Privacy Policy

Introduction

Dowser ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the Dowser walking discovery app and related services.

Information We Collect

Account Information

When you sign in using Google via Firebase Authentication, we receive:

• Your name and email address
• Profile photo (if provided by your Google account)
• A unique account identifier

Location Data

Dowser uses your device's GPS to generate walking routes and guide you to destinations. We collect:

• Your current location when you start a walk
• Location updates during an active walking session
• Arrival confirmation at destinations

Location data is only collected while you are actively using the app to navigate a route. We do not track your location in the background or when the app is closed.

Usage and Preference Data

To improve the service, we collect:

• Theme selections (e.g., cafes, nightlife, scenic)
• Exploration history (which neighborhoods you have visited)
• Destination ratings (thumbs up / thumbs down)
• Session metadata (start time, duration, distance walked)

Device and Analytics Data

We automatically collect:

• Device type and operating system version
• App version and crash reports
• General usage patterns to diagnose issues

How We Use Your Information

• Route generation: Your location and selected theme are used to calculate a scored walking route to a destination near you.
• Personalization: Your ratings and exploration history help us recommend destinations you are more likely to enjoy and avoid places you have already been.
• Analytics: Aggregated, anonymized usage data helps us understand how the app is used and where to improve it.
• Service operation: Account information is used for authentication, session management, and communicating service-related updates.

Data Sharing

We do not sell your personal data. We share information only with the following service providers, solely to operate and improve Dowser:

• Firebase (Google): Authentication and account management
• Mapbox: Walking route calculation (receives anonymized origin/destination coordinates)
• Amazon Web Services (AWS): Cloud hosting, data storage, and serverless compute
• Google Places: Venue data used in the scoring pipeline (no personal data is sent)

Each provider operates under its own privacy policy. We do not share your data with advertisers or data brokers.

Location Data in Detail

Location is central to how Dowser works, so we want to be especially clear about how it is handled:

• Location is collected only during active walking sessions, never in the background
• We do not build a persistent location history or movement profile
• Exploration history records which city zones you have visited, not precise GPS tracks
• Route requests send your approximate starting location to our servers to find nearby destinations
• You can revoke location permissions at any time through your device settings, though this will prevent route generation

Your Rights

You have the right to:

• Access: Request a copy of the personal data we hold about you
• Delete: Request deletion of your account and all associated data
• Export: Download your exploration history and preference data
• Opt out: Disable optional analytics collection (this may limit personalization)
• Correct: Update inaccurate information in your profile

To exercise any of these rights, contact us at buildaffect@gmail.com.

Data Retention

• Active accounts: Data is retained while your account remains active
• Deleted accounts: Personal data is deleted within 30 days of account deletion
• Session logs: Retained for 90 days for debugging and abuse prevention, then automatically purged
• Anonymized analytics: May be retained indefinitely in aggregate form

Children's Privacy

Dowser is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe we have collected such data, please contact us immediately and we will delete it.

Security

We protect your data using:

• HTTPS/TLS encryption for all data in transit
• Firebase JWT token verification for authentication
• AWS IAM role-based access controls
• Regular security reviews and updates

No system is perfectly secure, but we take reasonable measures to protect your information.

International Data Transfers

Your data may be processed in the United States (AWS us-east-1 region). By using Dowser, you consent to this transfer. We ensure appropriate safeguards are in place to protect your data.

Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated date. Continued use of Dowser after changes constitutes acceptance of the updated policy.

Contact Us

If you have questions about this Privacy Policy or how we handle your data, please contact us at:

Email: buildaffect@gmail.com