Flybi — Terms of Service / End User Licence Agreement (EULA)

Self-authored draft (AI-assisted), appropriate for the current closed-beta scale. This document grounds each obligation in the source instrument (Regulation (EU) 2022/2065 — the Digital Services Act ("DSA"), the Apple App Store Review Guidelines, and the Google Play Developer Program Policies) and cites the relevant article/section inline. It is not legal advice and is not a substitute for a professional review — a lawyer review is recommended as the user base and data processing grow, and is advisable before enabling ID/biometric verification.

Service: Flybi — a mobile social-connection / anti-loneliness application for adults aged 18–35, in which "the people are the content": a feed of real personalities, with no posts, no swiping and no likes. Provider: Nicholas Gerster Toft Simonsen, operating Flybi as a private individual / sole operator (not a registered company), a micro-enterprise within the meaning of Commission Recommendation 2003/361/EC, established in Aarhus, Denmark (EU). Postal address: Contact is by email at the address below; a postal address will be added when a company is registered. Business registration / CVR number: Operated by Nicholas Gerster Toft Simonsen as a private individual; no CVR (company registration) yet — a registered company and CVR will be added as the project grows. Contact: ngts91@gmail.com (this will move to a company/branded address as the project grows; see lib/core/constants/legal_links.dart and issue #534) Privacy Policy: https://flybi.app/privacy Version: Terms version 1 (corresponds to kCurrentTermsVersion in lib/core/constants/legal_links.dart). Last updated: 18 June 2026 (current draft date, adjustable)

These Terms are presented in clear, plain, intelligible, user-friendly and unambiguous language and are published in an easily accessible and machine-readable format (Markdown / HTML), in accordance with DSA Art 14(1).

1. Acceptance of these Terms

1.1 By creating a Flybi account you enter into a binding agreement with the Provider. During registration you must tick the acceptance checkbox confirming that you have read and agree to these Terms (incl. this EULA) and have read the Privacy Policy. The version you accept and the time of acceptance are recorded against your account (termsAcceptedVersion / termsAcceptedAt).

1.2 If you do not agree to these Terms, do not create an account or use Flybi.

1.3 Significant changes. We will inform you of any significant change to these Terms (DSA Art 14(2)). When the legally binding terms change, the terms version is incremented and your acceptance is re-collected before continued use. Continuing to use Flybi after a change takes effect means you accept the updated Terms.

1.4 App-store EULA. Flybi is distributed via the Apple App Store and Google Play. Where you obtained Flybi through Apple, Apple's standard Licensed Application End User Licence Agreement also applies and, to the extent of any conflict on app-licence matters, supplements these Terms; the App-Store-specific provisions in Section 11 form part of this agreement.

2. Eligibility — 18+ only

2.1 Flybi is strictly for adults aged 18 and over. You must be at least 18 years old to create an account or use the service. This is enforced by an in-app age gate based on a self-declared date of birth captured during onboarding (stored as dateOfBirth). (Apple App Store Review Guideline 1.2; Google Play Target Audience & Content policy, answer 9867159 — dating/social apps must target 18-and-over only; Google Play content-rating / IARC questionnaire, answer 9859655.)

2.2 If we determine that you are under 18, or that you provided a false date of birth, we will suspend or terminate your account and erase associated personal data, subject to any legal retention obligation.

2.3 You must provide accurate registration information, keep your credentials secure, and you are responsible for activity under your account. Sign-in is via email, Google, or Apple.

2.4 Flybi launches in the Aarhus, Denmark area and expands geographically over time. Availability in your area is not guaranteed.

3. The licence we grant you

3.1 Subject to your compliance with these Terms, the Provider grants you a personal, limited, non-exclusive, non-transferable, non-sublicensable, revocable licence to install and use Flybi on a device you own or control, for your own personal, non-commercial use.

3.2 You must not: copy, modify, reverse-engineer, decompile or disassemble the app except as permitted by applicable law; rent, lease, lend, sell, redistribute or sublicense it; remove proprietary notices; circumvent security, rate-limiting, App Check, or access controls; use bots, scrapers or automated means to access the service or harvest other users' data; or use Flybi to build a competing product.

