App Privacy Policy

Information We Collect

When you use our mobile app, we may collect the following types of information:

Account Information

• Email address (used for authentication and account recovery)
• User ID (a unique identifier for your account)
• Authentication tokens (securely stored for maintaining your login session)

Device Information

• Device type and model
• Operating system and version
• Device identifier (for app functionality, not advertising)

Usage Data (with your consent)

• App launches and screen views
• Feature interactions and navigation patterns
• App performance metrics

Diagnostic Data (with your consent)

• Crash logs and error reports
• Performance data (app launch time, response times)
• Technical diagnostics to identify and fix issues

Push Notification Data

• Push notification token (to deliver alerts to your device)
• Notification preferences

How We Use Your Information

We use the information we collect for the following purposes:

• Authentication: To securely sign you in and maintain your session
• App Functionality: To provide core features like camera access, briefings, and messaging
• Personalisation: To customise your experience based on your preferences
• Analytics: To understand how you use the app and improve features (with consent)
• Error Reporting: To identify, diagnose, and fix bugs and crashes (with consent)
• Push Notifications: To send you security alerts and important updates
• Security: To protect your account and detect suspicious activity

Third-Party Services

Our app uses the following third-party services to provide functionality:

Account and authentication data is processed in AWS EU regions (EU-West-1 and EU-West-2). Firebase services may process data in other regions; see Google's privacy policy for details.

Your Consent Choices

We are committed to giving you control over your data. When you first use the app, you will see a privacy settings dialog that allows you to choose which types of data collection to enable.

Consent Options

• App Analytics: Help us understand how you use the app to improve features and performance
• Error Reporting: Automatically report crashes and errors to help us fix problems faster

Important Notes

• Data collection is disabled by default until you provide consent
• You can accept all, reject all, or customise your preferences
• You can change your preferences at any time in the app's Privacy Settings
• Withdrawing consent will stop future data collection but won't delete previously collected data
• To request deletion of previously collected data, please contact us

GDPR Compliance: This consent mechanism is implemented to comply with the EU General Data Protection Regulation (GDPR) and UK GDPR, which requires explicit consent for analytics and diagnostic data collection. This is separate from and unrelated to Apple's App Tracking Transparency framework.

Data Storage and Security

We implement industry-standard security measures to protect your data:

• Hardware-backed secure storage: Sensitive data like authentication tokens are stored in iOS Keychain and Android Keystore
• Encryption in transit: All data transmitted between the app and our servers uses TLS encryption
• Encryption at rest: Data stored on our servers is encrypted
• Data residency: Your account and authentication data is processed in AWS EU regions (EU-West-1 and EU-West-2)
• Access controls: Strict access controls limit who can access your data

Data Retention

We retain your data for the following periods:

• Account data: Duration of your account plus 2 years after closure
• Analytics data: Up to 26 months from collection
• Crash/diagnostic data: 90 days
• Push notification tokens: Until you uninstall the app or revoke permission

Your Rights

Under GDPR and UK GDPR, you have the following rights regarding your personal data:

• Right to Access: Request a copy of your personal data
• Right to Rectification: Request correction of inaccurate data
• Right to Erasure: Request deletion of your personal data
• Right to Portability: Request your data in a portable format
• Right to Object: Object to processing of your personal data
• Right to Withdraw Consent: Withdraw consent at any time

To exercise any of these rights, please contact us. For more details about your rights, see our main Privacy Policy.

Children's Privacy

Our app is not directed to children under the age of 13 (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personal information from children.

If we become aware that we have collected personal information from a child without parental consent, we will take steps to delete that information. If you believe we have collected information from a child, please contact us immediately.

Changes to This Policy

We may update this App Privacy Policy from time to time. When we make changes, we will update the "Last updated" date at the top of this page.

For significant changes, we may also notify you through the app or via email. We encourage you to review this policy periodically to stay informed about how we protect your information.