Privacy Policy
Effective: December 23, 2021
Last Updated: April 30, 2025
Table of Contents
1. Overview
This Privacy Policy governs the automatic data collection practices of our mobile applications ("the Apps") in compliance with South Africa's Protection of Personal Information Act (POPIA). We only collect data necessary for app functionality through automated means.
Key Principles:
- We collect only system-generated data - no manual user input required
- No collection of personal identifiers (name, email, phone number, etc.)
- Data may be processed outside South Africa as detailed in Section 5
2. Data Collection
Automatic Data Collection
| Service | Data Collected | Purpose | Retention |
|---|---|---|---|
| Google AdMob | Advertising ID, device type | Ad delivery and measurement | Up to 18 months* |
| Firebase Analytics | Usage statistics | App improvement | 2 months |
| Firebase Crashlytics | Crash reports | Bug fixing | 90 days |
| Firebase Cloud Messaging | Push notification token | App notifications | Until uninstall |
*You can reset your Advertising ID in device settings
3. Data Retention
I retain data only for as long as necessary to fulfill the purposes for which it was collected, as outlined in this policy.
My retention principles include:
- Data is automatically deleted after the retention periods specified in Section 2
- When you uninstall the app, device-specific identifiers are removed from active use
- I review retention periods annually to ensure they remain appropriate
Note on Third-Party Services:
While I maintain the retention periods specified for direct access to data, third-party services like Google may have their own retention policies. For complete information, please refer to their privacy policies linked in Section 5.
4. External Links Disclosure
Our apps may contain links to third-party websites or services. Please note:
- I do not operate these external sites/services
- Links are provided for convenience only
- I do not endorse their content or practices
Important:
When you leave our app via these links, their own privacy policies apply. I recommend reviewing them before providing any personal information.
5. International Data Processing
Under POPIA Section 72, I disclose that your data may be processed outside South Africa through:
- Google LLC (United States) for:
- Firebase services (Analytics, Crashlytics, Cloud Messaging)
- AdMob advertising services
Safeguards in Place:
- Google's Binding Corporate Rules (BCRs)
- EU Standard Contractual Clauses (SCCs)
- ISO 27001/27017/27018 certifications
For complete information about how Google processes your data, please review their privacy policies:
By using our apps, you acknowledge that your data may be transferred, stored, and processed in countries with different data protection laws than South Africa.
Third-Party Service Terms: In alignment with POPIA requirements, I rely on the standard terms of service and data processing terms provided by Google LLC for Firebase and AdMob services. These standard terms include provisions for security measures and appropriate data processing practices. As an indie developer, I carefully review these terms to ensure they provide adequate protection for user data.
Your Consent to International Transfers:
By using our apps, you specifically consent to the transfer of automatically collected data to Google LLC in the United States as described in this section. You acknowledge that different countries may have different data protection standards than South Africa, and that Google LLC implements the safeguards described above to protect your information.
6. Your Controls & Rights
Immediate Controls
- Advertising: Reset ID via device settings
- Notifications: Disable in app/device settings
- External Links: Choose not to click on them
POPIA Rights
- Request access to your data
- Request deletion where possible
- Lodge complaints with the Information Regulator
7. Data Security
I implement appropriate technical and organizational measures including:
- HTTPS encryption for all data transmissions
- Regular security audits of Firebase configurations
- Contractual safeguards with international providers
Breach Notification Commitment:
In the event of a data breach affecting personal information, I will notify the Information Regulator and affected users within 72 hours of discovery, as required by POPIA.
8. Children's Privacy
Our apps are not directed to children under the age of 18. I do not knowingly collect personal information from children.
Notice to Parents/Guardians:
If you believe I have inadvertently collected personal information from a child under 18, please contact me immediately at the email address below, and I will take steps to delete such information.
9. Regulatory Compliance
As an independent developer, I am committed to maintaining compliance with South Africa's Protection of Personal Information Act (POPIA).
Small-Scale Processing: Our apps fall under POPIA's provisions for small-scale personal information processing. While formal registration with the Information Regulator is not currently required for my operation, I am still fully committed to following POPIA's principles.
Compliance Approach: I regularly review my data handling practices to ensure they align with POPIA requirements, including minimizing data collection, maintaining appropriate security measures, and respecting user rights.
10. Contact Information
Responsible Party
For all privacy-related inquiries:
Response within 21 business days
Information Regulator (SA)
For formal complaints:
JD House, 27 Stiemens Street, Braamfontein, Johannesburg