4. Acceptable use — community rules

You are solely responsible for the content you provide — your display name, bio, profile photos, interest "tags" (including secret tags), and chat messages ("User Content"). It is the Provider's responsibility to remove content that violates these Terms or our community standards (Apple App Store Review Guideline 1.2).

4.1 Zero-tolerance for objectionable content and abusive users

There is zero tolerance for objectionable content or abusive behaviour on Flybi (Apple App Store Review Guideline 1.2 — the de-facto reviewer requirement that a UGC app's EULA contain a zero-tolerance clause for objectionable content and abusive users, agreed to before a user can participate). You agree not to create, upload, transmit, display or share any content, and not to engage in any conduct, that:

• is sexually explicit, pornographic, or sexually objectifies others ("hot-or-not"-style rating of people is prohibited);
• harasses, bullies, threatens, stalks, intimidates or defames any person;
• is hateful or discriminatory on the basis of race, ethnicity, national origin, religion, disability, sex, gender identity, sexual orientation, age or any other protected characteristic;
• depicts, promotes or facilitates violence, self-harm, or threats to the life or safety of any person;
• sexually exploits or endangers minors, or constitutes child sexual abuse material (CSAM) — strictly prohibited and reported to the authorities (see Sections 7 and 8);
• is illegal under EU or applicable national law, or facilitates illegal acts (incl. fraud, the sale of illegal or regulated goods, or infringement of intellectual-property or privacy rights);
• impersonates any person or misrepresents your identity or affiliation;
• is spam, a scam, a solicitation, or off-platform commercial advertising;
• discloses another person's private or identifying information without consent ("doxxing"), including precise location;
• contains malware, or attempts to compromise, overload or interfere with the service or other users' devices.

4.2 No prohibited app-category behaviour

Flybi is not, and may not be used as, a platform for pornography, random/anonymous/"Chatroulette"-style chat, "hot-or-not" objectification of people, physical threats, or bullying. Such uses are not permitted and are grounds for immediate removal of the offending content and account (Apple App Store Review Guideline 1.2).

4.3 Automated input filter

To enforce these rules, Flybi applies an automated disallowed-language text filter to display names, bios and chat messages at the point of entry, which blocks the worst-offending content before it is published. This is a content-moderation tool within the meaning of DSA Art 14(1) and is described further in Section 6.

4.4 Genuine, accurate participation

Because "the people are the content," you must represent yourself authentically. Provide a genuine profile; do not create accounts for others, operate multiple accounts to evade enforcement, or use another person's likeness.

5. Location data and the "hot / cold" game (consent and minimisation)

5.1 Flybi processes location to power discovery and certain features. Our handling is designed to minimise what is collected and stored (Google Play minimum-scope and prominent-disclosure rules, answers 17033915 and 11150561; Apple Guideline 5.1.1(iii) data minimisation):

• For discovery, your location is stored coarsely as a geohash (~39 km cell, geohash4; a finer geohash6 cell is also derived) — not as a continuously broadcast precise position. You can clear your stored location at any time, which deletes the stored latitude/longitude and geohash fields.
• Live, fine-grained GPS location is only processed during an active mutual "hot / cold" game between two users who have both consented to play (one user invites; the other must accept before the game becomes active). Live location during the game is used solely to power the warmer/colder proximity signal and is cleared when the game ends or is quit. It is not retained as a location history.

5.2 Before any device location permission is requested, the app shows an in-context disclosure explaining why location is used, what is collected, and how it is used — and you can decline (Google Play prominent-disclosure & consent, answer 11150561). Declining location does not bar you from the service except for features that inherently require it.

5.3 Full details of location and all other processing — categories, purposes, retention and your rights — are in the Privacy Policy, which forms part of your relationship with us. These Terms do not replace it.

