Help Centre / Privacy & Your Data

Privacy & Your Data

CruiseCtrl is built in the EU and privacy is a core part of what we do — not an afterthought. This page explains what data we collect, why, and the controls you have over it. It also sets out your legal rights as a user under the General Data Protection Regulation (GDPR). If you want the full legal text, see our Privacy Policy.

1. Who we are

CruiseCtrl is operated by Relay Labs Limited, a company incorporated in Ireland (EU). Our registered address is 35 Lower Sherrard Street, Dublin 1, Ireland, D01 V292. As an EU-based controller, we are bound by GDPR and the Irish Data Protection Acts.

Our Data Protection Officer (DPO) can be contacted at dpo@cruisectrl.eu. The DPO is an independent point of contact for any question about how we handle your data — including escalating a concern that you don't feel has been resolved through normal support channels.

2. Your rights under GDPR

As a user in the EU, EEA, or UK (under UK GDPR), you have the following rights. You can exercise most of them directly in the app under Settings → Your Data. For anything you can't do in-app, email privacy@cruisectrl.eu.

• Right of access — you can ask for a copy of all personal data we hold about you. In-app: Settings → Your Data → Export. By email: privacy@cruisectrl.eu. We must respond within one month (usually much faster).
• Right to rectification — if any personal data we hold is inaccurate or incomplete, you can correct it. Most profile information can be edited directly in Settings → Profile. For account-level data (e.g. email address), go to Settings → Account.
• Right to erasure ("right to be forgotten") — you can ask us to delete your account and all associated personal data. In-app: Settings → Danger Zone → Delete Account. See section 11 below for what this covers and any exceptions.
• Right to restrict processing — if you contest the accuracy of your data, or object to how we're processing it, you can ask us to pause processing while the matter is resolved. Email privacy@cruisectrl.eu to make this request.
• Right to data portability — you can receive your data in a structured, machine-readable format (JSON). In-app: Settings → Your Data → Export. This covers your profile, settings, check-in history, and related account data.
• Right to object — you can object to processing based on legitimate interests. Given that most of our processing is based on your explicit consent or contract performance, this right mainly applies to any analytics we run. Email privacy@cruisectrl.eu to object.
• Right to withdraw consent — where we rely on your consent to process data (e.g. special-category data like sexuality and health information), you can withdraw that consent at any time without affecting the lawfulness of processing before the withdrawal. Withdrawing consent for a core data field may reduce your ability to use certain features.

If you're not satisfied with how we've handled a request, you have the right to complain to the Irish Data Protection Commission (DPC), our lead supervisory authority under GDPR: dataprotection.ie. If you're in another EU member state, you can also raise a complaint with your national DPA, who will coordinate with the Irish DPC as needed.

3. What we collect and why

We collect personal data only to provide and improve the CruiseCtrl service. We do not build advertising profiles, and we never sell your data — not to data brokers, advertisers, or anyone else.

Account and profile data

• Your email address (required for account creation and communication).
• Your display name, age, pronouns, gender, and bio (required to create a profile).
• Profile photos you upload (stored securely on our EU infrastructure).
• Optional profile fields: body type, sexuality, position, stats, health information, and other fields you choose to fill in.

Location data

Location is used to power the Radar (nearby users map and grid) and check-in features. You control the precision — see section 5 below. We do not store a continuous location history; we update your approximate position when you are active in the app and checked in.

Usage data

We collect basic usage information (screens visited, features used, session timestamps) to help us understand how the app is working and to diagnose technical problems. This is not used for advertising targeting.

Messages

Your chat messages are processed to deliver them to the recipient. They are not used for advertising or profiling. Messages expire after 24 hours by default (see section 7). We do not read your messages as a matter of routine; moderation is triggered by user reports.

Pulse posts

Pulse posts are short public posts visible to nearby users. They expire after one hour. We store a brief record for moderation purposes, then delete the content.

4. Special-category data

Under GDPR Article 9, certain categories of personal data receive extra protection because of the sensitivity of the information and the potential for harm if it were misused. On CruiseCtrl, this includes your sexual orientation, gender identity, and health information.

We process this special-category data only on the basis of your explicit consent, given when you choose to enter these details into your profile. You can withdraw this consent at any time by removing the information or toggling the relevant field off.

Importantly:

• Your sexuality and orientation are hidden on your profile by default. You must actively choose to make them visible to other users.
• Health-related fields (HIV status, PrEP use, last tested date) are also hidden by default.
• This data is never used for advertising, never shared with third parties for commercial purposes, and is deleted when you delete your account.

5. Presence and location controls

You have granular control over how — and whether — other users can see you and where you are.

• Active status — Settings → Share Active Status. Choose between: Active (shows a green dot when you're in the app), Last seen (shows a relative time like "30 min ago"), or Off (no presence information visible to anyone).
• Map precision — Settings → Map Precision. Options: Precise (within metres, useful for cruising contexts), Approximate (within a few hundred metres), or Area (your neighbourhood or district only). You can change this at any time.
• Ghost Mode — Settings → Ghost Mode. When Ghost Mode is on, you are completely hidden from the Radar, the map, and the discover grid. You can still browse and message — you just won't appear to anyone else. Ghost Mode is free for all users. CruiseCtrl+ Travel Mode also works while Ghost Mode is active.
• Check-in expiry — you only appear on the Radar while you have an active check-in. Once your check-in duration expires, you automatically disappear. There is no passive location tracking between sessions.

