Privacy Policy

Cat App · Effective 10 June 2026

Cat App is a free community app for coordinating street-cat feeding. It is built to collect as little personal data as possible: no free-text content, no account required — including logging feedings as a guest. The app is funded by a single small advertisement shown after you log a feeding; ads, anonymous usage statistics and crash reports all run only after you make your consent choices, and you can change them at any time in Settings → Privacy & consent.

Who is responsible

The data controller is Michal Giza. Contact: msquaregiza@gmail.com.

What the app stores, and where

Community data is stored in Google Firebase (Cloud Firestore) in the europe-central2 (Warsaw, EU) region:

• Feeding spots — map locations and structured attributes (location type, cat count band, shelter/container flags) that contributors place by hand on the map. Spots are community data, visible to all users.
• Feeding logs — structured choices only (food type, amount, cats seen, optional observation tags), a timestamp, and the contributor's pseudonym or a guest marker.
• Your contributor identity — if you sign in, an anonymous Firebase account (a random technical identifier) and a cat-themed pseudonym. No e-mail address, phone number or real name is requested anywhere in the app.
• Anti-abuse records — a per-spot timestamp used to rate-limit logging, and structured spot reports.

Stored only on your device, never uploaded:

• App preferences (language, onboarding state, guest name).

Your location

With your permission, the app uses your device location for one purpose: centering the globe and map on where you are. Your location is processed on the device and is not uploaded or stored by the app. Feeding-spot positions are chosen manually on the map by contributors, and creating one is always an explicit, reviewable step.

Services the app talks to

• Google Firebase (Authentication, Cloud Firestore, App Check) stores the community data described above and verifies that requests come from a genuine app installation (via Google Play Integrity on Android and Apple App Attest on iOS). See Firebase privacy documentation.
• Firebase Analytics & Crashlytics — with your consent, the app records a handful of anonymous usage events (a feeding was logged, a spot was created, locate was used — no content, no location) and crash reports that help us fix bugs. Both are switched off until the consent step and can be revoked in Settings.
• Google AdMob — one small banner ad is shown after you log a feeding; it funds the map servers. In regions covered by GDPR, Google's consent form decides whether ads may be personalized; on iOS, ad personalization additionally requires App Tracking Transparency permission. Without consent you see non-personalized ads. See the Google ads privacy policy.
• OpenStreetMap — street-map images are loaded from OpenStreetMap Foundation servers, which see your IP address like any web server. See the OSMF privacy policy. Map data © OpenStreetMap contributors.

We do not sell data, and nothing beyond the above is shared with anyone for marketing.

How long data is kept

Community contributions (spots, feeding logs) remain part of the shared map history. If you ask us to delete your account, we remove your pseudonym and account identifier; contributions are then anonymized rather than erased, because colonies still need feeding regardless of who logged it.

Your rights

Under the GDPR you can ask for access, correction, deletion or export of your data, and you can lodge a complaint with your data protection authority. E-mail msquaregiza@gmail.com for any request — in-app account deletion is planned for an upcoming version.

Children

The app is not directed at children under 13 and we do not knowingly collect personal data from them.

Changes

If this policy changes, the new version will be published at this address with an updated effective date.