6. Content moderation — rules, tools and procedures (DSA Art 14)

This section states, in clear and plain language, the policies, procedures, measures and tools we use for content moderation — including any algorithmic decision-making and human review — and the rules of procedure of our complaint-handling process, as required by DSA Art 14(1). We apply and enforce these restrictions diligently, objectively and proportionately, and with due regard to the fundamental rights (including freedom of expression and information) of all parties involved (DSA Art 14(4)).

The operational detail of how reports are triaged and actioned is maintained in our internal Moderation Runbook (referenced, not duplicated here): a notice-and-action workflow under which each report is reviewed (target: within ~24 hours), an action is taken or declined, and a statement of reasons is recorded.

6.1 What we moderate and the tools we use

• Automated input filtering (algorithmic). A disallowed-language text filter automatically screens display names, bios and chat messages at the point of submission and blocks content that breaches Section 4. This is automated decision-making applied at entry, disclosed here per DSA Art 14(1).
• Human review. A human moderator reviews user reports and takes decisions. We do not rely solely on automated tools to decide moderation outcomes.
• Available actions. Following review, a moderator may: dismiss a report (no action); warn a user; hide content (e.g. clear an offending name/bio field, or remove an offending chat message); or suspend / ban an account (disabling sign-in, which removes the user from discovery and chat). Repeated or egregious violations result in immediate account termination.

6.2 Reporting illegal content and violations — notice-and-action (DSA Art 16; Apple 1.2; Google Play UGC, answer 9876937)

Any user, individual or entity may notify us of content they consider illegal or in breach of these Terms. Flybi provides an easy-to-access, user-friendly in-app reporting mechanism that allows electronic submission of a notice (DSA Art 16(1); Apple Guideline 1.2 — a mechanism to report offensive content; Google Play UGC policy — in-app reporting of content and of users).

To help us act, a notice should include (DSA Art 16(2)): - (a) a sufficiently substantiated explanation of why the content or conduct is considered illegal or in breach; - (b) a clear indication of the precise location of the content (e.g. the user, profile field, or chat concerned — the in-app report flow captures this automatically, including recent shared chat context where relevant); - (c) the name and email of the notifier, except for notices concerning offences under Directive 2011/93/EU (child sexual abuse); and - (d) a good-faith statement that the notifier believes the information in the notice to be accurate and complete.

A notice that contains the elements above and concerns the legality of content is deemed to give us actual knowledge or awareness of that content for liability purposes (DSA Art 16(3)).

How we handle notices: - Where the notifier provides contact details, we send confirmation of receipt without undue delay (DSA Art 16(4)). - We process all notices in a timely, diligent, non-arbitrary and objective manner (DSA Art 16(6)). We provide timely responses to concerns (Apple App Store Review Guideline 1.2) and act on user reports (Google Play UGC policy, answer 9876937); to meet these, we operate a self-imposed 24-hour target for acting on reports. (Guideline 1.2 itself requires only "timely responses to concerns" and does not prescribe a fixed number of hours; the 24-hour figure is our own operational service level, recorded as the slaDeadline.) Where automated means are used in processing a notice, we disclose this (DSA Art 16(6)). - We notify the notifier of our decision without undue delay and provide information on the redress possibilities available (DSA Art 16(5)).

6.3 Blocking other users

Independently of reporting, you can block any user from within the app. Blocking removes that user from your discovery feed and prevents them from contacting you (Apple Guideline 1.2 — the ability to block abusive users; Google Play UGC policy — in-app user blocking for apps with 1:1 interaction).

6.4 Statement of reasons to affected users (DSA Art 17)

If we restrict your content or your account on the ground that it is illegal or incompatible with these Terms, we will provide you with a clear and specific statement of reasons, at the latest from the time the restriction is imposed, where we have your electronic contact details (DSA Art 17(1)). The restrictions covered by Art 17(1) are the removal, disabling or demotion of content, the suspension or termination of the provision of the service, the suspension or termination of the account, and the suspension or termination of any monetisation of content. At launch Flybi has no monetisation (advertising ships dark and there are no in-app purchases — see Section 10), so the monetisation limb is presently inapplicable; the actions you may actually receive are content hiding/removal and account suspension/termination. The statement will include (DSA Art 17(3)):

• (a) whether the restriction is a removal, disabling, demotion of content, or suspension/termination of the account, and its territorial scope and duration;
• (b) the facts and circumstances relied on, including whether the decision was triggered by a notice submitted under Section 6.2 or by automated means;
• (c) the contractual ground (the clause of these Terms relied on) or, for illegal content, the legal ground and an explanation of why the content is considered illegal; and
• (d) clear, user-friendly information about the redress options available to you (see Section 6.5).

