Privacy Policy

1. Introduction

Chirpme ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our push notification service, including our website, mobile applications, and API services (collectively, the "Service").

By using our Service, you agree to the collection and use of information in accordance with this policy. If you do not agree with the terms of this Privacy Policy, please do not access or use the Service.

2. Information We Collect

2.1 Information You Provide

• Account Information: Email address, name, company name, and password when you create an account
• Profile Information: Company logo, website URL, and business description
• Payment Information: Credit card details and billing address (processed securely by our payment processor)
• Channel Content: Notification content, channel names, descriptions, and icons you create
• Communications: Information you provide when contacting our support team

2.2 Information Collected Automatically

• Device Information: Device identifiers, operating system, and app version for mobile subscribers
• FCM Tokens: Firebase Cloud Messaging tokens for push notification delivery
• Usage Data: Notification delivery statistics, click-through rates, and engagement metrics
• Log Data: IP addresses, browser type, access times, and pages viewed
• Cookies: Session cookies for authentication and analytics cookies for service improvement

2.3 Information from Mobile Subscribers

When users subscribe to channels through our mobile app, we collect:

• Device identifier (for subscription management)
• Push notification token (for message delivery)
• Platform type (iOS or Android)
• Optional: email address and name (if provided by the subscriber)

3. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve our Service
• Deliver push notifications on behalf of channel owners
• Process transactions and send billing-related communications
• Send administrative messages, updates, and security alerts
• Respond to customer support requests
• Monitor and analyze usage patterns to improve user experience
• Detect, prevent, and address fraud, abuse, and technical issues
• Enforce our Terms of Service and Acceptable Use Policy
• Comply with legal obligations

4. How We Share Your Information

We may share your information in the following circumstances:

4.1 Service Providers

We share information with third-party vendors who perform services on our behalf, including:

• Firebase/Google Cloud: Infrastructure, authentication, and push notification delivery
• Payment Processors: Secure payment processing (we do not store full credit card numbers)
• Analytics Providers: Usage analysis and service improvement

4.2 Channel Owners and Subscribers

Channel owners can see aggregate subscriber counts and notification delivery statistics. If subscribers provide their email or name when subscribing, this information is visible to the channel owner. We recommend subscribers only provide information they are comfortable sharing.

4.3 Legal Requirements

We may disclose information if required by law, legal process, or government request, or when we believe disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.

4.4 Business Transfers

In the event of a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will notify you via email and/or prominent notice on our website of any change in ownership.

5. Data Retention

We retain your information for as long as your account is active or as needed to provide you services. We will retain and use your information as necessary to:

• Comply with legal obligations
• Resolve disputes
• Enforce our agreements
• Maintain business records for legitimate business purposes

Upon account deletion, we will delete or anonymize your personal information within 30 days, except where retention is required by law or for legitimate business purposes.

6. Data Security

We implement appropriate technical and organizational measures to protect your personal information, including:

• Encryption of data in transit (TLS/HTTPS) and at rest
• Secure authentication mechanisms
• Regular security assessments and monitoring
• Access controls limiting who can view personal data
• Password hashing using industry-standard algorithms

While we strive to protect your personal information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

7. International Data Transfers

Our Service is hosted in the United States. If you access our Service from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States where our servers are located.

By using our Service, you consent to the transfer of information to the United States and other countries that may have different data protection laws than your country of residence.

8. Your Privacy Rights

8.1 General Rights

All users have the right to:

• Access: Request a copy of your personal data
• Correction: Request correction of inaccurate data
• Deletion: Request deletion of your account and associated data
• Portability: Request your data in a portable format
• Opt-out: Unsubscribe from marketing communications

8.2 European Economic Area (EEA) Residents - GDPR

If you are located in the EEA, you have additional rights under the General Data Protection Regulation (GDPR):

• Right to Object: Object to processing based on legitimate interests
• Right to Restrict Processing: Request restriction of processing in certain circumstances
• Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent
• Right to Lodge a Complaint: File a complaint with your local data protection authority

Our legal bases for processing include: contract performance, legitimate interests, compliance with legal obligations, and consent where applicable.

8.3 California Residents - CCPA

California residents have additional rights under the California Consumer Privacy Act (CCPA):

• Right to Know: Request information about categories and specific pieces of personal information collected
• Right to Delete: Request deletion of personal information
• Right to Non-Discrimination: Not receive discriminatory treatment for exercising privacy rights
• Right to Opt-Out: Opt-out of the sale of personal information (we do not sell personal information)

To exercise your CCPA rights, contact us at support@chirpme.app.

8.4 Other Jurisdictions

We comply with applicable privacy laws in other jurisdictions, including but not limited to:

• Canada: Personal Information Protection and Electronic Documents Act (PIPEDA)
• Australia: Privacy Act 1988 and Australian Privacy Principles
• UK: UK GDPR and Data Protection Act 2018

9. Children's Privacy

Our Service is not intended for children under the age of 13 (or 16 in the EEA). We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us and we will delete such information.

10. Third-Party Links and Services

Notifications sent through our Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party services you access through our notifications.

11. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to:

• Essential Cookies: Maintain your session and authentication state
• Analytics Cookies: Understand how users interact with our Service
• Preference Cookies: Remember your settings and preferences

You can control cookie settings through your browser. Disabling certain cookies may affect the functionality of our Service.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. For significant changes, we will provide additional notice via email or through our Service.

Your continued use of the Service after any changes indicates your acceptance of the updated Privacy Policy.