Thank you for choosing IdeaStash ("we," "our," or "us"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application (the "App"). Please read this Privacy Policy carefully. By using the App, you agree to the collection and use of information in accordance with this policy.
1. Information We Collect
1.1 Personal Information
When you use IdeaStash, we collect the following personal information:
- Google Account Information: When you sign in using Google Sign-In, we collect your email address, display name, and profile photo URL.
- User ID: A unique identifier assigned to your account for authentication purposes.
1.2 Content Information
We collect and store information you provide when using the App:
- Saved Content URLs: Links to social media content (Instagram Reels, TikTok videos, YouTube Shorts, Twitter videos, Pinterest pins, Vimeo videos, Behance posts) that you choose to save.
- User-Generated Content: Titles, notes, and custom categories you create for organizing your saved content.
- Reminders: Reminder settings including scheduled dates, times, and custom messages you set for your saved content.
1.3 Usage Data
We automatically collect certain information about your use of the App:
- Account Activity: Your subscription tier (Free, Premium, or Lifetime), number of saved items, and credit usage.
- App Interactions: Features you use, frequency of app usage, and in-app actions.
- Device Information: Device type, operating system version, and unique device identifiers.
1.4 Advertising Data
If you are a free-tier user, we work with Google AdMob to display advertisements:
- Advertising Identifiers: Google AdMob may collect your device's advertising ID for personalized ad delivery.
- Ad Interaction Data: Information about ads you view or interact with, including rewarded video ads.
2. How We Use Your Information
We use the collected information for the following purposes:
2.1 Core Functionality
- Authenticate and manage your account
- Store and sync your saved content across devices
- Organize content using categories you create
- Schedule and deliver reminder notifications
- Generate embed previews for saved social media content
2.2 Monetization & Credit Management
- Track your monthly free credits and ad-earned credits
- Process subscription purchases and manage premium features
- Validate credit deductions server-side to prevent fraud
- Display relevant advertisements to free-tier users
2.3 Service Improvement
- Analyze usage patterns to improve app performance
- Monitor and fix technical issues
- Develop new features based on user behavior
- Optimize user experience and interface design
2.4 Communications
- Send you local push notifications for scheduled reminders
- Notify you about important service updates or policy changes
- Respond to your customer support inquiries
3. How We Store and Protect Your Information
3.1 Data Storage
Your data is stored using the following infrastructure:
- Firebase Cloud Firestore: Your account information, saved content, and app data are stored in Google's secure cloud database (Firebase Firestore) in the Asia-South1 (Mumbai) region.
- Local Device Storage: For offline functionality, a cached copy of your data is stored locally on your device using AsyncStorage. This cache is encrypted and only accessible by the app.
- Firebase Authentication: Your authentication credentials are managed securely by Firebase Authentication services.
3.2 Security Measures
We implement industry-standard security practices to protect your information:
- Encryption: All data transmitted between your device and our servers is encrypted using HTTPS/SSL protocols.
- Server-Side Validation: Critical operations (like credit deductions) are validated server-side using Firebase Cloud Functions with atomic transactions to prevent tampering.
- Access Controls: Firestore security rules ensure users can only access their own data.
- Authentication: Google Sign-In provides secure OAuth 2.0 authentication with industry-standard security.
Important: While we implement robust security measures, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security of your information.
4. Information Sharing and Disclosure
4.1 Third-Party Services
We share information with the following third-party service providers:
4.2 Social Media Platforms
When you save content from social media platforms, we retrieve embed URLs from:
- Instagram (Meta Platforms, Inc.)
- TikTok (ByteDance Ltd.)
- YouTube (Google LLC)
- Twitter/X (X Corp.)
- Pinterest (Pinterest, Inc.)
- Vimeo (Vimeo, Inc.)
- Behance (Adobe Inc.)
Important: We only store links to publicly available content. We do not download, scrape, or redistribute copyrighted content. The actual videos/posts remain hosted by the respective platforms, and viewing them requires an internet connection.
4.3 Legal Requirements
We may disclose your information if required by law or in response to:
- Valid legal processes (court orders, subpoenas, search warrants)
- Requests from law enforcement or government agencies
- Protection of our rights, property, or safety
- Enforcement of our Terms of Service
- Investigation of fraud or security issues
4.4 Business Transfers
In the event of a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction. We will notify you via email or prominent notice in the app before your information becomes subject to a different privacy policy.