This information will be as precise and specific as reasonably possible (DSA Art 17(4)). The action and the statement of reasons are recorded against the relevant report (actionTaken, actionedBy, actionedAt, statementOfReasons).

Scope note (DSA Art 17(2)): a statement of reasons is not required where the content is deceptive high-volume commercial content, or where we are acting on an order under DSA Art 9. Note on the DSA Transparency Database. The Art 24(5) Transparency-Database submission duty sits in Section 3 of the DSA and is therefore within the Art 19 micro-enterprise exemption, so we do not currently submit statements of reasons to the Commission's database. (Current position; to be confirmed in a professional review as the project grows.)

6.5 Appeals and redress

If you believe a moderation decision about you was wrong, you may contest it:

• Contact us: reply to the statement of reasons or write to ngts91@gmail.com to ask us to review the decision. We will re-examine it and respond.
• Out-of-court dispute settlement and judicial remedies: you also retain the right to pursue out-of-court dispute settlement and to bring the matter before a competent court, in accordance with applicable law (this preserves the redress avenues referenced in DSA Art 17(3)(d)).

Micro-enterprise exemption. As a micro-enterprise under Commission Recommendation 2003/361/EC, Flybi is exempted by DSA Art 19(1) from the whole of DSA Section 3 (Arts 20–28), except Art 24(3) — including the formal internal complaint-handling system (Art 20) and out-of-court dispute settlement (Art 21) obligations. The simplified review path above is offered voluntarily. This exemption does not touch Arts 11, 12, 14, 16, 17 or 18, which apply in full (DSA Sections 1 and 2). The exemption is lost if Flybi is ever designated a Very Large Online Platform (DSA Art 19(2)), and a 12-month grace period applies if Flybi outgrows micro/small status. Even under the exemption, Art 24(3) still requires reporting average monthly active recipients to the Digital Services Coordinator / Commission on request. Flybi is currently within micro-enterprise size at this beta scale. (Current status; to be confirmed in a professional review as the project grows.)

6.6 Content for minors

Flybi is an 18+ service and is not targeted at or intended to be used by minors; accordingly the minor-comprehension obligation in DSA Art 14(3) is addressed by the 18+ eligibility gate in Section 2 rather than by minor-specific phrasing.

7. Suspension and termination

7.1 By you. You may stop using Flybi at any time. You can deactivate your account (a reversible self-service toggle that hides your profile from discovery while preserving your data) or permanently delete your account from within the app at any time (see Section 9).

7.2 By us. We may warn, hide content, suspend, or terminate your account and licence, in whole or in part, where you breach these Terms — in particular the acceptable-use rules in Section 4 — or where required to comply with law or a competent authority's order. Enforcement is applied diligently, objectively and proportionately (DSA Art 14(4)).

7.3 Immediate termination. Egregious or repeated violations — including the prohibited behaviour in Sections 4.1–4.2 — are grounds for immediate removal of content and termination of your account (Apple App Store Review Guideline 1.2).

7.4 Statement of reasons. Where we impose a restriction, suspension or termination on the grounds in Section 7.2, you receive a statement of reasons and may seek redress as set out in Sections 6.4–6.5 (DSA Art 17).

7.5 Effect of termination. On termination your licence ends and your access is withdrawn. Sections that by their nature should survive (e.g. Sections 4, 8, 10, 12, 13) survive termination.

