mappaq

Privacy Policy

Mappaq Data Protection and Privacy Policy

Mappaq (referred to as “us,” “the company,” “we,” or “our”) is a coffee rating app. This Privacy Policy describes how we collect and process data when you use our services.

By installing our mobile application or in any way using or accessing our services, you confirm that you agree to the use of your data in line with this policy. If you are under the age of 18, do not submit any personal data through our services. We encourage parents and legal guardians to monitor children’s internet use and help us enforce this policy. If you become aware of data submission by someone under 18, please contact us. Your privacy is important to us. We will process your data following this policy and relevant data protection regulations, including the GDPR 2016/679 and applicable Danish data protection laws.

Data Controller

The organization responsible for processing your data is:
mappaq Denmark
Email: contactinfo@mappaq.com

Data Collection

We collect the following data essential for app functionality:

  • Anonymized User Identifiers: We assign a random, unique identifier to each user. These identifiers are generated using Firebase Authentication’s anonymous sign-in method, which does not collect or store personally identifiable information like names or email addresses.
  • Coffee Bag Information: We store information about coffee bags, including: Name, Numerical Rating.
  • User Ratings and Comments: We store user ratings and comments on coffee bags, linked to the anonymized user identifiers generated by Firebase. Ratings include: Numerical Rating.
  • User Data: We store whether a user has accepted the Terms and Conditions, if they are an admin, and the number of ratings made. These are linked to the anonymized user IDs.

Important Note on Anonymization

We use Firebase Authentication’s anonymous sign-in feature to create unique, random identifiers for each user. This process is designed to prevent the identification of individual users. We cannot link these Firebase-generated IDs back to a specific individual, as we do not collect or store any personal information like names, email addresses, or other identifying details during the sign-up or usage of the app.

We do not collect personal data or use cookies on our website (mappaq.com). If this changes, we will notify users and update this Privacy Policy accordingly. Currently, our website serves only as an informational page about the app.

Purpose of Data Processing

Data collected is used to:

  • Enable core app functionality (browsing coffee bags, submitting ratings).
  • Personalize the user experience by showing coffees and providing an experience tailored to their preferences.
  • Improve app performance, identify and fix bugs, and develop new features based on usage patterns.
  • Perform aggregate analysis of coffee ratings and trends to understand user preferences and improve our service. This analysis is done using anonymized data.
  • Comply with legal requirements, such as responding to lawful requests from authorities.

Our legal basis for processing this data under the GDPR is:

  • Article 6(1)(b): Processing is necessary for the performance of a contract to which the user is a party (providing the app’s services as outlined in our Terms of Service).
  • Article 6(1)(f): Processing is necessary for the purposes of our legitimate interests, such as improving the app, providing a functional and user-friendly service, and understanding user preferences to offer better coffee recommendations. We have carefully considered your rights and freedoms when relying on legitimate interests.

User Rights and Data Deletion

Under GDPR, you have the right to access, rectify, or erase your personal data, request processing restrictions, object to data processing, and exercise the right to data portability. However, due to the anonymous nature of user identifiers, we are unable to fulfill individual requests for data access, rectification, erasure, restriction, or portability based on personal information. We cannot identify specific users or their ratings within our system using names or other personal identifiers.

If you want your anonymized ID and associated ratings to be removed, please contact us at contactinfo@mappaq.com with your request, including your anonymized ID, and we will assist you within the constraints of our data structure. Note that this will only remove the connection between your ratings and your anonymized ID. The ratings themselves, without any user association, may be retained for analytical purposes.

Security

We take reasonable security measures to protect your data from unauthorized access, modification, disclosure, or destruction. These measures include using Firebase’s built-in security features, such as data encryption in transit and at rest. We also follow secure development practices and limit access to data to authorized personnel only. However, no data transmission or storage method is 100% secure. While we strive to protect your data, we cannot guarantee its absolute security.

