Privatlivspolitik

At Vitatrellis, we are committed to protecting your privacy. This Privacy Policy describes how we collect, use, and handle your personal information when you use our mobile application (iOS and Android), web application, and backend services.

1. Information We Collect

We only collect information that is necessary to provide the features of the app:

1.1 Account Data

• Email Address: Used for account management, authentication, and essential communications
• Name: Used to identify you within your household
• Password: Encrypted with industry-standard bcrypt hashing (we can never see your password)

1.2 Social Login Data

When you choose to sign in using social authentication providers, we collect:

• Google Sign-In: Email address, name, profile picture (optional)
• Sign in with Apple: Email address (or private relay email), name
• Facebook Login: Email address, name, profile picture (optional)
• Social Provider IDs: Unique identifiers from the authentication provider (used for account linking)

We only request the minimum necessary information to create and authenticate your account. You can revoke social login access at any time through your provider's settings.

1.3 User Content

• Tasks, shopping lists, and recipes you create
• Household names and memberships
• This data is shared with other members of the same household as part of the app's core functionality

1.4 Device Information

• Device model and operating system version
• App version and crash reports (via Firebase Crashlytics if active, see Section 3.9; or via Sentry debug logging if you have enabled it, see Section 3.8)
• Anonymous usage statistics (via Firebase Analytics, only if you have enabled it, see Section 3.10)
• Firebase Installation ID: A device-scoped, randomly generated identifier used by Firebase In-App Messaging (Section 3.11) to deliver in-app messages while the app is open. It is not linked to your personal identity.
• Device advertising identifiers (for ad serving, see Section 3)
• Device Tokens: For push notifications via Firebase Cloud Messaging (FCM)

2. Location Data (Foreground Only)

Vitatrellis accesses your device's location to enable features such as:

• Marking task locations on a map
• Tagging tasks with specific places
• Providing location-based reminders

How we handle location data:

• Access Level: Location data is accessed only while the app is actively in use (foreground only)
• Background Location: We do NOT collect or track your location in the background
• Usage: Your current device location is used to evaluate location-based features (for example, nearby tasks and reminders) when you open or use the app
• Storage: We do not store a continuous history or timeline of your movements on our servers
• Encryption: Any location data stored is encrypted using AES-256-GCM

2.1 Task Location Coordinates and Household Sharing

Task locations are treated as part of the task content you create:

• Per-task location: If you attach a location to a task, the task may include coordinates and a location label
• Household visibility: If that task is in a shared household, the task location is visible to members of that household so they can coordinate work and receive relevant reminders
• No live tracking sharing: We do not share your live, continuous device location with household members; only the location attached to a task is shared as task data
• User control: You can choose not to add a location to a task, remove location from an existing task, disable location permission on your device, or keep tasks in personal (non-shared) lists

3. Third-Party Services and Data Sharing

We do NOT sell your personal data. To provide specific features, we work with the following third-party providers:

3.1 Firebase Cloud Messaging (FCM)

• Used to deliver push notifications for task reminders, household updates, and service messages
• Collects device tokens to route notifications to your device
• Operated by Google LLC
• Governed by Firebase Privacy Policy

3.2 Social Authentication Providers

We support the following social login options to make account creation easier:

• Google Sign-In: Operated by Google LLC - Google Privacy Policy
• Sign in with Apple: Operated by Apple Inc. - Apple Privacy Policy
• Facebook Login: Operated by Meta Platforms Inc. - Facebook Privacy Policy

When you use social login, these providers may share basic profile information with us as described in Section 1.2. You can revoke access at any time through your provider's account settings or by unlinking the account in the Vitatrellis app settings.

3.3 Google Play Services

• Used for app infrastructure, updates, and push notifications on Android devices
• Governed by Google's Privacy Policy

3.4 Apple Services

• Used for app distribution, updates, and push notifications on iOS devices
• Governed by Apple's Privacy Policy

3.5 Google AdMob

• We display advertisements to keep the app free
• AdMob may use device advertising identifiers to show relevant ads
• You can opt out of personalized ads in your device settings
• Learn more: Google Ad Privacy

3.6 In-App Billing (Google Play / Apple App Store)

• All financial transactions for subscriptions are handled securely by Google Play or Apple App Store
• We do NOT store your credit card information
• Payment data is processed according to Google's and Apple's payment policies

3.7 Cloudflare R2 Storage

• Used for storing app assets and user-uploaded content (if applicable)
• Data is stored securely with encryption
• Governed by Cloudflare's Privacy Policy

