stryd

Privacy Policy

Last updated: 24 June 2026

1. Introduction

This Privacy Policy explains how stryd, operated by [Legal Entity Name] ("stryd", "we", "us", or "our"), collects, uses, shares, and protects your personal data when you use our websites, mobile applications, and services (the "Service"). stryd is the data controller responsible for your personal data.

We are committed to handling your personal data in accordance with applicable data-protection laws, including the EU and UK General Data Protection Regulation (GDPR), and data-protection laws across the regions we serve, including the UAE Personal Data Protection Law, the Saudi Personal Data Protection Law, Kenya's Data Protection Act 2019, Nigeria's Data Protection Act 2023, India's Digital Personal Data Protection Act 2023, and Egypt's Personal Data Protection Law.

2. Information we collect

We collect the following categories of personal data:

  • Account data — your name, email address, password, and, where you sign in with a third-party provider (such as Google), the basic profile information they share;
  • Profile data — information you choose to add, such as your field of study, headline, bio, education, experience, links, avatar, and uploaded documents;
  • Content — posts, questions, replies, messages, and other content you create or share;
  • Connection data — your connections, follows, mentorship requests, and interactions;
  • Usage and device data — log data, IP address, browser and device information, and analytics about how you use the Service;
  • Cookies and similar technologies — as described below.

3. How we use your data

We use your personal data to:

  • Provide, operate, maintain, and improve the Service;
  • Create and manage your account and profile;
  • Enable mentorship matching, networking, messaging, and opportunities;
  • Send service-related communications and notifications;
  • Personalise your experience and provide AI-powered features;
  • Maintain security, prevent fraud and abuse, and enforce our Terms;
  • Comply with legal obligations and respond to lawful requests.

4. Legal bases for processing

Where the GDPR or similar laws apply, we process your personal data on the following legal bases: performance of our contract with you (to provide the Service); your consent (for example, certain communications or optional features, which you may withdraw at any time); our legitimate interests (such as securing and improving the Service), balanced against your rights; and compliance with legal obligations.

5. Cookies and analytics

We use strictly necessary cookies to operate the Service (for example, to keep you signed in) and privacy-conscious analytics to understand aggregate usage and performance. You can control cookies through your browser settings; disabling some cookies may affect how the Service works.

6. How we share your data

We do not sell your personal data. We share it only as needed to operate the Service:

  • Service providers / processors who host and support the Service (for example, our cloud hosting and database providers and authentication providers), under contracts that require appropriate safeguards;
  • Other users — information you choose to make public on your profile or content is visible to others by design;
  • Legal and safety — where required by law, regulation, legal process, or to protect the rights, safety, and security of stryd, our users, or the public;
  • Business transfers — in connection with a merger, acquisition, financing, or sale of assets, subject to this Policy.

7. International data transfers

stryd operates across multiple countries, and your personal data may be processed in, or transferred to, countries other than your own, including for hosting and support. Where required by law, we put in place appropriate safeguards (such as standard contractual clauses or equivalent mechanisms) to protect your data when it is transferred internationally.

8. Data retention

We retain your personal data for as long as your account is active or as needed to provide the Service, and thereafter only as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. When data is no longer needed, we delete or anonymise it.

9. Your rights

Depending on your location, you may have the right to access, correct, update, or delete your personal data; to object to or restrict certain processing; to data portability; and to withdraw consent where processing is based on consent. You also have the right to lodge a complaint with your local data-protection authority.

To exercise any of these rights, contact us at privacy@stryd.me. You can also access and update much of your information directly in your account settings, and delete your account at any time. We will respond within the timeframe required by applicable law.

10. Children's privacy

The Service is not intended for children under 16 (or the minimum age of digital consent in your country). We do not knowingly collect personal data from children below that age without verifiable parental or guardian consent. If you believe a child has provided us personal data without appropriate consent, contact us and we will take steps to delete it.

11. Data security

We implement technical and organisational measures designed to protect your personal data, including encryption in transit, access controls, and secure infrastructure. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.

12. Region-specific information

EEA/UK (GDPR): you have the rights described above and may contact your supervisory authority. Our legal bases are set out in this Policy.

Middle East (UAE & Saudi Arabia PDPL): we process personal data consistent with the UAE and Saudi Personal Data Protection Laws, including your rights of access, correction, and deletion, and requirements relating to consent and cross-border transfers.

Africa (Kenya DPA 2019, Nigeria NDPA 2023, Egypt PDPL): we process personal data consistent with these laws, honour data-subject rights, and apply safeguards for transfers as required.

India (DPDP Act 2023): we process digital personal data consistent with the DPDP Act, including notice, consent, and your rights to access, correction, and erasure, and the ability to nominate another individual to exercise your rights.

13. Changes to this Policy

We may update this Privacy Policy from time to time. If we make material changes, we will take reasonable steps to notify you and will update the "Last updated" date above. Your continued use of the Service after changes take effect constitutes acceptance of the updated Policy.

14. Contact us

If you have questions or requests about this Policy or your personal data, contact us at privacy@stryd.me, or write to [Legal Entity Name], [registered address]. [If you have appointed a Data Protection Officer or EU/UK representative, insert their contact details here.]