Privacy Policy for Bytmark

Introduction

Bytmark ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application (the "App").

Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the App.

Information We Collect

Information You Provide to Us

Account Information:

• Email address
• Username
• Password (encrypted)
• Profile picture (optional)

Content You Create:

• Bookmarks (URLs, titles, descriptions, notes)
• Collections (names, descriptions, notes, icons)
• Custom organization preferences

Information Collected Automatically

Device Information:

• Device type and model
• Operating system version
• Unique device identifiers
• Advertising ID (IDFA on iOS, AAID on Android)

Usage Data:

• App features used
• Time spent in the App
• Bookmarks created, edited, or deleted
• Collections created and managed
• Crash reports and error logs

Authentication Data:

• Login method used (email, Google, Apple)
• Authentication tokens
• Session information

How We Use Your Information

We use the information we collect to:

• Provide Core Services: Create and manage your account, sync bookmarks across devices, and enable core App functionality
• Analytics: Understand how users interact with the App to improve features and user experience
• Subscription Management: Process and manage Pro subscriptions through RevenueCat
• Security: Detect and prevent fraud, abuse, and security incidents
• Technical Support: Troubleshoot issues, respond to support requests, and fix bugs
• Communication: Send important updates about your account, subscriptions, or App changes, and marketing emails about new features and product updates (you can unsubscribe at any time)
• Crash Reporting: Identify and fix technical issues to improve App stability

Third-Party Services

We use the following third-party services that may collect information:

Supabase (Backend & Authentication)

• Purpose: User authentication, database storage, cloud sync
• Data Collected: Email, username, profile data, bookmarks, collections
• Privacy Policy: https://supabase.com/privacy

Firebase (Google)

• Purpose: Analytics and crash reporting
• Data Collected: Device information, usage data, advertising IDs, crash logs
• Privacy Policy: https://firebase.google.com/support/privacy

RevenueCat

• Purpose: Subscription and payment management
• Data Collected: Purchase history, subscription status, advertising IDs
• Note: Pricing may vary by country due to local currency, taxes, and App Store policies. All payments are processed through Apple App Store or Google Play Store.
• Privacy Policy: https://www.revenuecat.com/privacy

Google Sign-In

• Purpose: Third-party authentication
• Data Collected: Email, profile information from your Google account
• Privacy Policy: https://policies.google.com/privacy

Apple Sign-In

• Purpose: Third-party authentication
• Data Collected: Email (optional), name, Apple ID token
• Privacy Policy: https://www.apple.com/legal/privacy/

Resend

• Purpose: Sending transactional and marketing emails
• Data Collected: Email address, name (for personalization)
• Privacy Policy: https://resend.com/legal/privacy-policy

Advertising ID Usage

• Analytics and understanding user behavior
• Attribution for subscription conversions
• Fraud prevention and security
• Cross-device analytics

We do not:

• Show advertisements in the App
• Share your advertising ID with advertising networks
• Use your data for targeted advertising
• Sell your data to third parties

Data Storage and Security

Where We Store Data:

• Your data is stored securely in the cloud using Supabase's infrastructure
• Profile images and collection covers are stored in secure cloud storage
• Backups are stored in encrypted cloud storage

Security Measures:

• All data transmitted between your device and our servers is encrypted using HTTPS/TLS
• Passwords are hashed and encrypted
• We use industry-standard security practices to protect your data
• Regular security audits and updates

Data Retention

• Active Accounts: We retain your data for as long as your account is active
• Inactive Accounts: Data may be retained for a reasonable period after account inactivity
• Account Deletion (30-Day Policy): When you request account deletion, your account is scheduled for permanent deletion 30 days from your request. During this 30-day period, you may continue using the App and can cancel (undo) the deletion at any time. If you do not cancel, we permanently delete all your personal data, bookmarks, and collections after the 30-day period. We will send you an email confirming the scheduled deletion date.
• Backups: Backup files you create are retained until you delete them or your account is deleted
• Legal Requirements: Some data may be retained longer if required by law

Your Rights and Choices

You have the right to:

Access Your Data

• View all your bookmarks, collections, and account information within the App
• Download backups of your data in HTML format

Update Your Data

• Edit your profile, username, email, and password
• Modify or delete bookmarks and collections at any time

Delete Your Data

• Delete individual bookmarks or collections
• Request deletion of your entire account through Profile → Login Methods → Delete Account. Your account will be scheduled for permanent deletion in 30 days. You may cancel the scheduled deletion at any time during that period.

Export Your Data

• Download complete backups of your bookmarks and collections in HTML format
• Export data at any time through Profile → Backup Bookmarks

Manage Authentication

• Add or remove login methods (email, Google, Apple)
• Change your primary sign-in method

Opt-Out of Analytics

While we don't currently offer in-app analytics opt-out, you can:

• iOS: Settings → Privacy → Tracking → Disable "Allow Apps to Request to Track"
• Android: Settings → Google → Ads → Opt out of Ads Personalization

Children's Privacy

Bytmark is available to users who meet the minimum age requirements set by the Apple App Store or Google Play Store in their jurisdiction. We comply with applicable children's privacy laws, including COPPA (Children's Online Privacy Protection Act) in the United States.

Parents and guardians should be aware that while we do not knowingly collect personal information from children without proper consent, minors may create accounts. If you believe we have collected information from a child without proper consent, please contact us immediately, and we will delete the information.

Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties.

We may share your information only in the following circumstances:

• With Your Consent: When you choose to share collections publicly (Pro feature only)
• Service Providers: With third-party services (Supabase, Firebase, RevenueCat, Resend) necessary to operate the App
• Legal Requirements: If required by law, court order, or government request
• Business Transfers: In the event of a merger, acquisition, or sale of assets (users will be notified)
• Safety and Security: To protect the rights, property, or safety of Bytmark, our users, or others

Public Collections (Pro Feature)

Pro users can make collections public and share them via link. When you make a collection public:

• Anyone with the link can view the collection name, description, and bookmarks
• Your username and profile information are NOT shared
• You can make collections private again at any time
• You control what collections are public

International Data Transfers

Your information may be transferred to and stored on servers located outside your country of residence. By using the App, you consent to the transfer of your information to countries that may have different data protection laws than your country.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by:

• Updating the "Last Updated" date
• Posting the new Privacy Policy in the App
• Sending an email notification for significant changes (if applicable)

Your continued use of the App after changes constitutes acceptance of the updated Privacy Policy.

California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• Right to Know: What personal information we collect and how we use it
• Right to Delete: Request deletion of your personal information
• Right to Opt-Out: We do not sell personal information, so opt-out doesn't apply
• Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights

To exercise these rights, contact us using the information below.

European Privacy Rights (GDPR)

If you are in the European Economic Area (EEA), you have additional rights under GDPR:

• Right to Access: Request a copy of your personal data
• Right to Rectification: Correct inaccurate personal data
• Right to Erasure: Request deletion of your personal data
• Right to Data Portability: Receive your data in a portable format
• Right to Object: Object to processing of your personal data
• Right to Withdraw Consent: Withdraw consent at any time

Legal Basis for Processing:

• Contract: To provide the App services
• Legitimate Interest: Analytics, security, and fraud prevention
• Consent: For optional features like public collections

Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your data, please contact us:

Email: support@bytmark.com

App: Profile → Feedback

Response Time: We aim to respond within 7 business days