Privacy Policy
1. Who controls your data
The controller of personal data processed in the Rewir app (the "Service") is the entity operating the app (referred to as "Rewir" or "we"). Privacy contact: hello@rewir.app.
2. What we collect and why
| Data category | Purpose | Legal basis (GDPR) |
|---|---|---|
| Account identifier (Apple ID or anonymous session id) | Authentication, cross-device sync | Performance of the contract (Art. 6(1)(b)) |
| Dog name, breed, date of birth, photos/avatar, care notes | Dog profile, Care Group shared view, walk history | Performance of the contract |
| GPS location (only while a walk is active) | Recording the route, scoring discovered hexes, mission targeting | Performance of the contract; background location only with explicit iOS consent |
| Home rewir (approximate dog home location, set once) | Defining the "home rewir" area and the privacy zone | Performance of the contract |
| Care Group and Pack memberships | Shared Premium, joint walks | Performance of the contract |
| Hashed phone / email digests from your address book (optional) | Detect which of your contacts already use Rewir, to send pack invites | Consent (Art. 6(1)(a)); revocable via iOS Settings → Privacy → Contacts |
| Device id, push token (APNs/FCM) | Pack invitations, joint-walk notifications | Performance of the contract + legitimate interest (Art. 6(1)(f)) |
| Purchase id and subscription status (RevenueCat) | Activating Premium features | Performance of the contract |
| Anonymous crash + telemetry data (Firebase Crashlytics, Firebase Analytics) | Debugging, product improvement | Legitimate interest (Art. 6(1)(f)) |
We do not collect: raw contacts (only hashes), your address book, browsing history, dog health data beyond what you write into "Care & reminders", location outside an active walk.
3. The privacy of your home
This is a non-negotiable for us: the pack never sees your dog's exact home. Every route shared with the pack is sanitised — the leading and trailing points falling inside your privacy zone (default 150 m, adjustable 50–500 m) are clipped before they leave your device's contract with the pack. The precise home coordinate is available only to members of your Care Group (household).
4. Where and how long we store data
Data is stored in Google Firebase (Firestore, Cloud Functions, Cloud Storage, Authentication, FCM, Analytics, Crashlytics). Processing happens in the European Union region (europe-central2). Map rendering is delivered by Mapbox, which receives only map viewport coordinates — never your account identifier.
Retention windows:
- Account & dog profile — for as long as you use the app. Delete in two steps: Settings → Account → Delete account.
- Walk routes — until you delete a walk or your account. Free tier shows only the last 30 days in-app; the data itself persists until you delete it.
- Contact hashes — for the duration of active consent. Revoking the iOS contacts permission removes them at the next sync.
- Crash & analytics data — up to 90 days.
- Purchase data — as required by tax law and App Store policy (up to 6 years).
5. Who we share data with
We use trusted processors covered by data-processing agreements:
- Google Cloud / Firebase — hosting, database, authentication, push, diagnostics, analytics. EU region.
- RevenueCat, Inc. — subscription handling (bridge between App Store and our backend). US, under EU Standard Contractual Clauses.
- Apple Inc. — Sign in with Apple, APNs (push), App Store In-App Purchase. Per Apple's policy.
- Mapbox, Inc. — map rendering. Mapbox receives map viewport coordinates only; not your account identifier. Mapbox usage telemetry is disabled inside our app.
We do not sell your data to advertising brokers and we do not share it with third parties for their marketing.
6. Your rights
Under GDPR you have:
- the right to access your data,
- the right to rectification,
- the right to erasure ("right to be forgotten") — exposed in-app as Delete account,
- the right to restrict processing,
- the right to data portability,
- the right to object to processing based on legitimate interest,
- the right to withdraw consent (contacts hashing),
- the right to lodge a complaint with the Polish Data Protection Authority (uodo.gov.pl) or your local EU supervisory authority.
Requests go to hello@rewir.app. We respond within 30 days.
7. Children
Rewir is not directed at children under 13. We do not knowingly collect data from minors. If we learn that a child under 13 has created an account, we will delete it without delay.
8. Security
We apply, among others:
- encrypted transport (TLS 1.2+) between app and backend,
- document-level access rules at Firestore (security rules), including dedicated rules that prevent the pack from reading home location,
- App Check / App Attest on Cloud Functions calls so only our app can talk to our backend,
- Mapbox API keys restricted to the app's bundle id,
- no raw contacts collection — only irreversible (SHA-256) hashes.
9. Policy changes
If we materially change how we process data, we will notify you in-app at least 14 days before the change takes effect. Continued use after that date constitutes acceptance of the updated policy.
10. Contact
Questions, objections, access / deletion requests: hello@rewir.app.