Locco Privacy Policy

Last updated May 23, 2026

This policy explains how Locco handles information for visit logging, check-ins, Foodprint, Memories, Challenges, social features, notifications, sharing, and profile settings in the current app.

Who operates Locco

Locco is operated by the Locco app operator. If a company or LLC later becomes the operator, this policy will be updated to identify that entity.

For privacy requests, account questions, legal notices, or abuse reports, contact [email protected].

Information Locco collects

• Account and profile information. This may include your email address (when provided by your sign-in provider), authentication provider, display name, profile bio, avatar, profile visibility settings, theme preference, and account settings.
• Visits, check-ins, and memories. Locco stores the visits you create, including spot names, selected categories, dates, captions, personal visit ratings, tagged people, likes, bookmarks, check-in status, badge progress, challenge progress, and visibility choices.
• Photos and media. If you take or import photos, Locco may process the image, upload it, cache it, rotate it, group imported photos into draft visits, and read available photo metadata such as capture time and location when your device provides it. Locco also supports check-ins without photos.
• Location and place information. With your permission, Locco may use your current location for nearby spots, no-photo check-ins, regional discovery, distance labels, Foodprint maps, and Challenges. Locco may also use photo GPS metadata, manually selected places, Google Places matches, reverse-geocoded addresses, city, region, country, and map region data.
• Social activity. Locco stores follows, followers, friend activity, tagged visits, invite links, profile links, blocks, reports, notifications, and other moderation signals needed to run social features.
• Generated sharing content. When you share a Foodprint, badge, Challenge, invite, or profile link, Locco may generate an image or message using your profile, Foodprint, badge, visit, challenge, and link information.
• Technical information. Locco may process session tokens, upload metadata, local cache records, app performance logs, error logs, device/platform information, and network request metadata needed for security, debugging, sync, and reliability.

Sensitive data and permissions

Precise location, photo metadata, photos, social graph information, and profile details may be sensitive. Locco uses them only for app features you choose to use, such as nearby discovery, no-photo check-ins, Foodprint, Memories, Challenges, and sharing.

Camera, photo library, and location permissions are requested through your device. You can deny or revoke permissions in device settings, but some features may become unavailable or require manual input.

Locco is not designed to collect health, financial, government ID, biometric, or children's data. Do not upload private or sensitive information that you do not want processed by the app.

How Locco uses data

Locco uses information to create and secure your account, keep you signed in, sync your visits across devices, and show your profile.

Locco uses information to log visits and check-ins, upload and display photos, resolve places, search nearby spots, calculate distance, create Memories, unlock badges, track Challenge progress, build your Foodprint, and personalize Today, Local, Friends, Foodprint, Me, and detail pages.

Locco uses information to support follows, friend feeds, likes, bookmarks, blocks, reports, notifications, invite links, profile links, and share sheets.

Locco also uses information to cache data locally for performance, troubleshoot bugs, measure app performance, prevent abuse, protect users, maintain backups, and comply with legal, platform, or App Store requirements.

Sharing and visibility

Your public profile information, public visits, public Foodprint details, public badges, and shared links may be visible to other Locco users or to people who receive a link from you.

Friends-only or private content is shown according to the app's visibility rules. Some records, such as no-photo check-ins, may be excluded from public discovery surfaces depending on the app logic.

If you tag another person, Locco may show that tag to them and may create an invite flow if they are not yet a Locco user. If you block someone, Locco uses that block to filter feeds and interactions.

Reports may include the reported visit, reported user, reporter, reason, timestamps, and related context needed to investigate abuse or safety issues.

When you use the system share sheet, Instagram Story, LINE, Messages, or other external destinations, the content you choose to share is handled by those external apps according to their own policies.

Third-party services

Locco uses Supabase for authentication, database, and backend services. Locco uses Cloudflare R2 or compatible object storage for uploaded photos and generated media. Locco uses Google Places for spot search, place details, addresses, categories, and nearby place matching. Locco uses Apple or Google authentication when you choose those sign-in methods.

Locco uses map and region data to render Foodprint, nearby experiences, and Challenges. Platform services such as the camera, photo library, location permission, share sheet, and system UI features may be provided by Apple, Google, Expo, or your device operating system.

Sale of personal information and ads

Locco does not currently sell personal information and does not currently run third-party behavioral advertising.

If Locco later adds ads, analytics partners, or data sharing that materially changes this policy, the policy and app disclosures should be updated before that change is used.

Your controls

You can edit your profile, change visibility settings for posts, likes, and bookmarks, create or delete visits, remove draft photos, block or unblock users, report content, delete your account, and sign out from the app.

You can manage camera, photo library, and location permissions in your device settings. If you deny a permission, some features may not work or may require manual input.

Deleting a visit is intended to remove the database record and associated uploaded photos from object storage when cleanup succeeds. Backups, logs, cached copies, or moderation records may remain for a limited period where needed for safety, debugging, legal compliance, or service operation.

Deleting your account in Settings is intended to permanently remove your profile, visits, check-ins, photos, and social activity from Locco. Some backups, logs, moderation records, or legal records may remain for a limited period where needed for safety, debugging, legal compliance, or service operation.

Privacy rights and requests

Depending on where you live, you may have rights to access, correct, delete, export, restrict, or object to certain processing of your personal information.

You can make privacy requests through Settings where available or by emailing [email protected]. Locco may need to verify your account before completing a request.

Some information may be retained when reasonably necessary for security, fraud prevention, legal compliance, backups, dispute handling, or moderation records.

Security and international processing

Locco uses technical and organizational safeguards such as authentication, access controls, storage rules, cache limits, and deletion flows, but no app or internet service can guarantee perfect security.

Your information may be processed in countries where Locco or its service providers operate. Those countries may have different data protection laws from your home country.

Retention, children, changes, and contact

Locco keeps account and content data while your account is active or while needed for backups, safety, debugging, legal compliance, analytics, moderation, or service operation.

Locco is not intended for children under 13, and you should not create an account if you are under 13.

Locco may update this policy as the app changes. Material changes should be reflected in the app or on the policy page.

Questions, privacy requests, account issues, or abuse reports: [email protected]