# Privacy Policy - Swap Barter **Last Updated: May 23, 2026** ## 1. Introduction Swap Barter ("we," "us," "our," or "Company") operates the Swap Barter mobile application (the "App"). This Privacy Policy explains our practices regarding the collection, use, and disclosure of information when you use our App. ## 2. Information We Collect ### 2.1 Information You Provide Directly - **Account Information**: Name, email address, phone number, profile picture, location - **Product Information**: Title, description, images, price, category, condition - **Communication Data**: Messages, chat history, offer details - **Payment Information**: Processed through secure third-party providers (we do NOT store payment card details) ### 2.2 Automatically Collected Information - **Device Information**: Device type, operating system, unique device identifiers - **Usage Data**: App features used, timestamps, session duration, crash logs - **Location Data**: City/region for marketplace filtering (with your permission) ### 2.3 Camera & Photo Library Access - **Purpose**: To allow users to upload product photos and avatar images - **Storage**: Images are uploaded to Firebase Cloud Storage; we do NOT access photos without explicit user action - **User Control**: You choose which photos to upload; permission can be revoked in device settings ## 3. How We Use Your Information - **Core Functionality**: Enabling peer-to-peer product trading and messaging - **Fraud Prevention**: Detecting and preventing prohibited content (illegal items, abuse, scams) - **User Safety**: Blocking/reporting harmful users, moderating marketplace content - **App Improvement**: Analyzing crashes and performance issues - **Legal Compliance**: Responding to court orders or regulatory requests - **Customer Support**: Addressing user issues and disputes ## 4. Data Sharing & Third Parties ### 4.1 We Do NOT Share Personal Data With: - Marketing agencies - Advertisers - Data brokers - Third-party analytics companies - Social media platforms ### 4.2 We Share Information With: - **Firebase (Google Cloud)**: For authentication, database, and cloud storage - **Law Enforcement**: When legally required by valid court orders - **Service Providers**: Payment processors (Stripe) - ONLY if you initiate a transaction ## 5. Data Retention - **Deleted Account**: User documents and all associated data are permanently deleted - **Reported Content**: Kept for 90 days for moderation review, then deleted - **Chat History**: Deleted when users delete their accounts or clear chat - **Blocked Users**: List is retained for safety purposes ## 6. User Rights & Controls - **Access**: Request a copy of your personal data - **Deletion**: Delete your account and all associated data permanently - **Blocking**: Block users to prevent contact and hide their listings - **Privacy Settings**: Manage location visibility and notification preferences ## 7. Tracking & Analytics - DETAILED BREAKDOWN ### 7.1 What We DO Track (For App Operations) #### **Firebase Analytics (Essential Only)** - **Collected Data:** - App installation date - Session start/end times - Screen views (which screens users visit) - User engagement duration - App crashes and errors - Device type and OS version - **Purpose:** - Identifying bugs and app performance issues - Understanding which features are used most - Improving user experience - Measuring app stability - **NOT Used For:** - Advertising or marketing campaigns - Selling data to third parties - Creating user profiles for targeting - Cross-app tracking #### **Firebase Crashlytics** - **Collected Data:** - Application crash logs - Stack traces - Device information at crash time - App version - **Purpose:** - Fixing bugs - Improving app stability - Monitoring app health - **NOT Used For:** - User behavior profiling - Advertising #### **Server Logs (Firestore Operations)** - **Collected Data:** - Timestamps of data operations - Error messages - Request success/failure status - Database query logs - **Purpose:** - Debugging technical issues - Monitoring database performance - Security monitoring ### 7.2 What We DO NOT Track ❌ **We NEVER use:** - **IDFA (Identifier for Advertising)** - Apple's advertising identifier - **SKAdNetwork** - Apple's attribution network - **User Tracking** across other apps or websites - **Advertising Networks** (Google AdMob, Facebook Ads, etc.) - **Third-party Analytics** (Google Analytics, Mixpanel, etc. for behavioral tracking) - **Personalized Ads** based on user behavior - **Cross-Device Tracking** - **Email/SMS Tracking** pixels or beacons - **Web Tracking** (cookies, pixels, tags) ### 7.3 Email & Communication Handling - **Email Collection**: Only your registered email for account recovery and support - **Email Tracking**: We do NOT track when you open emails or click links - **Email Sharing**: We do NOT share your email with marketing partners - **Unsubscribe**: All emails include unsubscribe options (if applicable) - **SMS**: We do NOT send promotional SMS messages - **Push Notifications**: Only for app-related alerts (new messages, swap offers, etc.) ### 7.4 Your Data Choices (App Tracking Transparency - ATT) **iOS 14.5+:** You will see a permission request for "App Tracking Transparency" (ATT). **Important:** Even if you grant ATT permission: - We still do NOT use it for advertising - We do NOT track you across other apps - We only use it for analytics within our app - You can revoke this permission anytime in Settings → Privacy → Tracking ### 7.5 Payment Data Handling - **We NEVER store credit card details** - **Stripe handles payments**: We only receive confirmation (success/failure) - **Stripe Privacy**: https://stripe.com/privacy - **No payment tracking**: We don't profile users based on payment data ## 8. Children's Privacy Swap Barter is not intended for users under 13 years of age. We do not knowingly collect information from children under 13. If we discover such collection, we will delete the data immediately. ## 9. Data Security - **Encryption**: Data in transit is encrypted (HTTPS/TLS) - **Firestore Security Rules**: Enforce role-based access control - **No Payment Storage**: Payment details are never stored by us - **Regular Audits**: We monitor for security vulnerabilities - **Access Control**: Only authorized personnel can access user data ## 10. International Data Transfers If you are located outside Turkey, your data may be transferred to and processed in Turkey (Firebase servers). By using the App, you consent to such transfers. ## 11. Third-Party Services Used | Service | Purpose | Tracking? | Link | |---------|---------|-----------|------| | **Firebase** | Auth, Database, Storage | Analytics only | https://firebase.google.com/support/privacy | | **Stripe** | Payment Processing | No behavioral tracking | https://stripe.com/privacy | | **Google Cloud** | Infrastructure | No behavioral tracking | https://cloud.google.com/privacy | ## 12. Contact Us For privacy concerns, complaints, or data requests: - **Email**: support@swapbarter.app - **Response Time**: Within 30 days ## 13. Your Rights **Under GDPR, CCPA, and Turkish Data Protection Law:** - Right to access your personal data - Right to delete your account and data - Right to data portability - Right to opt-out of analytics - Right to lodge complaints with regulatory authorities ## 14. Policy Changes We may update this Privacy Policy periodically. Material changes will be communicated via in-app notification. Continued use of the App constitutes acceptance of changes. --- **Last Updated:** May 23, 2026 **Effective Date:** May 23, 2026 **Swap Barter Team**