This is a starting draft for the owner's review and does not constitute legal advice. Consult a qualified attorney before publishing.
Effective date: 5 July 2026
1. Introduction
This Privacy Policy explains how the operator of Dealate ("we", "us", "our") collects, uses, and shares personal data when you use the Dealate mobile and web application (app id com.dealate.app) and related services (the "App").
Dealate predicts ant nuptial-flight conditions by location, shows a map of predictions, lets users submit sightings, and sends optional flight alerts. We are the controller of the personal data described here. There is no registered company name; the App is operated by an individual reachable at boardthatpowder@gmail.com.
2. Information We Collect
Account information
•
Email address.
•
Cognito user identifier (sub).
Precise location (GPS)
•
Used to generate forecasts and map views for your chosen location.
•
Collected only for Pro or free-trial users who enable location, and only while you use that feature.
User-submitted content
•
Sightings and observations you submit (species, location, timestamp). These contribute to a shared prediction dataset (see Section 6).
Purchase and subscription information
•
Transaction identifiers and entitlement status, via RevenueCat and Apple, Google, or Stripe.
•
We do not store payment card numbers.
Device and diagnostic information
•
Device identifiers and basic diagnostic data used to run and troubleshoot the App.
Push notification tokens
•
Collected only if you enable notifications, so we can send flight alerts.
Third-party data sources
The App also draws on external data (not personal to you) from iNaturalist, GBIF, and Open-Meteo, credited in-app under their licences (including CC BY 4.0 and ODbL).
3. How We Use Your Information
We use personal data to:
•
Generate nuptial-flight forecasts and map views for your chosen location.
•
Send flight-alert notifications you have opted into.
•
Create and manage your account and authenticate you.
•
Improve predictions and the App, including by aggregating submitted sightings into the shared dataset.
•
Process payments and manage subscriptions/entitlements through our payment providers.
•
Provide support, maintain security, prevent abuse, and meet legal obligations.
4. Legal Bases (GDPR)
Where the EU or UK GDPR applies, we rely on these legal bases:
•
Contract — to provide the App, your account, and any Pro features you purchase.
•
Consent — for precise GPS location and push notifications (you can withdraw consent at any time in your device settings; withdrawal does not affect prior processing).
•
Legitimate interests — to improve predictions, secure the App, and prevent misuse, balanced against your rights.
•
Legal obligation — to keep records (for example, tax and transaction records) as required by law.
5. Location Data Specifics
•
We collect precise GPS location only from Pro or trial users who explicitly enable it.
•
Purpose: to produce forecasts and map views for your location and, if enabled, location-based alerts.
•
It is optional and Pro/trial-only — the App works without granting location access, though location-dependent features are locked.
•
You can revoke location permission at any time in your device or browser settings.
•
We retain location data only as long as needed for the features above and to improve predictions; where it feeds the shared dataset, it may be aggregated or reduced in precision (see Section 6).
6. User-Submitted Sightings and the Shared Dataset
Sightings you submit (species, location, timestamp) contribute to a shared prediction dataset that helps forecast nuptial-flight conditions for all users. This dataset may be published or made available to other users and may be combined with third-party data.
Do not submit sightings you are not comfortable making public. If you want a submission removed, contact us (see Section 11); note that content already aggregated or shared may not be fully retractable.
7. Who We Share Data With (Processors and Third Parties)
We share personal data with service providers who process it on our behalf, and with the stores that handle payments:
•
Amazon Web Services (Cognito) — authentication and account storage.
•
RevenueCat — subscription entitlement management.
•
Apple, Google, and Stripe — payment processing.
•
A push-notification service / the platform's notification system — to deliver alerts you enable.
We also draw on public data from iNaturalist, GBIF, and Open-Meteo. These provide data to us; we do not send your personal data to them.
We do not sell your personal information. We may disclose data if required by law or to protect our rights, users, or the public.
8. International Transfers
Our providers (including AWS, RevenueCat, Apple, Google, and Stripe) may process data in countries outside your own, including the United States. Where required, such transfers rely on appropriate safeguards such as the EU Standard Contractual Clauses or an equivalent mechanism. Contact us for more information.
9. Data Retention
We keep personal data only as long as needed for the purposes in this policy:
•
Account data — while your account is active, and for a reasonable period afterward.
•
Location data — for as long as needed to provide and improve location features; aggregated contributions to the shared dataset may persist longer.
•
Purchase/subscription records — as long as required for accounting, tax, and legal compliance.
•
Diagnostics and tokens — for as long as they are useful for operating the App, then deleted or anonymized.
When data is no longer needed, we delete or anonymize it.
10. Your Rights
Under GDPR (EU/UK), you may have the right to:
•
Access the personal data we hold about you.
•
Correct inaccurate data.
•
Delete your data ("right to be forgotten").
•
Restrict or object to certain processing.
•
Data portability (receive a copy in a portable format).
•
Withdraw consent at any time.
•
Lodge a complaint with your local data protection authority.
Under the CCPA/CPRA (California), you may have the right to:
•
Know what personal information we collect and how we use it.
•
Access and delete your personal information.
•
Correct inaccurate personal information.
•
Opt out of "sale" or "sharing" of personal information — we do not sell or share your personal information in this sense.
•
Not be discriminated against for exercising your rights.
To exercise any of these rights, email us at boardthatpowder@gmail.com. We may need to verify your identity before acting on a request, and we will respond within the timeframes required by law.
11. Children's Privacy
The App is not directed to children and is not intended for anyone under 13 (or under the minimum age of digital consent in your country, which may be up to 16). We do not knowingly collect personal data from children. If you believe a child has provided us data, contact us and we will delete it.
12. Security
We use reasonable technical and organizational measures to protect personal data, including authentication through Amazon Cognito and reliance on established payment processors that handle card data directly. No system is completely secure, and we cannot guarantee absolute security. Protect your account by keeping your password confidential.
13. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will revise the "Effective date" above and, where appropriate, notify you in the App. Please review it periodically.
14. Contact
For privacy questions or to exercise your rights, contact the operator of Dealate at:
•
Email: boardthatpowder@gmail.com