Back to sign up

IOQ Privacy Policy

Last updated: 19 March 2026

1. Overview

This Privacy Policy explains how IOQ collects, uses, shares, and protects your personal information when you use IOQ.

When this Privacy Policy changes materially, IOQ may ask you to review and accept the latest version before continuing to use the platform.

Your acceptance of this Privacy Policy applies to your account and to each enabled feature, module, workflow, tool, integration, or service interaction you choose to use in IOQ. That includes feature-specific processing needed to operate, secure, personalize, support, and audit those features.

2. What we collect

Depending on features you use, IOQ may collect:

  • Account data: name, email, phone (if used), profile photo/avatar, authentication identifiers (e.g., Google OAuth ID if you sign in with Google), hashed password (if password auth is enabled).
  • Session and device security data: session identifiers, device token/cookie identifiers, login timestamps, last-login metadata, last-seen timestamps, last activity timestamps, route/activity metadata, IP address, user agent, and session revocation status used to enforce account session controls and investigate suspicious use.
  • Usage & device data: app interactions (pages viewed, clicks, feature usage), device and browser info, IP address, log data, crash reports.
  • Location data (only if you allow it / feature requires it): approximate or precise location from your device, meetup locations you set inside IOQ.
  • Location recovery and lookup data: place search inputs, autocomplete selections, map/place identifiers, reverse-geocode responses, route/navigation intents, and approximate IP-based location results used to support location-enabled features.
  • User content: messages, posts, listings, images, and other content you submit.
  • Business promotion data (if enabled): ad drafts, published ad fields (headline/caption/audience/venue/CTA/price), uploaded promotional images, and selected contact preferences (WhatsApp, call, phone visibility).
  • Business linking data (if enabled): place identifiers/details, link status (for example Linked/Unverified or Verified), user-selected role metadata, and timestamped link history.
  • Promoter challenge data (if enabled): uploaded product images, optional voice recordings/transcripts, audio-level metrics, and AI-generated analysis outputs used to help creators improve ad quality.
  • Tier and quota usage data: current plan, monthly promotion allowances, analysis/transcription credit usage, and enforcement counters used to apply feature access rules.
  • Networking request data (if enabled): intent text, optional voice transcript edits, selected location/radius, venue preference, session mode (in-person/virtual), date/time preferences, optional group link state, selected social profile platform/link/visibility preference, and request-type specific structured payloads such as activation fields or assist/errand request details.
  • Community staffing and activation workflow data (if enabled): linked community event references, staffing request configuration, applicant decision states, shortlist/approval outcomes, dispatch-stage updates, and related cross-module identifiers used to keep reporting consistent.
  • Outfit review data (if enabled): outfit image uploads, captions, review reactions, related request references, and timestamps needed to operate staffing presentation review workflows.
  • Connection lifecycle data (if enabled): waves sent/received, profile access requests, approvals/rejections/revocations, and request status transitions used to enforce profile visibility rules.
  • Itinerary and favorites data (if enabled): saved itinerary plans, selected places, place references (including IDs/coordinates where available), itinerary save timestamps, and itinerary-related state used for planning workflows.
  • Referral data (if enabled): generated referral codes/links, referral copy/share interactions, referral status events, and anti-abuse monitoring signals for referral eligibility controls.
  • Notification data: in-app notification records (type, status, timestamps, related entity references, and read state).
  • Billing/subscription data (if enabled): selected tier, subscription status, billing history, payment references, and provider return payload metadata.
  • Report export and branding data (if enabled): report range selections, role scope, exported file metadata, branding pack fields (display name, logo, colors, links, contact fields), and last-used business export context for automated regeneration.
  • Audit records (if enabled): security and compliance event logs for sensitive actions such as business link/unlink, role changes, profile updates, and billing state actions.
  • Consent and settings: records of your acceptance of Terms/Privacy and your privacy-related preferences.

