Privacy Policy — My Friends Who Always Know What to Watch

Effective: May 10, 2026

Last updated: May 11, 2026

This policy describes what information My Friends Who Always Know What to Watch ("the App", "we", "us") collects, why, and how it's used. The App is operated by Greg Silverman.

If you have questions, email gregsilverman1@me.com.

TL;DR

• We collect the data needed to give you personalized show/movie recommendations: your taste preferences, lists (Watchlist / Watched / Loved / Hated), friends you connect with, and titles you broadcast via "Tell the World."
• We do not track you across other apps or websites.
• We do not sell or rent your data to third parties.
• You can delete your account and all associated data at any time from the Profile screen.

1. What we collect

1.1 Account information

• Username (a handle you choose)
• PIN (stored only as a one-way hash on the server; never readable in plaintext)
• A session token issued by our server when you sign in, stored in your device's Keychain so you stay signed in across launches

1.2 Taste & list data

• Your taste preferences: streaming-service selections, favorite films and TV shows, hard-avoid keywords, format and recency preferences
• The lists you maintain in the App: Watchlist, Watched, Loved, Hated
• Reactions you apply to recommendation cards — used to refine future recommendations
• Search queries you type are sent to our server to look up matching titles; we don't link them to your account in our analytics

1.3 Social data

• Friends you add via username — stored as edges in our friendship graph
• Groups you create or join, plus their member lists
• Broadcasts ("Tell the World!") — when you mark a title as a broadcast, the title and timestamp are recorded so your friends can see your recommendation. You can retract a broadcast at any time.

1.4 Behavioral telemetry

• Card impressions (which titles you were shown), swipes, and reactions are logged so we can improve the recommendation algorithm and show you fewer titles you've already seen.

1.5 What we do not collect

• Your real name, address, phone number, email, or other contact details
• Your viewing activity from streaming services
• Your location, contacts, photos, or any other device permissions
• Cross-app or cross-website tracking identifiers (e.g., IDFA)

2. How we use the data

We use what you provide to:

• Generate personalized recommendations on the Discovery feed
• Surface the lists, friends, and groups you've explicitly created
• Match titles you broadcast to your friends' recommendation queues
• Provide search results when you query our catalog or TMDB

We do not use your data for advertising, cross-app tracking, or sale to third parties.

3. Third-party services

The App calls these external services:

• TMDB (The Movie Database) — to fetch poster images, titles, overviews, and watch-availability metadata. Calls go through our server-side proxy; TMDB does not see any identifier tied to your account.
• Anthropic — when you search a fuzzy query (e.g., "the show with doctors in pittsburgh"), our server may use Anthropic's API to interpret the intent. Your query is sent to Anthropic for that lookup but is not linked to your account.
• Supabase — hosts the database where your account, lists, friends, and broadcasts live.
• Fly.io — hosts the application server that handles your API requests.

These services have their own privacy policies, available at their respective websites.

4. Data retention

• Account data persists until you delete your account from the Profile screen, at which point it is soft-deleted immediately and permanently removed within 7 days.
• Local on-device data (Keychain, UserDefaults) is removed when you uninstall the App or sign out.

5. Your rights

You have the right to:

• Access the data we hold about you. Email us and we'll send you a copy.
• Delete your account and all associated data. Open the App → Profile → "Delete Account."
• Correct inaccurate data. Most fields are directly editable in the App; for anything that isn't, email us.
• Stop using the App at any time. Sign out or uninstall — no further data is collected after that.

If you live in California, the EU, or another jurisdiction with specific data-protection rights (CCPA, GDPR, etc.), those rights apply to you here as well. Email us to exercise them.

6. Children

The App is not directed at children under 13. We do not knowingly collect data from children under 13. If you believe a child has provided us with information, contact us and we'll delete it.

7. Security

We use industry-standard practices:

• PINs are stored as one-way hashes (bcrypt or scrypt) on our server; never plaintext
• Server-side data is held in a Postgres database with restricted access
• All network traffic between the App and our server is encrypted via HTTPS
• Session tokens are stored in the iOS Keychain on your device

No system is perfectly secure. If you have reason to believe your account has been compromised, change your PIN immediately and email us.

8. Changes to this policy

We may update this policy from time to time. Material changes will be announced via an in-app notice on the next launch. The "Last updated" date at the top of this document always reflects the current version.

9. Contact

Email: gregsilverman1@me.com

App: My Friends Who Always Know What to Watch

Operator: Greg Silverman