Privacy Policy for RSI Tracker Last Updated: January 20, 2025 This Privacy Policy describes how RSI Tracker ("we," "us," or "our") collects, uses, and discloses your information when you use our mobile application (the "Service"). By using our Service, you agree to the collection and use of information in accordance with this policy. Information We Collect Information You Provide * Account Information: We currently do not require users to create accounts or directly provide personal information like name or email address to use the core features of the app. * Support Communications: If you contact us for support via email, we will collect your email address and any information you provide in your correspondence. * Authentication Data: If you use Sign in with Apple or other authentication services, we may receive limited profile information as permitted by your privacy settings. Information Collected Automatically * Usage Data: We may collect information about how you access and use the Service, such as: - Device type and operating system - Unique device identifiers (like Advertising ID or IDFA, where applicable and allowed by user settings) - IP address - Crash reports and error logs - Feature usage patterns and app performance metrics - Time spent in the app and frequency of use - Search interactions and navigation patterns within the app * Subscription Information: If you purchase subscriptions or premium features within the app: - Transaction details are processed by the Apple App Store - Subscription management is handled through RevenueCat - We receive necessary information (like anonymized purchase tokens, subscription status, and renewal dates) to validate and manage your subscription - We do not access or store your full payment card details Auto-Renewable Subscriptions For users who purchase auto-renewable subscriptions through the Apple App Store: * Subscription Data Processing: Subscription status, renewal dates, and transaction tokens are processed through RevenueCat and Apple's App Store systems * Data Usage: We use subscription data solely for: - Providing access to premium features - Managing your subscription status - Customer support and billing inquiries - Preventing fraud and unauthorized access * Subscription Management: You can manage, modify, or cancel subscriptions through your Apple App Store account settings * Auto-Renewal: Subscriptions automatically renew unless cancelled at least 24 hours before the current period ends * Data Retention: Subscription status data is retained for the duration of your subscription plus 1 year for customer support purposes How We Use Your Information We use the information we collect for various purposes, including: * Service Delivery: To provide, operate, and maintain our Service, including premium features for subscribers * Transaction Processing: To process transactions and manage your subscriptions * Service Improvement: To improve, personalize, and expand our Service based on usage patterns * Analytics: To understand and analyze how you use our Service to enhance user experience and fix bugs * Customer Support: To communicate with you for customer service or support requests initiated by you * Security: To detect and prevent fraud, abuse, or misuse of the Service * Legal Compliance: For compliance purposes, including enforcing our terms and responding to legal requests * Feature Development: To develop new features and improve existing functionality Sharing Your Information We may share your information in the following limited situations: With Service Providers We share necessary information with trusted third-party vendors and service providers that perform services on our behalf: * Apple App Store: For payment processing and subscription management * RevenueCat: For subscription management and analytics - Processes subscription tokens, status information, and device identifiers - Handles subscription validation and renewal tracking - Provides subscription analytics and reporting * Supabase: For user authentication and account management - Processes email addresses and authentication tokens - Manages user sessions and account data - Provides secure user authentication services * Analytics Providers: For app performance and usage analytics (if any) * Cloud Infrastructure Providers: For secure data storage and app functionality These providers only have access to the information necessary to perform their functions and are obligated to protect your data according to their own privacy policies and contractual agreements. For Legal Reasons We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or a government agency), including to: * Comply with legal obligations * Protect and defend our rights or property * Prevent or investigate possible wrongdoing in connection with the Service * Protect the personal safety of users or the public Business Transfers If RSI Tracker is involved in a merger, acquisition, or asset sale, user information may be transferred as part of that transaction. We will provide notice before your personal information is transferred and becomes subject to a different privacy policy. Data Security We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include: * Encryption: Data transmission is encrypted using industry-standard protocols * Access Controls: Limited access to personal information on a need-to-know basis * Regular Security Assessments: Ongoing monitoring and testing of our security measures * Secure Storage: Data is stored on secure servers with appropriate safeguards However, please be aware that no method of transmission over the internet or electronic storage is 100% secure, and we cannot