8. Reporting serious criminal offences to authorities (DSA Art 18)

Where we become aware of information giving rise to a suspicion that a criminal offence involving a threat to the life or safety of one or more persons has taken place, is taking place, or is likely to take place, we will promptly inform the relevant law-enforcement or judicial authorities and provide all relevant available information (DSA Art 18(1)). Where the Member State concerned cannot be identified with reasonable certainty, we will notify the law-enforcement authorities of Denmark (our Member State of establishment), and/or Europol (DSA Art 18(2)). Suspected child sexual abuse material is preserved and reported to the competent authority / hotline without delay. The operational escalation steps are set out in our internal Moderation Runbook.

9. Account deletion and data

9.1 In-app deletion. You can delete your account from within the app (account settings). Deletion is not merely a deactivation: it triggers a server-side cascade erasure of your account record and associated personal data, subject to any data we are legally required or permitted to retain (Apple Guideline 5.1.1(v) and Apple's Offering account deletion in your app guidance — temporary deactivation alone is insufficient; Google Play account-deletion policy, answer 13327111). Where you signed in with Apple, the relevant Sign in with Apple tokens are revoked on deletion.

9.2 Web deletion request. A publicly reachable web page at https://flybi.app/delete-account lets you request account and data deletion without reinstalling the app (Google Play account-deletion policy, answer 13327111). The page prominently features the deletion pathway, names "Flybi" / the developer as shown on the store listing, and is declared in the Google Play Data safety form (to be published before store submission).

9.3 Retention. Certain data may be retained where necessary for security, fraud prevention, legal compliance, or to maintain the integrity of moderation/audit records — including a record of moderation actions and statements of reasons. Retention periods are set out in the Privacy Policy and are kept consistent with the Data safety / App Privacy disclosures. (Current periods; to be confirmed in a professional review as the project grows.)

9.4 The categories of personal data we process — account (email; authentication via email/Google/Apple), profile (display name, bio, photos), interest tags (including secret tags), coarse location (geohash) and transient live location during a hot/cold game, chat messages, user reports, and optional date of birth for the 18+ gate — and how to exercise your data-protection rights, are described in the Privacy Policy.

10. Advertising, payments, and third-party services

10.1 No payments at launch. Flybi offers no in-app purchases or paid features at launch.

10.2 Advertising. Flybi integrates Google AdMob, but advertising ships disabled ("dark") at launch and no advertising is served. If and when advertising or any tracking is enabled, we will update these Terms and the Privacy Policy accordingly, make the required disclosures, and — on iOS — request App Tracking Transparency permission before any tracking as defined by Apple (Apple Guidelines 5.1.2(i) and the App Privacy "Tracking" definition; Google Play Data safety, answer 10787469). We will not require you to enable tracking, push, or location to access core functionality (Apple Guideline 5.1.2(i)).

10.3 Third-party infrastructure. Flybi runs on Google Firebase (Firestore, Authentication, Storage, Cloud Functions in region europe-west1, Cloud Messaging for push, Remote Config, and App Check). Use of these services is also subject to the applicable third-party terms. We disclose data sharing with third parties in the Privacy Policy and the store privacy disclosures (Apple Guideline 5.1.2(i); Google Play Data safety).

11. App Store and Google Play provisions

11.1 Apple-distributed copies. These Terms are between you and the Provider, not Apple. Apple has no obligation to provide maintenance or support for Flybi. Apple is not responsible for any product warranties, claims of non-conformity, product-liability, third-party intellectual-property claims, or for addressing your or any third party's claims relating to Flybi, except as set out in Apple's standard EULA. Apple and its subsidiaries are third-party beneficiaries of these Terms and may enforce them against you. You represent that you are not located in a country subject to a U.S. Government embargo or designated a "terrorist supporting" country, and that you are not on any U.S. Government list of prohibited or restricted parties. (These provisions reflect the minimum terms Apple requires of apps that do not use Apple's standard EULA — see the Apple Developer Program License Agreement, Schedule 1; Apple standard EULA.)

11.2 Reviewer access. A demo/reviewer account and any demo mode are provided to the app stores for review, and such accounts are excluded from production analytics and the best-fit pipelines (Apple Guideline 2.1(a); the isDemoAccount flag). Demo/reviewer credentials are supplied directly to App Store Connect / Play Console at submission time and are never placed in this public document.

