Privacy Policy
Last Updated: August 2025
Effective Date: August 2025
Privacy First Design
Ping & Wink is operated by an individual developer based in France. The app is designed to know as little about you as possible. No personal information is required or collected. Everything is anonymous and temporary.
⚠️ Security Disclaimer: As an individual developer with limited resources, I cannot guarantee absolute data security. While I implement standard security measures, you use this service at your own risk.
1. Data Controller
This Service is operated by an individual developer based in France, subject to French and EU data protection laws including GDPR.
Contact: pingandwink@gmail.com
2. Information We Collect
2.1 Anonymous Device Identifier
- A random UUID generated on first app launch
- Cannot be linked to your real identity
- Stored only on your device
- Lost if you uninstall the app
2.2 Location Data
- Captured ONLY when you actively share an emotion
- NEVER tracked in background
- Automatically deleted after 3 hours
- Approximate location only (reduced precision)
2.3 Emotional States ("Vibes")
- Your selected emotion (from 9 predefined options)
- Timestamp of creation
- Linked to anonymous device ID
- Automatically deleted after 3 hours
2.4 Chat Messages (Temporary)
- Text messages during spark sessions only
- Maximum session: 16 minutes
- Permanently deleted when session ends
- No chat history retained
2.5 Push Notification Token (Optional)
- Only if you enable notifications
- Used solely for ping alerts
- Can be disabled anytime
3. Information We DO NOT Collect
We explicitly DO NOT collect:
- Names or usernames
- Email addresses
- Phone numbers
- IP addresses
- Device identifiers (IDFA, Android ID)
- Photos or media
- Contacts
- Social media accounts
- Payment information
- Precise home/work addresses
- Any personally identifiable information
4. How We Use Information
| Data Type |
Purpose |
Retention |
| Device ID |
Link your vibes/pings |
Until app deletion |
| Location |
Show on map |
3 hours maximum |
| Vibes |
Display emotions |
3 hours maximum |
| Chat Messages |
Enable sparks |
16 minutes maximum |
| Push Token |
Send ping alerts |
Until disabled |
5. Data Sharing
As an individual developer, I DO NOT and WILL NEVER sell, rent, or trade your data.
Limited sharing occurs only with:
- Other App Users: Only your vibe emoji and approximate location (no personal data)
- Essential Services:
- Supabase (database) - receives anonymous data only
- Mapbox (maps) - receives coordinates only
- OneSignal (notifications) - optional, can be disabled
- Legal Requirements: Only if legally compelled by French/EU authorities with valid court order
6. Data Security
Security Limitations: As a solo developer, I implement standard security but cannot guarantee absolute protection:
Implemented measures:
- HTTPS/TLS encryption in transit
- Supabase secure infrastructure
- No personal data collected
- Automatic data expiration (3 hours)
- Anonymous identifiers only
However, NO system is 100% secure. You accept all risks.
7. Your Rights (GDPR)
Under GDPR, you have the right to:
- Access: Request what data exists (minimal)
- Deletion: Delete your vibe from map anytime
- Portability: Export your data (though it's minimal and temporary)
- Objection: Stop using the app
- Complaint: Lodge with French data protection authority (CNIL)
To exercise rights, email: pingandwink@gmail.com (response not guaranteed)
8. Children's Privacy
Not intended for children under 13. If we learn we collected data from a child under 13, we will delete it. Report to: pingandwink@gmail.com
9. International Users
The Service operates from France (EU). By using it outside the EU, you consent to data transfer to France, which has strong privacy protections under GDPR.
10. Third-Party Services
We use minimal third-party services:
- Supabase: Database hosting (EU servers available)
- Mapbox: Map display (no personal data shared)
- OneSignal: Push notifications (optional, can be disabled)
Each has their own privacy policy but receives only anonymous data.
11. Cookies and Tracking
The mobile app uses NO cookies, NO tracking, NO analytics, NO advertising identifiers.
12. Data Breach Notification
In the unlikely event of a data breach, we will comply with GDPR requirements to notify authorities within 72 hours if feasible. However, since we collect no personal data, risk is minimal.
13. Changes to Privacy Policy
We may update this policy. Continued use after changes means acceptance. Check the "Last Updated" date.
14. Legal Basis for Processing (GDPR)
We process data based on:
- Consent: You consent by using the app
- Legitimate Interest: To provide the service functionality
- Legal Obligation: If required by law
15. Data Protection Contact
For privacy concerns or GDPR requests:
Email: pingandwink@gmail.com
Location: France (EU)
Response Time: Best effort, no guarantee
French Data Protection Authority (CNIL): www.cnil.fr
16. California Privacy Rights
California residents: We don't collect personal information as defined by CCPA, so CCPA doesn't apply.
17. Final Note
Remember: This is a free service by an individual developer. While I respect privacy and implement reasonable measures, I cannot provide enterprise-level security or support. Use at your own risk.