guarantee absolute security. Data Retention We retain different types of data for varying periods based on the purpose for collection: * Usage Analytics Data: Up to 2 years for service improvement purposes * Subscription Status Data: For the duration of your subscription plus 1 year for customer support and legal compliance * Support Correspondence: Up to 3 years for service quality and legal compliance * Crash Reports and Technical Data: Up to 1 year for debugging and improvement * Authentication Data: As long as your account remains active or as required for security purposes You may request deletion of your personal data by contacting us at the email address provided below. Account Deletion As required by Google Play policy, if you have created an account with our app, you can request account deletion through two methods: 1. **In-App Deletion**: - Sign in to your account in the RSI Tracker app - Go to Profile > Account Management - Tap "Delete Account" and follow the confirmation prompts - Your account and all associated data will be permanently deleted 2. **Web-Based Deletion**: - Visit https://rsitracker.eu/delete-account - Follow the instructions to request account deletion - We will process your request within 30 days When you delete your account, the following data will be permanently removed: - Your user account and authentication data - Email address and profile information - Subscription history and preferences - App usage patterns and preferences - Any support correspondence history Please note: - Account deletion is irreversible - You will lose access to any active premium subscriptions - Some data may be retained for legal compliance (fraud prevention, tax records) as required by law - Processing typically completes within 30 days of your request Please note that subscription data managed by Apple App Store or Google Play Store will need to be cancelled separately through your respective app store account settings. Your Data Rights Depending on your location and applicable laws (including GDPR, CCPA, and other privacy regulations), you may have the following rights regarding your personal data: * Access: Request access to the personal information we hold about you * Correction: Request correction of inaccurate or incomplete personal information * Deletion: Request deletion of your personal information (subject to legal retention requirements) * Portability: Request a copy of your personal information in a portable format * Objection: Object to certain processing of your personal information * Restriction: Request restriction of processing in certain circumstances Since we collect limited personal information directly, exercising these rights might primarily pertain to data held by third-party services like Apple App Store or RevenueCat according to their respective policies. To exercise these rights or for any privacy-related inquiries, please contact us using the information provided below. Third-Party Services Our app may contain links to third-party websites or services that are not operated by us. We strongly advise you to review the privacy policy of every site you visit. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services. Sign in with Apple If you use Sign in with Apple, Apple's Privacy Policy governs the collection and use of your information by Apple. We only receive the information you choose to share, which may include your name and email address (or Apple's private relay email if you choose to hide your email). International Data Transfers If you are located outside the United States, please be aware that information we collect may be transferred to and processed in the United States or other countries where our service providers operate. By using our Service, you consent to such transfers. Children's Privacy Our Service is not intended for or directed to individuals under the age of 13. We do not knowingly collect personal identifiable information from children under 13. If we become aware that we have inadvertently collected such information from a child under 13, we will take steps to delete it promptly. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at the email address provided below. California Privacy Rights If you are a California resident, you may have additional rights under the California Consumer Privacy Act (CCPA), including: * The right to know what personal information we collect and how it is used * The right to delete personal information * The right to opt-out of the sale of personal information (we do not sell personal information) * The right to non-discrimination for exercising your privacy rights Changes to This Privacy Policy We may update our Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by: * Posting the new Privacy Policy within the app with a prominent notice * Sending you a notification through the app (if applicable) * Updating the "Last Updated" date at the top of this Privacy Policy You are advised to review this Privacy Policy periodically for any changes. Changes are effective immediately when they are posted within the app. Your continued use of the Service after any modifications to the Privacy Policy constitutes your acceptance of such changes. Contact Us If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at: Email: support@rsitracker.eu Subject Line: Privacy Policy Inquiry - RSI Tracker We will respond to your inquiry within a reasonable timeframe, typically within 30 days. --- This Privacy Policy is effective as of the date stated above and will remain in effect except with respect to any changes in its provisions in the future, which will be in effect immediately after being posted within the app.