Data Retention

We retain data for as long as necessary for the purposes outlined in this policy. Specifically:

  • Anonymized User Identifiers: We retain inactive anonymized user identifiers and their associated ratings for a period of 24 months. After this period, the connection between the ratings and the anonymized ID will be removed.
  • Aggregated Data: Anonymized ratings data, without any user association, will be retained indefinitely in an aggregated format for analytical purposes, such as understanding coffee trends and improving our app. This aggregated data does not contain any information that could be used to identify individual users.

We may need to extend retention periods to comply with legal obligations (e.g., tax or accounting requirements) or to resolve disputes.

Data Transfers

We use Google Firebase as a data processor to provide services such as user authentication, data storage, and analytics. This involves transferring data to servers operated by Google, which may be located outside of Denmark and the European Economic Area (EEA), including in the United States.

When data is transferred outside the EEA, we ensure it is protected to the same standards as if it remained within the EEA. We rely on the following legal mechanism for international data transfers:

  • Standard Contractual Clauses (SCCs): We have implemented Standard Contractual Clauses with Google Firebase, which are approved by the European Commission, to ensure adequate data protection when data is transferred to countries outside the EEA, including the United States.

You can find more information about Google Firebase’s data processing practices and security measures in their privacy policy: https://firebase.google.com/support/privacy.

Currently, Mappaq is only available in Denmark, and our primary user base is located within Denmark.

Changes to the Privacy Policy

We reserve the right to update this Privacy Policy. Users will be informed of significant changes, and the latest policy will be available in the app and on our website.

Contact Us

For questions or concerns, contact us at contactinfo@mappaq.com

Terms and Conditions

By using Mappaq, you agree to the following terms:

  • Mappaq is a coffee rating platform. Data submitted may be used for aggregate app analytics and improvement.
  • Users must not misuse the app or submit false information. Abuse may lead to restriction of use.
  • Users agree not to use the app for illegal purposes.
  • We reserve the right to update app features, modify or discontinue services, and restrict access without notice.

Intellectual Property

Mappaq owns all intellectual property rights in the app and its content, excluding user-generated content. Users retain ownership of their own user-generated content but grant Mappaq a non-exclusive, worldwide, royalty-free license to use, reproduce, modify, adapt, publish, translate, distribute, and display such content within the app and for promotional purposes related to the app.

User-Generated Content

Users are solely responsible for the content they submit. Content must not be illegal, offensive, harmful, or infringe upon the rights of others. Mappaq reserves the right to remove any content that violates these terms.

Disclaimer

We strive for accuracy but cannot guarantee error-free information. Users rely on app data at their own risk. We are not liable for damages from app usage, except as required by law.

Limitation of Liability

To the fullest extent permitted by law, Mappaq shall not be liable for any indirect, incidental, special, consequential, or punitive damages, including but not limited to loss of profits, data, or use, arising out of or in connection with the use of the app. Mappaq’s total liability for any claim arising out of or relating to these terms or the use of the app shall be limited to the amount, if any, paid by the user to Mappaq for the use of the app.

Indemnification

Users agree to indemnify and hold harmless Mappaq and its officers, directors, employees, and agents from and against any and all claims, liabilities, damages, losses, or expenses, including reasonable attorneys’ fees and costs, arising out of or in any way connected with the user’s access to or use of the app, violation of these terms, or infringement of any intellectual property or other rights of any third party.

Governing Law and Jurisdiction

These Terms shall be governed by and construed in accordance with the laws of Denmark. Any dispute arising out of or relating to these terms or the use of the app shall be subject to the exclusive jurisdiction of the courts of Denmark.

Severability

If any provision of these terms is held to be invalid or unenforceable, such provision shall be struck and the remaining provisions shall be enforced.

Entire Agreement

These Terms, together with the Mappaq Privacy Policy, constitute the entire agreement between the user and Mappaq regarding the use of the app and supersede all prior or contemporaneous communications and proposals, whether electronic, oral, or written.

By accepting these terms, you agree to the Mappaq Privacy Policy and Terms of Service.