3. Why we collect it (purpose)

We use your information to:

  • Create and manage your account.
  • Authenticate you (including Google sign-in if enabled).
  • Enforce account session security rules (including active-device limits, session continuity checks, last-login tracking, app-activity alignment checks, and session revocation flows).
  • Provide core features (meetups, content, messaging, safety tooling).
  • Generate and manage networking requests, including nearby venue suggestions, request sharing, optional social profile visibility controls, activation/staffing extensions, and assist/errand coordination payloads.
  • Operate community-linked staffing, dispatch, attendance, and outfit review workflows where enabled.
  • Operate itinerary planning and favorites workflows, including save/review actions and planning engagement prompts.
  • Generate referral links/codes, process referral sharing interactions, and apply referral program safeguards.
  • Enable business profile flows and click-away ad workflows, including draft save/publish and contact-intent routing.
  • Run billing operations for paid plans, enforce quota limits, and manage subscription lifecycle states.
  • Measure feature performance (e.g., ad creation counts, lead events, WhatsApp/call click interactions) to improve product quality and reliability.
  • Drive notification and workflow continuity (for example unread counts, request review prompts, and status updates).
  • Improve performance, security, and user experience.
  • Prevent fraud/abuse and enforce our Terms.
  • Communicate service messages (security, important changes).
  • Troubleshoot location, mapping, billing, access, export, and integration failures, including maintaining logs and operational diagnostics.

Where you choose to use a specific feature, we may process the information reasonably necessary for that feature’s setup, permissions, matching logic, ranking, workflow state, user-to-user visibility controls, moderation, audit trail, billing, quota enforcement, export generation, fraud prevention, and support.

4. Legal basis (South Africa / POPIA-friendly wording)

We process information based on:

  • Your consent (e.g., location permission, marketing if applicable).
  • Performance of a contract (providing IOQ service).
  • Legitimate interests (security, fraud prevention, product improvement).
  • Legal obligations (where applicable).

5. How we share information

We may share data:

  • With service providers (hosting, analytics, messaging, email delivery, error monitoring) who process data under contract.
  • With infrastructure providers needed for core feature delivery (for example maps/place lookup providers, AI processing endpoints, and payment processors where enabled).
  • With other users, when you choose to post content or share details as part of a feature (e.g., meetup info you publish).
  • For legal and safety reasons, if required by law, court order, or to protect users, IOQ, and the public.

We do not sell your personal information.

Where a feature relies on an external provider, relevant data may be processed by that provider according to its own terms and privacy practices. Examples can include authentication providers, mapping/place data services, meeting-link providers, payment processors, and communication channels initiated at your request.

5A. Feature and integration consent

When you intentionally use a feature, submit content into a workflow, connect an external account, enable a permission, or trigger a third-party dependent action, you consent to the processing and data movement reasonably necessary to provide that feature.

  • Google and similar sign-in/integration flows may require us to receive account identifiers, profile details, and authorization tokens permitted by the provider.
  • Location, maps, nearby search, and venue suggestion features may require device location, destination inputs, coordinates, and provider lookup data.
  • Community, event, networking, staffing, assist/errand, and collaboration features may require us to store requests, approvals, participation records, linked entity references, and activity history.
  • Business, promotion, billing, and export features may require us to process payment references, quota events, linked business context, branding details, and contact-intent actions.
  • Voice, AI, transcript, and recommendation features may require content analysis, transcript generation, enhancement, ranking, matching, and explanation outputs.

If you do not want that feature-specific processing to occur, do not use that feature or disable the relevant permission where available.

6. Business contact controls (if enabled)

When you publish a business ad, you control whether buyers can engage by WhatsApp, call, or both. If phone visibility is turned off, IOQ may broker intent via predefined message flows instead of exposing your number publicly.

If you submit buyer contact details when expressing interest, you confirm you have permission to share that information for the intended contact purpose.

Where business linking is available, a linked business marked Unverified indicates user-asserted association only and does not represent confirmed ownership authority until official verification requirements are completed.

7. Location sharing and safety features

If you enable location-based features:

  • We may process location to provide the feature (e.g., meetup coordination, emergency sharing).
  • For networking and nearby discovery features, distance values and suggested venues depend on location permissions, provider data quality, and device/network conditions.
  • Location accuracy depends on device and permissions.
  • You can disable location permissions in your device settings (some features may stop working).
  • If precise device location is unavailable, IOQ may use approximate fallbacks such as selected place data or IP-based location estimates, which can be less accurate.

