifier for Vendors" (IDFV), and, if you grant permission, the "Identifier for Advertisers" (IDFA); IP address (which provides approximate location).
Log and Usage Information: pages and screens viewed, features used, buttons tapped; session start and end times and duration; referring screens, scroll depth, in-app search queries; performance metrics such as load times and frame rates; crash logs and diagnostic information.
Location Information: approximate location (derived from IP) is collected automatically to provide local content and security checks. Precise location (GPS-level) is collected only with your explicit permission, granted through the iOS location permission prompt, and only while the app is in use, unless you opt in to "Always" permission. We use precise location solely to show nearby Knots and events. You can change or revoke location permissions at any time in iOS Settings → Privacy → Location Services → Knot.
Cookies, Local Storage, and Similar Technologies: Knot uses local storage and identifiers on your device to keep you signed in, remember preferences, support security features, and measure performance. Our website may use cookies; details are provided in the cookie banner.
App Tracking Transparency (Apple ATT): if we ever wish to track your activity across other companies' apps and websites, we will request your permission through Apple's App Tracking Transparency prompt before doing so. If you decline, the IDFA will not be made available to us, and we will not engage in cross-app tracking. As of the Effective Date, Knot does not use the IDFA for cross-app tracking and does not share data with third-party advertisers for the purpose of tracking.
Push Notifications: if you grant permission, we send push notifications via Apple Push Notification service ("APNs"). To do so, your device is assigned a push token, which we store securely and use only for sending notifications. You may turn off notifications at any time in iOS Settings.
This section summarizes, in the categories used by Apple's App Store Connect "App Privacy" labels, the personal information that Knot collects and how it is linked or used. A data type is "Linked" if it is associated with your identity. A data type is "Not Linked" if it is collected only in aggregate form or with all identifiers stripped.
| Data Type | What We Collect / Linked or Unlinked / Purpose |
|---|---|
| Contact Info | Name, email address, phone number, physical address (for Shop only). Linked to identity. Used for App Functionality, Account Management, Customer Support, and (optionally) Developer Marketing. |
| Health & Fitness | Not collected. |
| Financial Info | Purchase history (which Paid Knots or Shop items you purchased) and, for Shop, payment-card brand and last four digits via Stripe. We do not store full card numbers. Linked. Used for App Functionality, Fraud Prevention, and Accounting. |
| Location | Approximate location (from IP) and, with permission, precise location. Linked. Used for App Functionality (showing nearby Knots) and Security. |
| Sensitive Info | Not collected. We do not request information about racial or ethnic origin, religion, political opinions, sex life, sexual orientation, biometric data, or trade union membership. |
| Contacts | Not collected. We do not access your iOS Contacts unless you explicitly invite a contact, in which case the invitee's details are used only to send the invitation and are not retained. |
| User Content | Photos, video, audio, messages, posts, listings, customer support correspondence. Linked. Used for App Functionality and (for safety) limited Analytics. |
| Browsing History | Not collected. We do not collect browsing history outside the app. |
| Search History | In-app search queries you make within Knot. Linked. Used for App Functionality and Analytics. |
| Identifiers | User ID, device ID (IDFV), and—only if you grant ATT permission—IDFA. Linked. Used for App Functionality, Analytics, Security, and Fraud Prevention. |
| Purchases | Apple In-App Purchase history and Shop transaction history. Linked. Used for App Functionality and Customer Support. |
| Usage Data | Product interaction (taps, screens, features used) and advertising data (only if you opt in to ATT). Linked or Not Linked depending on the metric. Used for Analytics and App Functionality. |
| Diagnostics | Crash data, performance data, and other diagnostic data. Generally Not Linked. Used for App Functionality and Analytics. |
| Other Data | Limited additional data necessary to deliver requested features (e.g. survey responses you choose to submit). |
Tracking: Knot does not currently use your data to track you across apps and websites owned by other companies. If this ever changes, we will request your permission through the App Tracking Transparency prompt before doing so.
We use Personal Information for the purposes described below. The purposes correspond to Apple's "App Privacy" purpose categories where applicable.
Knot does not currently serve third-party advertising or sell or "share" personal data to third parties for cross-context behavioural advertising. If we introduce advertising in the future, this Policy will be updated and we will request consent or provide opt-out rights as required by law.
Where the GDPR or UK GDPR applies, we rely on the following legal bases:
You have the right to withdraw any consent at any time without affecting the lawfulness of processing carried out before the withdrawal.
We do not sell your Personal Information. We disclose Personal Information only as described below:
Profile information, posts, listings, comments, reactions, and any other content you make available within a Knot is visible to other members of that Knot. Direct messages are visible to the recipient(s) only. Display name, profile photo, and bio may be visible to any Knot member you interact with, depending on your privacy settings.
