Privacy Policy
This policy explains what information Push collects, how we use it, and your rights. Push is operated by [YOUR COMPANY NAME / YOUR FULL NAME] ("we", "us", or "our").
1. What information we collect
When you use Push, we collect the following categories of information:
- Account information — your email address and password (stored securely via Supabase Auth).
- Device token — a unique identifier generated by Firebase Cloud Messaging (FCM) and assigned to your device, used solely to deliver push notifications to you.
- Usage data — whether you opened or tapped a notification (recorded as "opened at" and "clicked at" timestamps). This is used only to provide businesses with basic delivery analytics.
- Business follow relationships — which businesses you follow within the app.
We do not collect your name, phone number, payment information, location, or any other personal data beyond what is listed above.
2. How we use your information
- To create and manage your account.
- To deliver push notifications from businesses you choose to follow.
- To provide businesses with basic delivery statistics (e.g. how many customers opened a message). This data is aggregated or linked to your account only within the Push platform — it is not sold or shared externally.
- To maintain the security and reliability of the service.
3. Third-party services
Push uses the following third-party services, each of which may process your data in order to provide their functionality:
- Supabase (supabase.com) — database, authentication, and backend infrastructure. Your email address and account data are stored on Supabase servers. See Supabase Privacy Policy.
- Firebase / Google (firebase.google.com) — push notification delivery via Firebase Cloud Messaging. Your device token is shared with FCM to route notifications to your device. See Firebase Privacy Policy.
We do not use advertising networks, analytics SDKs, or any other third-party data processors beyond those listed above.
4. Data retention
We retain your account data for as long as your account is active. Notification delivery records (opened/clicked timestamps) are retained for up to 12 months. If you delete your account, your personal data is permanently deleted within 30 days, except where retention is required by law.
5. Your rights
You have the right to:
- Access the personal data we hold about you.
- Request correction of inaccurate data.
- Request deletion of your account and associated data.
- Withdraw consent for push notifications at any time via your device's notification settings, or by unfollowing businesses within the app.
To exercise any of these rights, or to request account deletion, contact us at the address below. You can also delete your account directly within the Push app under Account Settings.
6. Push notification consent
Push notifications are optional. When you first use the app, you will be asked whether you wish to receive notifications. You can change this at any time in your device's Settings → Notifications → Push. Disabling notifications does not affect your ability to use the app or view messages within it.
Notifications are sent only by businesses you have explicitly chosen to follow. You can unfollow a business at any time to stop receiving their notifications.
7. Children
Push is not directed at children under the age of 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will delete it promptly.
8. Security
We take reasonable technical measures to protect your data, including encrypted connections (TLS), row-level security in our database, and secure authentication. No method of transmission or storage is 100% secure, and we cannot guarantee absolute security.
9. Changes to this policy
We may update this policy from time to time. We will notify you of material changes by updating the "Last updated" date at the top of this page. Continued use of Push after a change constitutes acceptance of the updated policy.