3.8 Sentry (Debug Logging, Opt-in)

• Debug Logging (Opt-in, Default OFF): Sentry integration is disabled by default to protect your privacy. No data is sent to Sentry unless you explicitly activate it via the in-app developer debug menu (accessed by tapping 10 times in the top-left corner of the main screen). When enabled, warning and error-level messages from app components may be forwarded to Sentry's servers.
• Remote Debug Activation: For support and troubleshooting purposes, our development team may remotely activate debug logging for a specific user account (identified by their anonymous internal user UUID) via Firebase Remote Config. This is only done when investigating a reported issue.
• Operated by Functional Software Inc. (USA) — Sentry Privacy Policy
• Data transfers to Sentry are covered by Standard Contractual Clauses (SCCs) ensuring GDPR compliance

3.9 Firebase Crashlytics (Crash Reporting)

• Crash Reporting (Opt-out, Default ON): Firebase Crashlytics automatically collects anonymized crash reports to help us identify and fix stability issues. This is enabled by default to ensure app quality, but you can disable it at any time in your profile under “Hjælp og support” (Help & Support) or during the first-login setup.
• Data collected: device model, OS version, app version, and anonymized stack traces. No personally identifiable information is included in crash reports.
• Operated by Google LLC — Firebase Privacy Policy

3.10 Firebase Analytics (Usage Statistics)

• Usage Analytics (Opt-in, Default OFF): Firebase Analytics is disabled by default. You can enable it during the first-login setup or at any time in your profile under “Hjælp og support” (Help & Support). Data is only collected when you explicitly give consent.
• Data collected when enabled: anonymized app usage events, screen views, and feature interactions. No personally identifiable information is linked to analytics events.
• Operated by Google LLC — Google Privacy Policy

3.11 Firebase In-App Messaging

• In-App Messages (Default ON – necessary for service): We use Firebase In-App Messaging to display informational messages, system announcements, and release notes while the app is open. Examples include maintenance notices, new feature announcements, and upgrade information.
• What data is used: Firebase In-App Messaging uses your Firebase Installation ID (a device-scoped random identifier – not linked to your personal identity or email) to route messages to your device. No personally identifiable information is used for message delivery.
• Engagement tracking (tied to Analytics consent): Aggregated engagement data (impressions and button taps) may be sent back to Firebase only if you have enabled Firebase Analytics (see Section 3.10). If Analytics is disabled, no engagement data is collected.
• Targeting: If you have consented to Analytics, an anonymous user property (subscription_plan) may be used to show relevant messages (e.g. upgrade information to free-plan users). This property contains only the plan identifier (e.g. “free” or “starter_monthly”) and is not linked to your personal identity.
• Operated by Google LLC — Firebase Privacy Policy

3.12 Authentication & Security

• We use standard encryption and security protocols to protect your data during transmission and storage
• All data transmission uses TLS 1.3 (HTTPS)
• Passwords are hashed using bcrypt with salt

4. Data Storage and GDPR Compliance

4.1 Data Location

• All personal data is stored on Railway servers located in Europe (EU region)
• This ensures compliance with GDPR and European data protection laws
• Data is NOT transferred outside the European Economic Area (EEA) without appropriate safeguards

4.2 Data Security

Data Type	Protection Method
Passwords	Bcrypt hashing with salt (irreversible)
GPS Coordinates	AES-256-GCM encryption
Addresses	AES-256-GCM encryption
Data in Transit	TLS 1.3 (HTTPS)
API Access	JWT-based authentication

5. Communications and Notifications

5.1 Transactional Emails

We send essential emails for:

• Account verification
• Password resets
• Security alerts

These are mandatory for account security and cannot be disabled.

5.2 Push Notifications

We use Firebase Cloud Messaging (FCM) to deliver push notifications to your device. Push notifications include:

5.2.1 Service Messages (Mandatory)

• Security alerts and account notifications
• Household invitations and membership changes
• Important service updates and maintenance notices

These notifications are essential for the proper functioning of the app and cannot be disabled.

5.2.2 Task and Reminder Notifications (Optional)

• Task reminders based on time or location
• Shopping list updates
• Household activity notifications
• Recipe meal planning reminders

You can enable or disable these notifications at any time in the app's Profile settings or through your device's notification settings.

5.2.3 Marketing Communications (Opt-in)

• New feature announcements
• Tips and best practices
• Special offers and promotions

Marketing notifications require explicit consent and can be easily disabled at any time through the app settings. We will never send marketing communications without your permission.

5.3 In-App Messages (Firebase In-App Messaging)

In addition to push notifications, we use Firebase In-App Messaging to display informational cards and banners while the app is actively open. No notification permission is required – these messages appear directly within the app interface.

5.3.1 System & Service Messages (Mandatory)

• App maintenance and downtime announcements
• Critical service updates
• Account-related alerts

These are considered necessary for the proper functioning of the service. Message delivery relies on a device-scoped Firebase Installation ID (see Section 3.11 and Section 1.4).