We engage carefully selected service providers who process information on our behalf and under contractual obligations to maintain confidentiality, use the data only for our specified purposes, and apply appropriate security. Categories include:
Where required for the operation of the Service on iOS, certain limited data is shared with Apple in accordance with Apple's own privacy practices, including for In-App Purchase, subscription management, push notifications, and (where you have opted in) crash diagnostics shared with developers.
If Knot is involved in a merger, acquisition, financing, reorganisation, or sale of assets, your Personal Information may be transferred to the successor entity, subject to the standards of this Policy or with appropriate notice and choice.
We share information for other purposes when you ask us to or otherwise give us consent (for example, when you choose to publish content publicly).
The Knot iOS app integrates third-party software development kits ("SDKs") and services for the limited purposes described below. Each provider processes data according to its own privacy policy. We recommend reviewing their policies if you have concerns.
Additional providers may be added over time. Material additions affecting data handling will be reflected in a revised version of this Policy.
We are a global service. Personal Information may be processed in countries outside your country of residence, including the United States, the European Economic Area, the United Kingdom, and Singapore. These countries may have data protection laws that differ from yours.
Where we transfer Personal Information out of the EEA, UK, or Switzerland, we rely on appropriate safeguards, including:
You may request a copy of the safeguards in place by contacting us at joinknot.app@gmail.com.
We retain Personal Information only for as long as necessary to fulfil the purposes for which it was collected, comply with our legal obligations, resolve disputes, and enforce our agreements. Retention periods include, by way of indication:
We apply industry-standard technical and organisational measures to safeguard Personal Information, including:
No system is perfectly secure. If we become aware of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the competent supervisory authority and affected users without undue delay, as required by applicable law.
Subject to applicable law and reasonable identity verification, you may have the following rights regarding your Personal Information:
To exercise these rights, please email joinknot.app@gmail.com or use the in-app tools at Settings → Privacy. We will respond within the timeframes required by applicable law (generally 30 days, extendable by a further two months for complex requests). We may need to verify your identity before responding.
You can permanently delete your account directly from within Knot: Settings → Account → Delete Account. After confirmation:
You may also delete individual messages, posts, listings, and connections from inside the app at any time without deleting your entire account.
In addition to the protections described in Section 2:
You can manage in-app communication preferences in Settings → Notifications. iOS-level push notifications can be controlled at Settings → Notifications → Knot on your device. You may opt out of marketing emails at any time by following the unsubscribe link in any marketing email, or by emailing joinknot.app@gmail.com. Transactional communications (e.g. security alerts, payment receipts) are necessary to provide the Service and cannot be turned off without deleting your account.
Some browsers transmit "Do Not Track" or Global Privacy Control ("GPC") signals. We honour GPC as a valid opt-out of "sale" or "sharing" of Personal Information where required by applicable law. Because there is no industry consensus on Do Not Track, we currently do not respond to that signal.
If you are a California resident, you have additional rights under the CCPA/CPRA.
In the past 12 months, we have collected the following categories of Personal Information (as defined in Cal. Civ. Code § 1798.140):
We collect the above categories from the sources and for the purposes described in Sections 4 and 6 of this Policy. We disclose the above categories to the categories of recipients described in Section 8.
We do not "sell" Personal Information for money, and we do not "share" Personal Information for cross-context behavioural advertising as those terms are defined under the CCPA/CPRA. We do not knowingly sell or share Personal Information of consumers under 16.
We do not use or disclose sensitive Personal Information for purposes that require an opt-out right under the CPRA.
To submit a request, please email joinknot.app@gmail.com. Authorised agents may submit requests on your behalf with proof of authority.
If you reside in Virginia, Colorado, Connecticut, Utah, Texas, Oregon, or another U.S. state with a comprehensive privacy law, you may have additional rights similar to those described in Section 18, including the right to access, correct, delete, and obtain a portable copy of your Personal Information, and the right to opt out of targeted advertising, the sale of Personal Information, and certain profiling. To exercise these rights, contact us at joinknot.app@gmail.com.
In addition to Section 13, residents of the EEA, UK, and Switzerland have the right to:
Knot does not currently use solely automated decision-making, including profiling, that produces legal or similarly significant effects concerning you. We use automated systems to filter spam, abuse, and content that violates our Terms; you may request human review of any automated enforcement decision by emailing joinknot.app@gmail.com.
We may update this Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. If we make material changes, we will provide notice in the app and, where appropriate, by email, at least 7 days before they take effect. The "Last Updated" date at the top of this Policy indicates when it was last revised. Continued use of the Service after the effective date of the updated Policy constitutes your acceptance of the updated Policy.
Controller: Knot
General privacy inquiries, Data Protection Officer, and support: joinknot.app@gmail.com
Location: Singapore
If we are unable to resolve your complaint, you have the right to refer the matter to your local data-protection authority.