Privacy Policy

1. Introduction

We believe in transparency about how we handle your data because that's what we expect from the services we use. We appreciate your trust in Fossil Vault and are committed to handling your data thoughtfully and responsibly. By using our services, you accept this privacy policy.

Important: We do not require any personally identifiable information (PII) to use Fossil Vault. If you choose to provide PII to enable certain features, we store it securely and never sell it to third parties.

2. Information We Collect

Personal Information

• Email address (for account creation and TestFlight invitations)
• Account credentials (username and encrypted password)
• Profile information you voluntarily provide

Fossil Collection Data

• Specimen information (species, geological period, dimensions, etc.)
• Photos and images of your fossil specimens
• GPS coordinates and location data (only when explicitly provided by you)
• Custom tags, notes, and organizational data
• Collection statistics and analytics

Technical Information

We do not collect or store:

• Device information (iOS version, device model, or hardware details)
• App usage analytics or tracking data
• Network information (IP addresses, connection types, or browsing behavior)
• Location data (unless explicitly provided by you for fossil discovery locations)
• Any form of behavioral tracking or analytics

Fossil Vault is designed to work without invasive data collection. We believe your fossil collection data should remain private and under your control.

3. How We Use Your Information

• Service Provision: To provide and maintain the Fossil Vault app functionality
• Data Synchronization: To sync your collection across your devices
• Account Management: To create and manage your user account
• Communication: To send TestFlight invitations and important service updates
• Improvement: To analyze usage patterns and improve our services
• Support: To provide customer support and respond to inquiries
• Security: To detect and prevent fraud, abuse, and security issues

4. Information Sharing and Disclosure

We do not sell, trade, or otherwise transfer your personal information to third parties except in the following circumstances:

• Service Providers: Trusted third parties who assist in operating our service (e.g., Firebase, cloud storage)
• Legal Requirements: When required by law or to protect our rights and safety
• Business Transfers: In the event of a merger, acquisition, or sale of assets
• Consent: When you explicitly consent to sharing specific information

5. Data Storage and Security

We implement industry-standard security measures to protect your information:

• Data encryption in transit and at rest
• Secure authentication mechanisms
• Regular security audits and updates
• Limited access to personal data by authorized personnel only
• Data backup and recovery procedures

Your data is stored on secure servers provided by Google Firebase, which complies with international security standards and regulations.

6. Your Rights and Choices

• Access: Request access to your personal information
• Correction: Request correction of inaccurate data
• Deletion: Request deletion of your account and data
• Portability: Request export of your data in a portable format
• Restriction: Request limitation of data processing
• Objection: Object to certain types of data processing

To exercise these rights, contact us at privacy@fossilvault.app.

7. Local vs. Cloud Storage

Fossil Vault offers both local and cloud storage options:

• Local Mode: Data stored only on your device, no cloud synchronization
• Cloud Mode: Data synchronized across devices via Firebase
• You can switch between modes or migrate data as needed
• Local data is not accessible to us and remains under your complete control

8. Children's Privacy

Our service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your data in accordance with applicable data protection laws.

10. Data Retention

We retain your information for as long as necessary to provide our services and fulfill legal obligations. You can request deletion of your account and data at any time.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the effective date. We encourage you to review this policy periodically.

12. Contact Information

If you have questions about this Privacy Policy or our privacy practices, please contact us: