Privacy Policy – AbiliMap

Last Updated: November 2025

App Version: 1.0.0

Company: Boon Ventures LLC

1. Introduction

AbiliMap ("we", "our", or "the App") is an accessibility reporting and mapping application designed to help users report and discover accessibility issues in their community. Protecting your privacy is important to us. This Privacy Policy explains how we collect, use, store, and share your information when you use AbiliMap on iOS, Android, or web platforms.

By using AbiliMap, you consent to the practices described in this policy.

2. Information We Collect

2.1 User Account Information

When you create an account, we may collect:

  • Email address (required)
  • Display name (required)
  • Password (stored encrypted via Firebase Authentication)
  • User ID (UUID, auto-generated)
  • Profile photo (optional)
  • Account creation and last login timestamps
  • Admin status (for authorized administrators only)

2.2 Location Data

We collect precise GPS coordinates when the app is in use to:

  • Display your location on the map
  • Provide routing and navigation
  • Attach location to accessibility reports

Stored Data: Latitude, longitude, and reverse-geocoded address.
Permissions: iOS NSLocationWhenInUseUsageDescription; Android ACCESS_FINE_LOCATION, ACCESS_COARSE_LOCATION.
Location is only collected in the foreground and stored with reports you submit.

2.3 User-Generated Content

Accessibility reports may include:

  • Title and description
  • Category (ramp, elevator, door, bathroom, parking, pathway, stairs, other)
  • Severity level (low, medium, high, critical)
  • Location (coordinates and address)
  • Photos (optional)
  • Status, approval metadata, votes

All reports are linked to your user ID. Approved reports are publicly visible; pending or rejected reports are private.

2.4 Photos and Media

  • Stored in Firebase Cloud Storage
  • May be compressed to reduce storage
  • Associated with specific reports
  • Requires camera and photo library permissions

2.5 Device & Usage Information

  • Device type, OS version, app version
  • Push notification tokens (Expo Push)
  • Usage analytics and session data
  • Crash and performance reports (Sentry)

2.6 Local Storage

We use on-device storage (AsyncStorage) for:

  • Authentication tokens
  • User preferences (notifications, privacy, theme)
  • Cached map data and offline report storage

3. How We Use Your Data

3.1 Primary Purposes

  • Account authentication and session management
  • Displaying and storing accessibility reports
  • Mapping, navigation, and nearby report display
  • Sending notifications about report status or nearby issues
  • Content moderation and admin review

3.2 Secondary Purposes

  • Analytics to improve the app
  • Feature usage insights
  • Error tracking and performance monitoring
  • Customer support

4. Third-Party Services

We share data with third-party services to provide app functionality:

  • Firebase (Google): Authentication, Firestore database, Cloud Storage, Analytics
  • Google Maps Platform: Map display, search, routing
  • Expo: Push notifications, location, camera/photo access
  • Sentry: Error tracking and performance monitoring

No user data is sold or shared for marketing purposes.

5. Data Retention

  • Account data: retained until account deletion
  • Reports: pending until approved/rejected; approved retained indefinitely
  • Photos: deleted with associated reports
  • Location history: stored only as part of reports
  • Cached data: configurable (1 week, 1 month, 3 months, 1 year, forever)

6. User Rights & Controls

  • View & Delete Reports: Users can manage their own reports
  • Clear Cache: Clear local storage at any time
  • Account Deletion: Feature currently live; contact support for removal
  • Location Sharing: Enable/disable in settings
  • Analytics Tracking: Opt in/out
  • Notification Preferences: Control push notifications

GDPR Rights: Access, rectification, erasure, data portability, restrict/withdraw consent

CCPA Rights (California Residents): Know what data is collected, delete personal information, opt-out of sale (we do not sell data)

7. Data Security

  • Passwords encrypted with Firebase Authentication
  • HTTPS/TLS for all network requests
  • Firestore security rules restrict report editing to owners; admin-only approval
  • Firebase Cloud Storage access controlled
  • Device-level encryption for local storage

8. Sharing & Disclosure

  • Public reports: only approved reports visible to all users
  • Display name may appear on public reports
  • Admins can view statistics but not private user data beyond reports
  • Legal disclosures: may be made to comply with law, court orders, or fraud investigations

9. Children's Privacy

  • Minimum age: 13+
  • No knowingly collected data from children under 13
  • Parental consent required for EU users under 16
  • Parents may request deletion of child data

10. Cookies & Tracking

  • Web version may use cookies for sessions
  • Firebase Analytics used for usage tracking
  • Users can disable analytics or push notifications

11. Notifications

  • Report updates, nearby issues, admin notifications (admins only)
  • Users can control types of notifications

12. Accessibility

  • Designed to improve accessibility for people with disabilities
  • Supports screen readers, high-contrast modes, adjustable text sizes
  • Users responsible for report accuracy; admin moderation ensures quality

13. International Data Transfers

  • Data may be processed or stored outside your country (Firebase servers global)
  • GDPR compliant via standard contractual clauses

14. Data Breaches

  • Users notified within 72 hours if personal data is affected
  • Immediate investigation and mitigation measures

15. Changes to This Privacy Policy

  • Users notified via email or in-app for material changes
  • Continued use after changes indicates acceptance

16. Contact Information

Company: Boon Ventures LLC

Support Email: [email protected]

Website: https://boonsapps.com