Privacy Policy

Last updated: April 10, 2026

1. Who we are

EverySikh ("we", "us", "our") operates the everysikh.com website and the EverySikh mobile application (iOS and Android). EverySikh is operated by Eigen Studios Ltd, registered in England and Wales (Company No. 17140443). Our contact email is [email protected].

2. Data we collect

When you create an account and use EverySikh, we collect the following information.

Information you provide directly:

  • Name. Your first and last name, entered during onboarding and displayed on your profile.
  • Email address. Used to create your account, authenticate you, and send transactional communications.
  • Profile photo. An image you upload to represent yourself on the platform.
  • Biography. A short text description of yourself, visible to other users on your profile.
  • Skills and interests. Tags and free-text fields you add to your profile to describe your professional background and areas of focus.
  • LinkedIn profile URL. Optionally provided by you so we can enrich your profile with publicly available LinkedIn data.
  • City. A typed city name you enter during onboarding. This is a text label, not a GPS coordinate.
  • Messages. The content of direct messages you send to other users, and messages sent within group conversations.
  • Connection activity. Records of connection requests you send and receive, and your connection status with other users.

Information we collect automatically:

  • User ID. A unique identifier assigned to your account at creation, used internally to manage your data.
  • Push notification token. A device token generated by Expo, Apple APNs, or Google FCM to deliver push notifications to your device.
  • In-app interactions. Actions you take within the app, including profile views, swipes, and connection requests. Used to personalise your feed and recommendations.
  • Session data. Information about your active sessions used to keep you logged in securely.

3. How we use your data

  • Providing the service. Your name, photo, bio, skills, and city populate your profile and make you discoverable to other users in the community. Your email and user ID authenticate your account and maintain your session.
  • Messaging. Messages you send are stored and delivered to the intended recipients. We do not read, sell, or otherwise use the content of your messages for advertising or profiling.
  • Feed and recommendations. Your interaction data (swipes, connections, profile views) is used to rank and personalise the people shown to you in the main feed. This processing happens within EverySikh and is not shared with third parties for advertising purposes.
  • LinkedIn enrichment. If you provide a LinkedIn URL, we pass it to ScrapingDog to retrieve publicly available information from your LinkedIn profile. This enriched data is stored against your profile and displayed to other users. You can remove your LinkedIn URL at any time from your profile settings.
  • Push notifications. Your push token is used to send you notifications about new connections, messages, and platform activity. You can disable notifications at any time from your device settings or from within the app.
  • Transactional emails. Your email address is used to send account-related communications such as welcome emails and digest notifications. We use Brevo to deliver these emails.
  • Safety and compliance. We use account information to enforce our Terms of Service and Community Guidelines, investigate reported content, and respond to lawful requests from law enforcement.

We do not sell your personal data. We do not use your data to serve third-party advertising.

4. Legal basis for processing

We process your personal data based on your consent (when you sign up and use the app), our legitimate interest in operating and improving the platform, and to perform our contract with you as a user of the service.

5. Third-party services

EverySikh uses the following third-party services, each of which may process a subset of your personal data.

Supabase

Provides our database infrastructure and authentication system. Your account data, profile information, messages, and connection records are stored in a Supabase-hosted PostgreSQL database. Data is stored in EU-based infrastructure.

Expo Push Notification Service / Apple APNs / Google FCM

When you enable push notifications, your device push token is registered with Expo's push notification service, which forwards notification payloads to Apple's APNs (iOS) or Google's FCM (Android). Expo does not retain message content beyond the delivery attempt.

Brevo (formerly Sendinblue)

We use Brevo to deliver transactional emails. When we send you an email, your email address and the content of that email are processed by Brevo. Brevo is GDPR-compliant and processes data under a data processing agreement with us.

ScrapingDog

If you provide a LinkedIn profile URL, we send that URL to ScrapingDog to retrieve publicly available data from the corresponding LinkedIn profile. Only the URL you supply is shared with ScrapingDog. ScrapingDog does not receive your name, email, or any other personal data.

6. Data storage and security

Your data is stored securely on servers operated by Supabase (AWS eu-west-2, London). We use encrypted connections (TLS) for all data transmission. Access to production databases is restricted to authorised personnel only.

7. Data retention

We retain your personal data for as long as your account is active.

If you delete your account, your data enters a 30-day grace period during which the deletion can be reversed by contacting [email protected]. After 30 days, all data associated with your account — including your profile, messages, connections, and interaction history — is permanently and irreversibly deleted. Anonymised, aggregated statistics (e.g. total registered users) may be retained indefinitely as they cannot identify any individual.

8. How to delete your account

You can request deletion of your account and all associated data in two ways.

From within the app: Go to Settings, then Account, then Delete Account. Follow the confirmation prompts. Your data will be permanently deleted after the 30-day grace period.

Via the web: Visit everysikh.com/delete-account and complete the deletion request form.

If you have difficulty deleting your account through either method, contact [email protected] and we will process the deletion manually within 7 days.

9. Your rights

Under UK GDPR, you have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate personal data
  • Request deletion of your personal data
  • Object to or restrict processing of your data
  • Data portability
  • Withdraw consent at any time

To exercise any of these rights, email us at [email protected].

10. Children

Our services are intended for users aged 13 and over. We do not knowingly collect personal data from children under 13. If you believe a child under 13 has created an account, contact us at [email protected] and we will delete the account immediately.

11. Cookies

Our website uses essential cookies only for session management. We do not use tracking cookies or third-party advertising cookies.

12. Changes to this policy

We may update this policy from time to time. We will notify you of significant changes by email or through the app. Continued use of our services after changes constitutes acceptance of the updated policy.

13. Contact

For questions about this privacy policy or your personal data: [email protected]

For child safety concerns specifically: [email protected]