dibs.

Privacy, plainly.

Last updated: July 3, 2026

dibs helps your group pick where to go and split what you spent. To do that it needs some of your data. This page says what we collect, what we do with it, and what we never do. No legal fog, no burying the important parts.

The short version

What we collect

Your account. Email address, name, and a handle. Sign-in runs through our infrastructure provider (Supabase); if you sign in with Google, Google shares your name and email with us. Birthday is optional.

Your profile and taste. Dietary preferences and restrictions you set, your taste answers, saved places, ratings, tags, and vibes. Payment handles (your Venmo, Cash App, or Zelle username) are stored so friends can pay you; they're usernames only, never bank or card details.

Your sessions. Plans and splits you join: votes, suggestions, RSVPs, and the items and amounts someone types into a split. Everyone in a session sees that session's content; that's the product.

Your visits. dibs keeps a private record of places it thinks you went, inferred from your plans and splits, so it can ask "did you make it?" and get smarter. Visits are private to you.

Photos. Photos you upload attach to a place and are visible to other dibs users looking at that place. You can delete your photos; anyone can report one.

Location. Approximate location, only while you're using the app, to find places near you. We don't track location in the background.

Device and usage data. Product analytics through PostHog (tied to a random ID, not your name; typed inputs are masked), crash reports through Sentry, and a push token if you turn on notifications.

How we use it

What we never do

Who sees your data

Your crew. People in a session with you see your display name, avatar, RSVP, and the session's shared content. Vote results show after the reveal.

Service providers. Companies that run infrastructure for us, under their own contracts and only to provide their service: Supabase (database, auth, storage), Vercel (web hosting), Google Maps Platform (place data, photos, and maps), PostHog (analytics), Sentry (crash reporting), and Expo/Google/Apple (push notifications).

Legal. If the law genuinely requires it, we may have to disclose data. We'll resist overbroad requests.

Your controls

Retention and security

We keep data while your account is active and for a short period after deletion for backups. Data is protected in transit and at rest, and access inside the database is enforced per row: sessions are readable only by their members, your private data only by you.

Age

dibs is for planning nights out and is not directed at anyone under 18. Don't use dibs if you're under 18; if we learn we hold a minor's data, we'll delete it.

Changes

If this policy changes in a way that matters, we'll say so in the app before it takes effect, not just quietly edit this page.

Contact

Questions, requests, deletions: justin.m.urena@gmail.com.