6. Age verification data

Every new user must pass an age-assurance check before accessing the app. Here is exactly what happens to that data:

1. You submit a selfie via the in-app prompt.
2. The image is sent to Sightengine (our age-estimation processor, EU-compliant) for automated age estimation. Sightengine does not identify you — it only estimates whether you appear to be 18 or older.
3. Sightengine deletes the image immediately after processing. If the check goes to human review (see below), Sightengine retains it for the review period only.
4. CruiseCtrl does not retain the selfie photo. We store only: a boolean flag confirming you passed, the date of the check, and which review method was used (automated or human).
5. If the automated check is uncertain, a member of our safety team reviews the image. This typically takes a few hours and up to 24 hours at most. The image is deleted after the review concludes.
6. If you delete your account, the pass flag and date are deleted within 30 days (we may retain a minimal safety record if your account was involved in an abuse or law enforcement matter).

For full legal and technical detail, see our Age Assurance statement.

7. Messages and chat expiry

Chat messages on CruiseCtrl expire after 24 hours by default. This is a deliberate privacy feature, not a technical limitation — it means your conversations don't build up into a long-term record that could be exposed in a data breach or misused.

If both you and the person you're chatting with agree to keep a conversation, you can tap Keep in the chat thread to stop it expiring. This requires mutual consent — you can't force someone else's messages to be kept.

Messages are not read by us for advertising or profiling. Our moderation team can access reported messages when a report is submitted, for the purpose of investigating that report only.

8. Cookies and tracking

CruiseCtrl uses only essential storage by default — the minimum needed to keep you logged in and the app functioning. We do not use third-party advertising trackers or cross-site tracking cookies.

The cookie banner you saw when you first visited our website or app allows you to make choices about any non-essential cookies (such as basic analytics). You can revisit these choices at any time in Settings → Privacy → Cookie Preferences, or by clearing your browser/app data.

For the full list of what we use and why, see our Cookies Policy.

9. Sub-processors and third parties

We use a small number of carefully chosen third-party processors to run our infrastructure. Every processor is bound by a data processing agreement and may only use your data to provide their service to us — not for their own purposes.

Our key processors include:

• Sightengine — age-estimation at sign-up and verification. EU-compliant. Image deleted after check.
• Hetzner — EU-based server hosting (Germany/Finland). All data remains in the EU.
• Resend — transactional email delivery (e.g. verification emails, password resets).
• Twilio — SMS delivery for account verification codes.

The full and current list, including the specific data each processor handles and where they're based, is at Sub-processors. We update this page whenever we add or change a processor, with advance notice where required.

10. Exporting your data

You can request a copy of your personal data at any time. Your export will contain your profile information, account settings, check-in history, and other data we hold about you in a structured JSON format.

To export your data:

1. Go to Settings → Your Data → Export.
2. Tap Request Export. We'll prepare your file and notify you by email when it's ready.
3. Download the file from the link in the email. The download link is valid for 7 days.

We must provide your export within 30 days under GDPR, but in practice it usually takes far less time — often minutes for smaller accounts. If you're waiting and haven't received anything after a few days, email privacy@cruisectrl.eu.

11. Deleting your account

You can delete your account at any time. Deletion is permanent and cannot be undone.

To delete your account:

1. Go to Settings → Danger Zone → Delete Account.
2. Confirm your identity (you'll be asked to re-enter your password or re-authenticate via SSO).
3. Confirm the deletion. You'll receive an email acknowledging the request.

Deletion removes your profile, display name, photos, age-verification flag, profile fields, messages, Pulse posts, Beacon history, and check-in history. This process is completed within 30 days.

Exceptions — the following categories of data may be retained for longer where there is a legal basis to do so:

• A minimal safety record if your account was subject to an active moderation action, a law enforcement request, or a formal legal notice. This is retained only as long as necessary for the legal purpose.
• Billing records held by Apple or Google — these are held by the app stores and not by us; you'll need to contact Apple or Google to manage those.
• Anonymised, aggregated analytics data from which you cannot be identified.

For the full retention schedule, see our Privacy Policy.

12. Data retention

We keep your data only as long as it is needed. In summary:

• Profile and account data — held while your account is active; deleted within 30 days of account deletion.
• Messages — expire after 24 hours by default; if kept by mutual agreement, deleted on account deletion.
• Pulse posts — expire after 1 hour; deleted automatically.
• Session data (auth tokens, check-in state) — expires automatically when the session ends.
• Age-verification flag — deleted with the account.
• Safety and moderation records — retained for a reasonable period for legal compliance; reviewed and deleted when no longer necessary.
• Server logs — retained for up to 90 days for security and debugging, then deleted.

13. Contact and complaints

For privacy-related questions or to exercise your rights: privacy@cruisectrl.eu

To contact our Data Protection Officer directly: dpo@cruisectrl.eu

To make a formal complaint to the Irish data protection regulator: dataprotection.ie — the Data Protection Commission accepts online complaint forms and provides guidance on your rights.

If you are in another EU member state, your national DPA can accept your complaint and coordinate with the Irish DPC under the GDPR one-stop-shop mechanism.

Still stuck? Email support@cruisectrl.eu · Back to Help Centre