Privacy Policy
Welcome to GetTRIX ("we," "our," or "us"). We are committed to protecting your personal information and your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application.
Please read this Privacy Policy carefully. If you do not agree with the terms of this Privacy Policy, please do not access or use the application.
1. Information We Collect
1.1 Information You Provide
- Account Information: Email address, name, and encrypted password when you create an account.
- Family Information: Names, relationships, and roles (parent/guardian) of family members you add.
- Child Information: Name, profile photo (if provided), token balance, reward preferences, and transaction history for each child.
- Photos and Images: Profile photos you upload, stored securely on our servers.
1.2 Information Automatically Collected
- Usage Data: Features accessed, tokens awarded, rewards redeemed, and other usage patterns.
- Device Information: Unique device identifier, mobile operating system, and version.
- Log Information: Access times, pages viewed, and errors encountered.
1.3 Location Information
The application does not collect or track your precise location information.
2. How We Use Your Information
- To provide the application: Process account registration, authenticate access, and deliver core functionality.
- To manage family accounts: Synchronize data between family members and manage reward redemptions.
- To communicate with you: Send updates, security alerts, and support messages.
- To improve our services: Analyze usage patterns and develop new features.
- To ensure security: Detect and address technical issues and fraudulent activity.
3. Data Storage and Security
3.1 Storage
- Cloud Storage: We use Supabase to securely store your data with encrypted connections.
- Device Storage: Authentication tokens, session information, and cached data are stored locally using secure storage mechanisms (SecureStore on iOS, EncryptedSharedPreferences on Android).
3.2 Security Measures
- Data encrypted in transit using TLS/HTTPS and at rest using industry-standard methods.
- Hardware-backed secure storage for authentication tokens on device.
- Access controls limiting personal information to authorized personnel.
3.3 Data Retention
We retain your information for as long as your account is active. When you delete your account, we delete your personal information within 30 days, except where required by law.
4. Information Sharing and Disclosure
4.1 Family Member Access
By design, the application shares information within your family group. Parents and guardians can view and manage all family data. Children can view their own token balance and available rewards.
4.2 Third-Party Service Providers
- Supabase: Backend infrastructure, database, and authentication.
- RevenueCat: Subscription management and purchase validation.
- Resend: Transactional email delivery (invitation emails only).
These providers access your information only to perform specific tasks on our behalf and are obligated not to use it for any other purpose.
4.3 Legal Requirements
We may disclose your information if required by law or in response to valid requests by public authorities.
4.4 No Sale of Personal Information
We do not sell, rent, or trade your personal information to third parties for marketing or advertising purposes.
5. Children's Privacy
The application is designed for family use and may be used by children under 13 with parental supervision. We require parents or guardians to create and manage accounts for children under 13. Children have limited access to features appropriate for their age. We collect only information necessary to provide the application's functionality.
Parents have full control over their child's information and can review, update, or delete it at any time through the application settings or by contacting us.
6. Your Rights and Choices
- Access and Portability: Request a copy of your personal information.
- Correction and Deletion: Update inaccurate information or delete your account.
- Objection: Opt out of certain data processing activities.
- Restriction: Limit how we use your information in certain circumstances.
To exercise these rights, contact us at [email protected].
7. Account Deletion
You may delete your account at any time: navigate to Settings → Family Settings → Delete Account and follow the confirmation prompts. All family data, token history, and reward records will be permanently deleted within 30 days. This action cannot be undone.
Alternatively, contact [email protected] to request account deletion.
8. International Data Transfers
Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your information in accordance with this Privacy Policy.
9. California Residents (CCPA)
California residents have the right to know what personal information we collect, request its deletion, opt-out of the sale of their information (we do not sell information), and non-discrimination for exercising these rights. Contact [email protected] to exercise these rights.
10. EU Residents (GDPR)
EU residents have additional rights including lawful basis review, data portability, erasure, and the right to lodge a complaint with a supervisory authority. Our lawful basis for processing is consent and contract performance.
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you by posting the new policy in the application and sending an in-app or email notification. Continued use of the application after changes indicates acceptance of the updated policy.
12. Contact
Questions, concerns, or complaints:
- Email: [email protected]
- Support: [email protected]
We will respond within 30 days.
© GetTRIX. All rights reserved.