Privacy Policy
This Privacy Policy explains how the DocFlow mobile application ("DocFlow", "we", "us") collects, uses, and shares your personal data. We comply with the EU General Data Protection Regulation (GDPR), Apple's App Store Review Guidelines, and Google Play Developer Program Policies.
1. Data we collect
1.1 Account data
- Email address — when you create an account via email/password, sign in with Apple, or sign in with Google.
- Display name — auto-imported from your Apple or Google account, or entered manually during registration.
- Authentication identifier — a unique user ID assigned by Firebase Authentication.
1.2 Content you create
- Contracts — names, prices, dates, optional PDF attachments you upload.
- Personal documents — types, expiry dates, optional attachments.
- Family members — names and emails of people you invite to share contracts with.
- Settings — language preference, biometric toggle, 2FA toggle, theme preference.
1.3 Device data
- Push notification token — APNs (iOS) or FCM (Android) token so we can send you reminders about expiring documents.
- App version, OS version, device model — only when debugging via crash reports (no continuous telemetry).
1.4 Subscription data
- Apple transaction ID or Google Play purchase token + purchase status — provided by Apple or Google when you subscribe. Used to verify your Premium status. We never receive your payment card details.
1.5 Data we DO NOT collect
- We do not collect location data.
- We do not track you across other apps or websites.
- We do not use analytics SDKs that profile you.
- We do not sell or rent your data to third parties.
2. How we use your data
| Purpose | Data used | Legal basis (GDPR) |
|---|
| Provide the core app function (store and display your documents) | Account + content | Contract performance (Art. 6(1)(b)) |
| Send you push notifications about expiring documents | Push token + content dates | Consent (Art. 6(1)(a)) — you can disable in Settings |
| Verify your Premium subscription | Apple / Google transaction ID | Contract performance |
| Send transactional emails (2FA codes, family invitations) | Email address | Contract performance |
| Comply with legal obligations (tax records of subscriptions) | Transaction metadata | Legal obligation (Art. 6(1)(c)) |
3. Where your data is stored
DocFlow uses Google Firebase (Google Cloud Platform) as its backend:
- Firestore database — Frankfurt, Germany (europe-west3 region)
- Cloud Storage (attachments) — Frankfurt, Germany (europe-west3 region)
- Authentication — distributed (Firebase global)
Data may transit to/from Google's global infrastructure. Google Cloud is GDPR-compliant and signs a Data Processing Addendum with us.
We also use:
- Resend (transactional email) — Delaware, USA. Used only to send 2FA codes and family invitation emails. They process email content under SCC (Standard Contractual Clauses).
- Google Cloud Vision (OCR) — when you scan a contract, the image is sent to Google Cloud Vision for text recognition. The image is processed and not stored by Google after processing.
4. How long we keep your data
| Data | Retention |
|---|
| Account + your content | Until you delete your account (in-app: Settings → Account → Delete) |
| Push tokens | Until you uninstall the app or revoke notifications |
| Subscription transaction logs | 10 years (legal obligation — accounting) |
| 2FA temporary codes | 10 minutes max |
| Crash reports / logs | 90 days |
5. Sharing your data
We do not share your data with third parties except:
- Family members you explicitly invite — they get read-only access to your contracts (NOT your private personal documents).
- Service providers (Firebase, Resend, Google Cloud Vision) — as described in section 3.
- Authorities — only if compelled by valid Czech or EU legal process.
6. Your rights (GDPR)
You have the right to:
- Access — see what data we hold about you (in-app: Settings → Account → Download my data).
- Rectify — correct inaccurate data (in-app: Settings → Profile).
- Delete — delete your account and all associated data (in-app: Settings → Account → Delete account).
- Restrict / Object — limit processing (email us).
- Portability — receive your data in machine-readable format (in-app: CSV export of contracts).
- Lodge a complaint with the Czech Data Protection Authority (Úřad pro ochranu osobních údajů, uoou.cz).
To exercise these rights, contact info@banbosh.cz. We respond within 30 days.
7. Children
DocFlow is not intended for users under 16. We do not knowingly collect data from children. If you become aware that a child has provided us data, contact us and we will delete it.
8. Security
- Data in transit: TLS 1.2+
- Data at rest: encrypted by Google Cloud (AES-256)
- Authentication: Firebase Authentication (token-based, automatic refresh)
- 2-factor authentication available (email-based OTP)
- Biometric unlock for the app on supported devices
We follow industry best practices but no system is 100% secure. We will notify you within 72 hours of becoming aware of any breach affecting your data.
9. Apple-specific disclosures
- Subscription auto-renewal — DocFlow Premium auto-renews unless you cancel at least 24 hours before the end of the current period. Manage subscriptions in your iPhone Settings → Apple ID → Subscriptions.
- Apple In-App Purchase — we receive only the transaction ID and verification token from Apple. We never see your payment card data.
- Apple Sign-In — when you sign in with Apple, we receive only your email (or a private relay email if you chose to hide it) and optionally your name. We never receive your Apple ID password.
10. Changes to this policy
We may update this policy. When we do, we will:
- Update the "Effective date" at the top.
- Notify you in-app on next launch if changes materially affect you.
11. Contact
Banbosh Studio
Email: info@banbosh.cz
Web: www.banbosh.com