# Privacy Policy for Shift Hulpje **Last Updated: 05-10-2024** ## 1. Introduction Welcome to Shift Hulpje. Your privacy is important to me. This Privacy Policy explains how I collect, use, and safeguard your personal information when you use the app. By using Shift Hulpje, you agree to the collection and use of your information in accordance with this Privacy Policy. ## 2. Information I Collect I collect personal data to provide and improve services in the app. This includes: - **Authentication Data**: When you sign up or log in using your email and password or Apple login, I collect your email address and authentication token via Firebase Authentication. This information is used solely for authentication purposes. - **User ID and Database Information**: When you create an account, a unique user ID is generated. This user ID is used to store and associate your data within Firestore, the app's database system. Data stored includes your shift preferences, schedule details, and other relevant information. - **Usage Data (Google Analytics)**: I use Firebase (Google) Analytics to gather anonymized usage data to help improve the app. This does not involve the collection of advertising identifiers (IDFA). ## 3. Legal Basis for Processing Data I process your personal data under the following legal bases: - **Consent**: By signing up for the app, you give consent to process your data. - **Contract**: Your data is processed as part of providing services you request, such as managing your shifts. - **Legitimate Interest**: I use anonymized usage data to maintain and improve the service. ## 4. How I Use Your Information I use the data collected for the following purposes: - **Account Management**: Your email and authentication data are used to securely manage your access to Shift Hulpje. - **Data Storage**: Your user ID is used to associate your data with your account in Firestore, ensuring that your preferences and shifts are stored and accessible to you. - **App Improvement**: Firebase (Google) Analytics is used to analyze app usage and improve functionality without tracking personal information or using advertising identifiers (IDFA). ## 5. Data Retention I will retain your personal data for as long as your account is active or as needed to provide you with the services. If you delete your account, I will delete all associated data within 7 days. However, some anonymized usage data may be retained for system maintenance. ## 6. Data Sharing I do not share your personal data with third parties, except for the following: - **Firebase Authentication (Google)**: For managing user authentication. - **Firestore (Google)**: For storing your app-related data such as shifts and preferences. - **Firebase Analytics (Google)**: For gathering anonymized usage data without IDFA. All of these services are GDPR-compliant and store data in accordance with applicable privacy regulations, including the General Data Protection Regulation (GDPR). ## 7. International Data Transfers Some of the service providers, such as Firebase and Firestore, may store and process your data outside the European Economic Area (EEA). I ensure that such transfers comply with applicable laws by using appropriate safeguards, such as standard contractual clauses. ## 8. Data Security I take appropriate security measures to protect your personal data from unauthorized access, disclosure, or destruction. All data is stored securely through Firebase’s cloud services. ## 9. Your Rights You have the following rights regarding your data: - **Access and Correction**: You can access and update your data within the app. - **Deletion**: You can request the deletion of your account and all associated data by contacting me at [owenselles@icloud.com](mailto:owenselles@icloud.com). I will delete all relevant data within 7 days of receiving your request. - **Withdrawal of Consent**: You may withdraw your consent to processing your personal data at any time by ceasing to use the app and requesting the deletion of your account. ## 10. Data Breach Notification In the unlikely event of a data breach, I will notify users and relevant authorities in accordance with GDPR regulations within 72 hours of becoming aware of the breach. ## 11. Children’s Privacy Shift Hulpje is not intended for use by anyone under the age of 16. I do not knowingly collect personal information from children under 16. If I learn I have collected such data without parental consent, I will take steps to delete it. ## 12. Changes to This Privacy Policy I may update this Privacy Policy from time to time. I will notify you of any significant changes by posting the new Privacy Policy on this page. You are advised to review this Privacy Policy periodically for any changes. ## 13. Contact Me If you have any questions or concerns about this Privacy Policy, please contact me at: **Owen Selles** [owenselles@icloud.com](mailto:owenselles@icloud.com)