This Privacy Policy explains how The SoCiety, Inc. DBA COLOR (“COLOR,” “we,” “us”) collects, uses, discloses, and protects information when you use the COLOR service.

By using COLOR, you confirm that you are 21 years of age or older.

1) Key Points

• COLOR is a 21+ service.
• We collect data to operate check-in, rewards, ticketing, and experiences.
• We do not sell personal information.
• We do not share personal information for cross-context behavioral advertising.
• We disclose certain user-level data to venues when you check in or use venue features.

2) Information We Collect

2.1 Account and Identity Data

• Name, email address, phone number
• Profile photo (optional)
• Account identifiers and authentication tokens
• Social login data if you choose Apple or other supported login methods

2.2 Optional Sensitive Demographics

Optional Sensitive Demographics (Optional): With your explicit consent, we may collect optional profile fields such as gender identity and sexual orientation. This information is optional, can be removed at any time in-app, and is used only for personalization and user experience features you enable. We do not use this information to serve third-party ads, and we do not sell it.

2.3 Verification Data

• Verification result only, such as a “21+ verified” status and verification timestamp.
• We do not store ID images or full ID scan contents in our primary systems when verification is complete.

2.4 Usage, Device, and Diagnostics Data

• Device type, operating system, IP address, browser type
• App usage events (feature interactions, taps, screens)
• Crash logs and diagnostics (to improve stability)

2.5 Location and Camera (Permission-Based)

• Approximate or precise location if you grant permission (for venue discovery and check-in features)
• Camera access if you grant permission (for check-in workflows)

2.6 Payments and Transaction Data

• Purchases, tickets, reservations, redemptions, refunds, and optional Venue Service Tips
• We use third-party payment processors (for example Stripe) to process transactions.
• We do not store full payment card numbers, CVV codes, or full expiration dates.
• We may store limited payment metadata such as card brand, last four digits, payment method type, and transaction identifiers for display, receipts, fraud prevention, accounting, and customer support.
• Apple Pay transactions are processed through Apple and our payment processor.
• Payment processors may store and process your payment information under their own privacy policies.

2.7 Venue and Event Data

• Check-in timestamps and eligibility
• Rewards accrual and redemption activity
• Event participation metadata
  2.8 Venue Check-In and Ticket Scanning
• COLOR provides a venue scanning tool used by authorized venue staff to scan tickets, reservations, or check-in codes displayed in the COLOR app.
• When a scan occurs, the system may process limited information necessary to validate entry and operate venue features, including:

• display name
• profile photo (if present)
• verification status (for example “21+ verified”)
• event or venue identifier
• check-in timestamp
• reward or redemption eligibility status

• This information is used solely to:
• • validate tickets, reservations, or check-ins
  • operate venue entry and reward redemption workflows
  • prevent fraud, duplicate check-ins, and misuse of tickets
  • maintain event and venue attendance records
• The scanning system is operated directly by COLOR and is not provided by a third-party scanning service.
• Venues only see the information necessary to complete the check-in or validation process.

3) How We Use Information

We use information to:

• Provide and operate the Service, including check-in, rewards, and experiences
• Verify eligibility and prevent fraud
• Process transactions and provide customer support
• Personalize recommendations, matching, and venue suggestions
• Maintain safety and integrity of the platform
• Perform analytics and improve performance using de-identified or aggregated methods where practical
• Detect fraud, prevent chargeback abuse, and enforce payment-related terms.

4) What We Disclose and to Whom

4.1 Disclosures to Venues at Scan Time

When you check in or use venue entry features, we disclose user-level data to the venue to operate the experience. Venues may see:

• Name
• Profile photo
• Verified status flag (example: “21+ verified”)
• Check-in timestamp
• Redemption eligibility (and redemption status where relevant)

4.2 Venue Data Use

Venues receive this data to deliver entry, check-in, rewards, and event operations. Venues are separate businesses and are responsible for their own handling of data they receive, subject to applicable law and any contractual restrictions we impose.

4.3 Disclosures to Service Providers

We use trusted vendors to operate the Service (for example Firebase, MongoDB Atlas, Stripe, and verification providers). Your current policy already lists these categories of vendors.

Color_Privacy_Policy_Final_2025…

We require service providers to process data on our behalf and for our instructions.

4.4 Legal and Safety Disclosures

We may disclose information to comply with law, respond to legal requests, protect rights and safety, and prevent fraud.

4.5 Business Transfers

If we undergo a merger, acquisition, bankruptcy, or sale of assets, information may be transferred as part of that transaction.

5) “Do Not Sell” and “Do Not Share” (CPRA Language)

5.1 We Do Not Sell Personal Information

Under California law, “sell” can include disclosing personal information to a third party for monetary or other valuable consideration. Justia
COLOR does not sell personal information.

5.2 We Do Not Share Personal Information for Cross-Context Behavioral Advertising

California law defines “share” as disclosure for cross-context behavioral advertising, whether or not for money. Justia
COLOR does not share personal information for cross-context behavioral advertising.

6) Data Retention

We keep information only as long as reasonably necessary for the purposes described:

• Account and profile data: retained until you delete your account.
• Verification result: retained until account deletion, then deleted.
• Check-in and rewards logs: retained in identifiable form for operations and fraud prevention, then anonymized after a defined period (example: 6 months) unless longer retention is required by law.
• Transaction records: retained as required for financial, tax, and compliance purposes.
• Limited payment metadata (such as last four digits and card brand) may be retained for fraud prevention, dispute resolution, and accounting purposes.

7) Security

We use reasonable administrative, technical, and physical safeguards, including encryption in transit (TLS) and secure payment processing via PCI-compliant partners.

8) Your Rights and Choices

Depending on your location, you may have rights to:

• Access and receive a copy of your data
• Delete your data
• Correct inaccurate data
• Export (port) your data
• Withdraw consent for optional demographic data at any time

For California residents, the Attorney General explains that “sharing” refers to sharing for cross-context behavioral advertising, and consumers have rights to opt out in applicable cases. California DOJ

To exercise rights: privacy@thecolor.app

9) Children and Age-Restricted Service

COLOR is intended only for users 21 and older. We do not knowingly collect data from users under 21. If we learn a user is under 21, we will take action including account termination and deletion consistent with this Policy.

10) International Transfers

If you access the Service from outside the United States, your information may be processed in the United States and other countries where our service providers operate.

11) Changes to This Policy

We may update this Policy periodically. If changes are material, we will provide notice in-app or by other reasonable means.

12) Contact
Support: support@thecolor.app
Company: The SoCiety, Inc. (San Francisco, California)