Privacy Policy

1. Introduction

Refloat ("the App", "we", "us", or "our") is a link-saving and content-surfacing application for Android and iOS. We are committed to protecting your privacy. This Privacy Policy explains what information the App collects, how it is used, and what choices you have.

Summary: Most of Refloat's data stays entirely on your device. The App uses Firebase Analytics (by Google) to collect anonymous usage statistics that help us improve the product. No personally identifiable information is collected.

2. Information We Collect

2.1 Data stored on your device

The App stores the following data locally on your device only:

• Saved links and content — URLs, page titles, text, and images that you share into the App
• Reminder schedules — dates and times you set for reminders
• App preferences — your chosen notification time, capture mode, and other settings

All of this data is stored in a local database on your device. It is never transmitted to our servers or any third party.

2.2 Analytics data collected via Firebase Analytics

The App uses Firebase Analytics (provided by Google LLC) to collect anonymous usage data. This data is transmitted to Google's servers and helps us understand how users interact with the App so we can improve it.

What Firebase Analytics collects alongside events:

• App instance ID (a random identifier, not tied to your identity)
• Device model and OS version
• Approximate country (derived from IP address; IP address itself is not stored)
• App version

What we do NOT collect via analytics:

• Your name, email address, or any personal identifier
• The content of your saved links or reminder titles
• Precise location
• Advertising IDs (we have disabled ad ID collection)

2.3 Data we do NOT collect

We do not collect, access, or transmit:

• Personal identification information (name, email address, phone number) — except an email address you voluntarily provide in the feedback form, used solely to reply to you
• The content of your saved links, URLs, or reminder text
• Precise location data
• Contacts, calendar, or other device data
• Financial or payment information
• Browsing history outside of links you explicitly share into the App

2.4 Network requests made by the App

The App makes the following network requests:

• URL metadata extraction — When you save a link, the App fetches the webpage from your device to extract the page title for display purposes. This request goes directly from your device to the website of the saved link. We do not route this traffic through our servers and we do not log or store any information about these requests.
• Firebase Analytics — Anonymous usage events are sent to Google's Firebase servers as described in section 2.2.
• Feedback submission — when you submit the in-app feedback form, your message, optional email, OS name, and app version are sent over HTTPS to our servers (see section 2.5).

No other network requests are made by the App.

2.5 Feedback

If you choose to submit feedback via the in-app feedback form (accessible from the home screen), your message is transmitted over HTTPS to our backend servers and stored in a private database. The submission also includes your operating system name and app version for context.

Email address — providing your email is entirely optional. If you include it, we use it solely to reply to your feedback. We will never use it for marketing, share it with third parties, or contact you for any other purpose.

This data is never shared with third parties and is used solely to respond to and act on your feedback.

Submitting feedback is entirely voluntary and requires your explicit action.

3. How We Use Information

The App uses data for the following purposes:

• App functionality — locally stored data is used to display your saved links and reminders, send local notifications, and extract page titles from URLs
• Product improvement — anonymous analytics events are used to understand which features are used, measure retention, and prioritize improvements
• Error diagnosis — aggregate usage patterns help identify unexpected drop-offs or broken flows

We do not use analytics data to identify individual users, serve advertising, or share data with third parties for marketing purposes.

4. Data Sharing and Disclosure

We do not sell, rent, or share your data with third parties for commercial purposes.

Anonymous analytics data is transmitted to Google LLC via Firebase Analytics as part of the analytics service described in section 2.2. This data is governed by Google's Privacy Policy and Google's Firebase data processing terms.

Your locally stored content (saved links, reminder text, preferences) never leaves your device.

5. Data Retention and Deletion

All App data is stored locally on your device. You have full control over your data:

• Delete individual items — You can delete any saved link or reminder within the App at any time.
• Delete all data — Uninstalling the App removes all associated data from your device.
• Clear app data — You can clear the App's data through your device's system settings at any time.

We do not retain any copy of your data on external servers.

6. Data Security

Your locally stored data is protected by your device's built-in security mechanisms (device encryption, screen lock, app sandboxing).

Analytics data transmitted to Firebase is protected by Google's security infrastructure and transmitted over encrypted HTTPS connections. Google is certified under ISO 27001 and SOC 2/3.

7. Children's Privacy

The App does not knowingly collect personal information from children under the age of 13. Firebase Analytics does not collect personally identifiable information. If you are a parent or guardian and believe your child has used this App, please contact us — we will ensure any associated analytics data is deleted from Firebase.

8. Third-Party Services

The App does not contain advertisements. We do not use advertising networks or data brokers.

9. Permissions

The App does not request access to your camera, microphone, contacts, location, calendar, or storage beyond its own app-specific directory.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will update the "Last updated" date at the top of this document. We encourage you to review this Privacy Policy periodically.

If a future version of the App introduces cloud features or data collection, we will update this policy accordingly and, where required, request your consent before collecting any new data.

11. Your Rights

Locally stored data — you have full control. Delete individual items within the App, or uninstall the App to remove all data from your device.

Re-engagement notifications — if your inbox is empty, the App may send occasional "Refloat is ready when you are" notifications to remind you to save content. You can permanently opt out by tapping the "Stop reminding me" action button directly on any such notification. No app interaction required.

Analytics data — Firebase Analytics associates events with an anonymous app instance ID (not your identity). You can reset or opt out at any time:

• Android: Settings → Google → Ads → Reset advertising ID, or Settings → Google → Usage & Diagnostics → turn off
• iOS: Settings → Privacy & Security → Analytics & Improvements → turn off "Share iPhone Analytics"

You may also contact us at feedback@refloat.app to request deletion of analytics data associated with your app instance.

If you are located in the European Economic Area (EEA), you have rights under GDPR including access, correction, deletion, and portability of your data. Since we process only anonymous analytics data, these rights primarily apply to Firebase's data processing — see Google's GDPR commitments for details.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or the App's privacy practices, please contact us at:

Email: feedback@refloat.app

This privacy policy applies to the Refloat mobile application available on Google Play and the Apple App Store.