IOQ (I Own Quarters / IOQS) acts as a coordination and exposure tool. User approvals (for example waves/profile access approvals) and any resulting real-world interactions are controlled by users, not IOQ. IOQ does not supervise, manage, or guarantee outcomes of user-arranged meetings or interactions.

8. Voice transcripts and AI processing

Where voice and AI features are enabled, submitted audio/transcript content may be processed to provide transcription, enhancement, or personalization outputs. These features are optional and user-controlled.

For ad discovery and relevance experiences (for example “Why this is for you”), we may process promotion content and your profile/preferences to generate match explanations.

Do not include sensitive personal information unless necessary for your use case.

8A. Quota, feature gating, and upgrade prompts

To enforce tier rules and system fairness, IOQ may process action counters (for example searches, saves, waves, and related feature events) and show upgrade prompts when limits are reached.

These enforcement records are used for entitlement checks, abuse prevention, and service reliability, and are retained in line with our retention section.

When free itinerary credits are exhausted, IOQ may apply read-only/share-only state to itinerary controls until paid access is confirmed by the authoritative billing status.

IOQ may also temporarily relax feature gating or preload premium-style access for testing, rollout, or product evaluation purposes. During such periods, visible labels, prompts, or feature markers may remain in the interface even where enforcement is reduced or suspended.

8B. Report generation and branded export processing

When you generate a report, IOQ processes data needed to build the selected report scope (Explorer or Promoter), date range, and output format.

  • for promoter exports, IOQ may use your active or last-selected linked business context to align report content,
  • if branding is enabled, uploaded logo/contact details are used in generated report headers/footers,
  • export activity may be logged as audit metadata (for example role, format, range, branded state),
  • generated exports may be downloaded to your device, and handling/storage after download is your responsibility.

8C. Collaboration and shared itinerary data

Where itinerary collaboration is enabled, IOQ may process shared-plan membership, seat usage, review-stage status, and collaborator clone actions to operate the collaboration flow and preserve auditability.

Separate collaborator copies or cloned itinerary spaces may be stored as distinct itinerary records tied to the collaborator account.

9. Data retention

We keep personal data only as long as needed for:

  • Providing the service.
  • Legitimate business needs (security logs, dispute handling).
  • Compliance with law.

We may retain limited data after account deletion where required or justified (e.g., fraud prevention, legal obligations).

Operational records related to consent, billing events, request state transitions, and notification delivery/read state may be retained for compliance, fraud prevention, and platform reliability analysis.

Session and device-security records may be retained for account protection, abuse detection, auditability, and support review, including revoked/expired session history, last-login metadata, and app-activity-aligned session history where reasonably necessary.

Feature-level operational records may remain in backups, audit trails, or reconciliation systems for a reasonable period where required for security, fraud prevention, dispute handling, financial reporting, service integrity, or legal compliance.

9A. Cross-border processing

Some IOQ providers or infrastructure may process or store information outside South Africa. Where this occurs, IOQ takes reasonable steps to require appropriate safeguards consistent with applicable law and the provider relationship.

10. Security

We use reasonable technical and organizational measures to protect data (access controls, encryption where appropriate, secure authentication practices). No system is perfectly secure; you use IOQ at your own risk.

For clarity, data/privacy controls and account-level approvals do not eliminate real-world risk. After users choose to connect, communicate, or meet, users remain responsible for their own safety and decisions.

11. Your rights

Subject to applicable law, you may request to:

  • Access, correct, or delete your personal data.
  • Object to certain processing.
  • Withdraw consent (where processing is based on consent).

To make a privacy request, email office@ioqs.co.za.

12. Children

IOQ is not intended for children who are not legally allowed to consent to data processing in their jurisdiction. If you believe a child provided data, contact us.

13. Changes

We may update this policy. We’ll post the updated version and change the “Last updated” date. Material changes may be notified in-app or via email.

14. Contact

Privacy requests: office@ioqs.co.za.

I Own Quarters (IOQs), entertainment division of Reify Maxim Group (registration number 2025/223053/07).

Registered office: 2 Roos Street, Aquila Estate, Witkoppen Fourways, Johannesburg, Gauteng, 2068.

Parent company: Reify Maxim Group (Pty) Ltd.

Company reference page: IOQs / Reify Maxim.