5.3.2 Feature Announcements & Release Notes (Optional)

• New feature introductions
• Tips and how-to guides
• Release notes for significant updates

5.3.3 Subscription Upgrade Information (Opt-in for Analytics)

• Informational messages about available subscription plans
• These are only targeted to specific plan groups (e.g. free-plan users) if you have consented to Firebase Analytics (Section 3.10). Without Analytics consent, upgrade messages are either not shown or delivered without personalization.

You can dismiss any in-app message at any time. In-app messages do not use your personal data for targeting beyond the anonymous subscription_plan property described in Section 3.11.

5.4 Task Reminders (Email)

You can choose to receive:

• Daily summaries via email
• Local push notifications
• Task reminders

You can manage or disable these at any time in the app's "Profile" settings.

6. Your Rights (GDPR)

Under GDPR, you have the following rights:

6.1 Right to Access (Article 15)

• You can request a copy of all your personal data
• Available via the data export feature in the app
• Or by contacting us at [email protected]

6.2 Right to Erasure (Article 17)

• You have full control over your data
• Delete your account and all associated data instantly via the "Delete Account" button in the app's Profile screen
• Important: Before deleting your account, you must leave all households you're a member of. The app will guide you through this process.
• Deletion is permanent and irreversible
• For detailed instructions, see our Data Deletion Guide

6.3 Right to Data Portability (Article 20)

• Export your data in machine-readable JSON format
• Use the data export feature in the app settings

6.4 Right to Rectification (Article 16)

• Update your profile information at any time via the app

6.5 Right to Object

• Object to data processing by deleting your account
• Opt out of optional notifications in settings

7. Data Retention and Account Deletion

We keep your data for as long as your account is active.

7.1 Account Deletion

• You can delete your account instantly via the "Delete Account" button in the app's Profile screen or webapp Settings page
• The app will check if you're a member of any households and guide you through leaving them first
• This will permanently delete:
  • Your personal data
  • All your personal tasks, recipes, and shopping lists
  • Your social login connections (you may also want to revoke access separately - see our Data Deletion Guide)
  • Your FCM device tokens and notification preferences
• Alternatively, contact us at [email protected] to request deletion
• For step-by-step deletion instructions, see our Data Deletion Guide

7.2 Data Retention Periods

• Account Data: Kept until you delete your account
• Task Location Coordinates: Stored encrypted and automatically removed from completed tasks after a retention period
• Logs: Anonymized logs kept for 30 days for debugging purposes
• Backup Data: Deleted from backups within 30 days of account deletion

8. Children's Privacy

We do not knowingly collect personal information from children under 13 years of age. If we become aware that a child under 13 has provided us with personal data, we will delete it immediately.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us at [email protected].

9. International Data Transfers

Your data is primarily stored in the European Union (EU) on Railway infrastructure. If data needs to be transferred outside the EU for service provision, we ensure:

• Adequate protection through Standard Contractual Clauses (SCCs)
• Compliance with GDPR Article 46
• Appropriate technical and organizational measures

10. Security Measures

We implement industry-standard security measures to protect your data:

• End-to-end encryption for sensitive data
• Field-level encryption for task location coordinates
• Audit logging for access to task location coordinates
• Regular security audits and updates
• Access controls and authentication
• Secure development practices
• Regular backups in secure locations

11. Cookies and Tracking

The web version of Vitatrellis uses only technically necessary cookies:

• Session cookies to maintain your login
• Preference cookies for language settings

We do NOT use tracking cookies or third-party analytics on the web app. The mobile app may use Firebase Analytics if you have explicitly enabled it in your profile settings (see Section 3.10).

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect:

• Changes in our practices
• Legal or regulatory requirements
• New features or services

We will notify you of any significant changes by:

• Posting the new policy in the app
• Sending you an email notification
• Displaying a notice on our website

Your continued use of the service after changes constitutes acceptance of the updated policy.

13. Geographic Restrictions

The App is not intended for use by residents of the United States or Canada. Use of the App from these jurisdictions is not authorized by Lunnet ApS and is entirely at the user's own risk.

We expressly disclaim any and all legal liability towards users who access or use the Service in circumvention of this geographic restriction. By using the Service, you represent and warrant that you are not located in, and are not a resident of, the United States or Canada.

14. Contact Us

If you have any questions, feedback, or need support, please reach out to us.

Support & Inquiries

For general questions or technical support:

• Email: [email protected]

Privacy & Data

For questions regarding your data or privacy:

• Email: [email protected]
• Data Protection Officer: [email protected]

In-App Feedback

You can also send us feedback directly through the Feedback screen in the Vitatrellis app or webapp.

Legal Information

Vitatrellis is developed and operated by:

15. Supervisory Authority

If you are located in the EU/EEA, you have the right to lodge a complaint with your local data protection authority if you believe we have not complied with applicable data protection laws.