Privacy Policy

Identity & Authentication — required

• –Email and display name. Used to create your account and identify you to other users.
• –OAuth tokens. If you sign in with Google, GitHub, or LinkedIn, we store access and refresh tokens to maintain your linked account. We request only the scopes necessary for authentication.
• –Session data. IP address and browser user agent are recorded when a session is created. Sessions expire after 7 days and are refreshed on activity.
• –One-time passwords. 6-digit codes sent to your email for passwordless sign-in. Codes expire after 5 minutes and are deleted upon use or expiry.

Profile Information — voluntary

• –Professional details. Handle, headline, bio, website, avatar, and cover photo. You control what you fill in and what remains empty.
• –Career history. Experience, education, skills, certifications, projects, volunteering, honors, and languages. All fields are optional.
• –Location. A text location you enter, plus latitude and longitude coordinates resolved via the Komoot Photon geocoding service (open-source, no user identifiers transmitted). Used for display and job location matching.

Social Graph — user-initiated

• –Connections. Mutual connections with status tracking (pending, accepted, or blocked). You control who you connect with.
• –Follows. One-way follows that do not require the other person's approval.

Posts & Content — user-created

• –Your posts. Text, media, visibility setting (public, connections-only, or private), articles, polls, and events.
• –Interactions. Comments, reactions (like, insightful, celebrate, support), bookmarks, and reposts.

Feed Behavioral Data — automatic

• –Feed events. Impressions, clicks, likes, comments, shares, saves, hides, and mutes. These signals help us rank your feed and detect low-quality content.
• –Dwell time. How long you view a post, bucketed into ranges (under 2 seconds, 2–5s, 5–15s, 15–30s, over 30s). We never store raw millisecond values — bucketing prevents us from optimizing for raw attention time.
• –Feed position and mode. Which position a post appeared in and whether your feed was in ranked or chronological mode. Used for position bias correction in ranking.

This data is used for feed quality, not advertising. We have no ads.

Messaging — opt-in

• –Conversations are created only between mutual connections. Message content, media attachments, and read receipts (configurable — off by default) are stored.
• –We do not scan message content for advertising, profiling, or any purpose other than delivery and moderation when reported.

Jobs — user-initiated

• –Job listings you post (salary range is always required — transparency by design), saved jobs, and applications you submit with their status.

Notifications & Push — configurable

• –Device push tokens (iOS or Android) and per-type notification preferences (email and in-app, independently toggled). You control which notifications you receive.

Moderation — user-initiated

• –Reports you file against content or users, posts you hide, and authors you mute. Used to enforce community standards and improve your experience.

Global Minimum

You must be at least 13 years old to create a Better In account.

Brazil — Lei 15.211/2025, ECA Digital

Brazil's ECA Digital (Estatuto da Criança e do Adolescente Digital) requires platforms to protect children (under 12) and adolescents (12–17). The law mandates high-privacy defaults, compulsive-use prevention, and parental oversight. Better In complies as follows:

• –Compulsive-use prevention (Art. 8 IV, Art. 17 § 4 II). Default settings avoid features that artificially extend usage. Automatic media playback is disabled, notifications are limited, and time-based reward mechanics are not used.
• –Recommendation controls (Art. 17 § 4 V). Personalized feed ranking is off by default for minors. The feed defaults to chronological mode, with personalization available only through parental controls.
• –Geolocation restricted (Art. 17 § 4 VI). Location sharing is disabled by default for minor accounts.
• –No behavioral profiling (Art. 22, Art. 26). We do not create behavioral profiles of minors for advertising or content targeting.
• –No dark patterns (Art. 18 § 2). Interfaces must not compromise user autonomy or decision-making. We do not design features that manipulate minors into weakening their own protections.
• –Parental account linking (Art. 24). Accounts for users under 16 must be linked to a parent or legal guardian's account.
• –Age verification (Art. 10–14). Age is self-declared at registration and verified progressively via Kids Web Services (KWS), a third-party platform by Epic Games. In Brazil, KWS verifies age via CPF against the Serpro government database. KWS does not retain personal information after verification.

EU/EEA — GDPR Article 8

• –Users under 16 (or the applicable member state minimum, which may be as low as 13) require verifiable parental consent for data processing before account activation.
• –All AI/ML consent toggles default to off — this is already our global default.
• –Full data rights (erasure, portability, access) are supported as required by GDPR Articles 15–22.
• –Legal bases for processing: consent (AI features), legitimate interest (core platform functionality), and contract (account operation).

United States — COPPA (Under 13)

Users under 13 are not permitted to register. We do not knowingly collect personal information from children under 13. If we become aware that a user is under 13, the account will be terminated and all associated data deleted.

United Kingdom — Age Appropriate Design Code (Under 18)

• –High privacy by default: geolocation off, profiling off, AI consent off, feed defaults to chronological mode.
• –No nudge techniques, engagement-maximizing design, or reward-based retention mechanics.
• –Data minimization: we collect only the data necessary to provide the service to minor users.