4.5 What We Do NOT Do
- We do NOT sell your personal information to third parties
- We do NOT share your saved content with other users
- We do NOT use your data for purposes unrelated to the App's functionality
- We do NOT access your device's photos, contacts, or other apps
5. Data Retention
We retain your information for as long as your account remains active or as needed to provide services:
- Active Accounts: Your data is retained indefinitely while your account is active and you continue using the App.
- Deleted Accounts: If you delete your account, we will delete your personal information and saved content within 30 days. Some information may be retained in backup systems for up to 90 days.
- Legal Obligations: We may retain certain information if required by law, to resolve disputes, enforce agreements, or prevent fraud.
- Analytics Data: Aggregated, anonymized usage data may be retained indefinitely for analytical purposes.
6. Your Privacy Rights
Depending on your location, you may have the following rights regarding your personal information:
6.1 Access and Portability
- Request a copy of your personal data we have collected
- Export your saved content and categories in a machine-readable format (feature coming soon)
6.2 Correction and Update
- Update your profile information (name, photo) through your Google Account settings
- Edit titles, notes, and categories for your saved content within the App
6.3 Deletion
- Delete individual saved items at any time
- Delete your entire account through the Profile screen (Settings → Sign Out → Delete Account)
- Request account deletion by contacting us at the email below
6.4 Opt-Out of Ads
- Upgrade to Premium or Lifetime tier to remove ads completely
- Adjust personalized ad settings through your device's privacy settings (Google Ad Settings on Android, Limit Ad Tracking on iOS)
6.5 Withdraw Consent
- Revoke Google Sign-In permissions through your Google Account settings
- Disable notification permissions through your device settings
To exercise these rights, contact us at: privacy@ideastash.app
7. Children's Privacy
IdeaStash is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at privacy@ideastash.app, and we will delete such information within 48 hours.
8. International Data Transfers
Your information is stored in Firebase Cloud Firestore servers located in the Asia-South1 (Mumbai, India) region. If you are accessing the App from outside India, please be aware that your information may be transferred to, stored, and processed in India or other countries where Firebase operates.
By using the App, you consent to the transfer of your information to countries outside your country of residence, which may have different data protection laws.
9. Cookies and Tracking Technologies
IdeaStash uses the following technologies:
- Local Storage (AsyncStorage): Used to cache your data for offline functionality and faster loading times.
- Firebase Authentication Tokens: Secure tokens stored on your device to keep you logged in.
- Google AdMob Tracking: AdMob may use cookies, web beacons, and similar technologies to deliver personalized ads. You can control ad personalization through your device settings.
The App does not use traditional web cookies as it is a native mobile application. However, third-party services like AdMob may use their own tracking technologies.
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or app features. When we make significant changes, we will:
- Update the "Last Updated" date at the top of this policy
- Notify you through the App or via email (for major changes)
- Request your consent if required by law
Your continued use of the App after changes take effect constitutes acceptance of the revised Privacy Policy. We encourage you to review this page periodically.
11. California Privacy Rights (CCPA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):
- Right to Know: Request details about the personal information we collect, use, and share
- Right to Delete: Request deletion of your personal information
- Right to Opt-Out: Opt-out of the "sale" of personal information (Note: We do NOT sell personal information)
- Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights
To exercise these rights, contact us at privacy@ideastash.app with "CCPA Request" in the subject line.
12. European Privacy Rights (GDPR)
If you are located in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR):
12.1 Legal Basis for Processing
We process your personal data based on:
- Consent: You provide consent when creating an account and using the App
- Contract Performance: Processing is necessary to provide the services you requested
- Legitimate Interests: Improving our services, preventing fraud, and ensuring security
12.2 Your GDPR Rights
- Right to access your personal data
- Right to rectification of inaccurate data
- Right to erasure ("right to be forgotten")
- Right to restrict processing
- Right to data portability
- Right to object to processing
- Right to withdraw consent at any time
- Right to lodge a complaint with a supervisory authority
To exercise these rights, contact us at privacy@ideastash.app with "GDPR Request" in the subject line.
13. Do Not Track Signals
Our App does not currently respond to "Do Not Track" (DNT) signals from browsers or mobile operating systems. However, you can control ad tracking through your device's privacy settings:
- Android: Settings → Google → Ads → Opt out of Ads Personalization
- iOS: Settings → Privacy → Tracking → Request Apps Not to Track
15. Acknowledgment and Consent
By downloading, installing, or using IdeaStash, you acknowledge that you have read and understood this Privacy Policy and agree to its terms. If you do not agree with this policy, please do not use the App.