Privacy Policy

1. Introduction

UNTRAPD ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application FINDERR (the "App") and related services.

App Purpose: FINDERR is a phone recovery and alert system that displays your contact information on your device's lock screen when your phone is lost, helping others return it to you.

2. Information We Collect

2.1 Personal Information You Provide

Account Information:

• Email address (required for account creation)
• Name (optional)
• Phone number (optional)

Alert Contact Information:

• Alert email address (displayed when phone is lost)
• Alert phone number (displayed when phone is lost)

Survey Data:

• Mobile phone usage patterns and preferences
• Device usage habits
• Demographics information (age, location - optional)
• Phone loss experiences

2.2 Information Automatically Collected

Device Information: Device type, operating system version, app version, device identifiers (for authentication only).

Usage Data: App feature usage, survey completion status, timestamps, error logs and crash reports.

2.3 Information from Third Parties

Authentication Services: Apple Sign-In and Google Sign-In provide basic profile information you explicitly consent to share (User ID, email, name).

Payment Processing (RevenueCat): Purchase transaction data, subscription status, customer identifiers. We do NOT receive or store payment card information.

3. How We Use Your Information

3.1 Primary App Functions

• Display your contact information when phone is reported lost
• Enable remote activation of alert screen via web interface or SMS
• Store custom background images for alert display
• Create and maintain your user account
• Sync settings across devices

3.2 Service Improvement

• Analyze survey responses to improve our services
• Understand user preferences and usage patterns
• Troubleshoot app issues and monitor performance

3.3 Communications

We send account verification emails, important app updates, and security notices. Marketing communications are optional and you can opt-out at any time.

4. Information Sharing and Disclosure

4.1 Service Providers

We share information with trusted service providers:

• Supabase - Database and authentication (EU region)
• RevenueCat - Payment processing and subscription management
• Google Play - App distribution and billing

4.2 Legal Requirements

We may disclose information if required by law, in response to court orders, law enforcement requests, or to protect the rights and safety of users.

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred with the same privacy protections.

5. Data Security

• Industry-standard encryption for data transmission (HTTPS/TLS)
• Secure database storage with Row Level Security (RLS) policies
• Regular security audits and updates
• Limited access to personal data on need-to-know basis

Data Retention

• Account Data: Retained while active, deleted within 30 days of account deletion
• Survey Data: Retained for up to 3 years (anonymized after 1 year)
• Usage Analytics: Retained for up to 2 years
• Payment Data: Managed by RevenueCat per their policies

6. Your Privacy Rights

You have the right to:

• Access your personal information
• Update or correct your data
• Delete your account and associated data
• Export your data in a portable format
• Opt-out of marketing communications

Update your information in the app Settings, or contact us at legal@finderr.untrapd.com. We respond within 30 days.

Data Deletion

When you delete your account: personal information is deleted within 30 days, survey responses are anonymized, cached data is removed, and third-party services are notified.

7. Children's Privacy

FINDERR is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we discover such collection, we will delete it immediately.

8. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards including standard contractual clauses and your explicit consent where required.

Primary processing: European Union (Supabase EU region), United States (RevenueCat, Google Play).

9. Cookies and Tracking

Mobile App: Does not use cookies. Uses local storage for preferences and device identifiers for authentication.

Web Interface: Essential cookies for login, analytics (Google Analytics - can be disabled). No advertising or tracking cookies.

10. Regional Privacy Rights

California Residents (CCPA/CPRA)

Right to know what data is collected, right to delete, right to opt-out of sale (we don't sell data), right to non-discrimination, right to correct inaccurate information.

European Residents (GDPR)

Lawful basis: consent and legitimate interests. Rights include: withdraw consent, data portability, restrict processing, object to processing.

11. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices. We will post updates in the app, send notification for material changes, and provide 30 days notice for significant changes.