11.3 Google Play-distributed copies. Your use is additionally subject to Google Play's terms. Flybi targets the 18-and-over audience only, with Restrict Minor Access and an accurately completed IARC content rating, and does not opt into the Families programme (Google Play, answers 9867159, 9859655).

12. Disclaimers and limitation of liability

12.1 No vetting guarantee. Flybi facilitates connections between real people. We apply the moderation measures in Section 6, and an optional identity/trust verification signal may be shown for some users, but we do not conduct background checks and cannot guarantee any user's identity, intentions, or conduct. Use common sense and caution when meeting or communicating with anyone, and prioritise your safety.

12.2 "As is". To the maximum extent permitted by law, Flybi is provided "as is" and "as available" without warranties of any kind, express or implied, including fitness for a particular purpose and non-infringement. We do not warrant that the service will be uninterrupted, error-free, or secure.

12.3 Limitation. To the maximum extent permitted by law, the Provider is not liable for indirect, incidental, special, consequential or punitive damages, or for the acts or content of other users. Nothing in these Terms excludes or limits liability that cannot be excluded or limited under applicable law — including your mandatory rights as a consumer under Danish and EU law. (Current position; the liability wording is to be confirmed for Danish/EU consumer-protection law and the relevant app-store agreements in a professional review as the project grows.)

13. Governing law, contact points, and general

13.1 Governing law and forum. These Terms are governed by the laws of Denmark, without prejudice to the mandatory consumer-protection rules of your country of residence in the EU. (Current position; to be confirmed in a professional review as the project grows.)

13.2 Point of contact for users (DSA Art 12). You can communicate with us directly and rapidly by electronic means, in a user-friendly manner, at ngts91@gmail.com. This channel does not rely solely on automated tools — a human is reachable (DSA Art 12(1)–(2)).

13.3 Single point of contact for authorities (DSA Art 11). For Member State authorities, the European Commission, and the European Board for Digital Services, the electronic point of contact is ngts91@gmail.com (this will move to a company/branded address as the project grows). Communications may be conducted in Danish and English (incl. at least one official language of our Member State of establishment, Denmark) (DSA Art 11(2)–(3)).

13.4 Data protection / GDPR contact. Because the Provider is established in the EU (Denmark), no GDPR Art 27 EU representative and no DSA Art 13 legal representative is required (both apply only to providers without an EU establishment). No Data Protection Officer is appointed under GDPR Art 37; one is not legally required at the current scale, and this is re-assessed if scale grows or biometric/ID verification is enabled. The contact for privacy matters is Nicholas Gerster Toft Simonsen at ngts91@gmail.com. The Privacy Policy is the canonical source for the data-protection contact and your data-protection rights.

13.5 Severability. If any provision is held unenforceable, the remaining provisions stay in effect.

13.6 Entire agreement. These Terms, together with the Privacy Policy and (for Apple-distributed copies) Apple's standard EULA, constitute the entire agreement between you and the Provider regarding Flybi.

13.7 Assignment. You may not assign these Terms; the Provider may assign them in connection with a merger, acquisition, or sale of assets, on notice to you.

References cited inline: Regulation (EU) 2022/2065 (Digital Services Act), Arts 9, 11, 12, 14, 16, 17, 18, 19, 24 — canonical text at EUR-Lex CELEX 32022R2065 (verify final wording against EUR-Lex); Directive 2011/93/EU (combating child sexual abuse); Commission Recommendation 2003/361/EC (micro/small-enterprise definition); Apple App Store Review Guidelines §§1.2, 2.1, 5.1.1, 5.1.2, the Apple "Offering account deletion in your app" guidance, and the Apple Developer Program License Agreement (Schedule 1) / Apple standard EULA; Google Play Developer Program Policies — UGC (answer 9876937), account/data deletion (13327111), Data safety (10787469), prominent disclosure & consent (11150561), foreground-location minimum scope (17033915), target audience (9867159), content rating / IARC (9859655). Operational moderation detail is maintained in our internal Moderation Runbook.