Privacy Policy for Drink Ally Mobile Application

Effective Date: 2025-12-28

1. Introduction

This Privacy Policy governs the collection, use, storage, and protection of information obtained through the Drink Ally mobile application ("Application"). This document describes the data practices employed by the Application and the rights afforded to users. By accessing or using Drink Ally, users consent to the practices described herein.

2. Age Restrictions and Legal Compliance

Drink Ally is intended exclusively for individuals who have reached the legal drinking age in their jurisdiction.

• (a) Minimum Age Requirement: Users must be at least 21 years of age, or the legal drinking age as determined by applicable law in their jurisdiction, to access this Application.
• (b) Age Verification: Upon initial launch, users are required to confirm compliance with minimum age requirements before accessing Application features.
• (c) Exclusion of Minors: This Application is not intended for use by children or individuals below the legal drinking age. The Application does not knowingly collect information from minors.
• (d) COPPA Compliance: This Application is not directed to children under 13 years of age. No personal information is knowingly collected from children under 13.
• (e) Account Termination: Accounts determined to belong to individuals below the legal drinking age shall be terminated immediately upon discovery.

3. Information Collection

3.1 Local Data (Device Storage Only)

The following information is stored locally on the user's device using AsyncStorage technology and is not transmitted to remote servers:

• Gender (male/female): Utilized for Blood Alcohol Content (BAC) calculation purposes
• Weight (measured in kilograms): Utilized for BAC calculation purposes
• Username (optional): Employed for attribution in social features
• Custom Drink Recipes: User-created drink formulations
• Favorite Drinks: User-selected preferred beverages
• Application Preferences: Including haptics settings for user experience customization
• Age Gate Confirmation and Terms Acceptance: Records of legal compliance
• Last Share Timestamp: Utilized for rate limiting functionality (one share per 24-hour period)

3.2 Account Data (Conditional Upon Google Sign-In)

When users elect to create an account via Google OAuth authentication:

• Email Address: Obtained through Google OAuth for authentication purposes
• Firebase User ID: Anonymous identifier assigned to user accounts

Email addresses are not publicly displayed and are not shared with other users.

3.3 Social Features Data (Conditional Upon Social Tab Usage)

When users engage with social features:

• Shared Drink Recipes: Recipes voluntarily shared with the user community (publicly accessible)
• Username: Attribution identifier associated with shared content (publicly accessible)
• Like Interactions: Records of user engagement with shared content
• Timestamps: Temporal records of shares and interactions
• Like Counts: Aggregate engagement metrics (publicly accessible)

4. Methods of Information Collection

• (a) Direct Input: Users manually provide information including gender, weight, and username
• (b) Google OAuth: Email addresses are obtained when users elect to authenticate via Google
• (c) User Actions: Information is generated through user activities including recipe creation, content sharing, and engagement interactions

5. Purpose and Use of Collected Information

5.1 Core Functionality

• BAC Calculations: Gender and weight data enable Blood Alcohol Content estimation
• Personal Recipe Library: Custom drink recipes are stored for user convenience
• User Experience: Preferences are maintained to preserve user settings

5.2 Social Features

• Content Attribution: Usernames identify publicly shared content
• Account Management: User identifiers link engagement activities and shares to accounts
• Authentication: Email addresses facilitate account authentication via Google

5.3 Legal and Compliance Requirements

• Age Verification: Age gate confirmations ensure compliance with legal drinking age requirements
• Terms Acceptance: Records document user agreement to terms of service

6. Data Storage and Security Measures

6.1 Local Storage

• Personal data (gender, weight, custom recipes, favorites) is stored on user devices via AsyncStorage
• This data does not synchronize to cloud infrastructure or backup to remote servers
• Data persistence is limited to the local device

6.2 Cloud Storage Infrastructure (Firebase)

Google Firebase services hosted in the Europe-West-1 (Belgium) region are employed:

• Firebase Realtime Database: Hosts the read-only official drink recipe library
• Firebase Firestore: Stores shared drinks and engagement data from social features
• Firebase Authentication: Manages Google OAuth credentials and authentication state

6.3 Security Protocols

• All data transmission to Firebase utilizes HTTPS encryption
• Firebase security rules restrict unauthorized data access
• Industry-standard encryption protocols protect information integrity
• EU-region Firebase servers provide GDPR-compliant infrastructure

7. Third-Party Services

7.1 Google/Firebase Services

• Google OAuth: Optional account authentication (scopes: openid, profile, email)
• Firebase Authentication: User account management infrastructure
• Firebase Realtime Database: Recipe library hosting
• Firebase Firestore: Social features data storage (shared recipes, engagement metrics)
• Firebase Analytics: Configured but not actively activated for tracking purposes

Google Privacy Policy: https://policies.google.com/privacy

7.2 Expo Services

• expo-auth-session: OAuth authentication flow management
• expo-web-browser: OAuth sign-in interface
• Technical SDK components: No independent data collection

7.3 Data Sharing Practices

• Personal data is not shared with third parties for advertising, analytics, or marketing purposes
• Data is shared exclusively with Firebase (Google) for essential Application functionality
• Aggregated and anonymized data (such as like counts on publicly shared content) may be visible to other users

8. Public Data and Social Features

8.1 Publicly Accessible Information

• Shared drink recipes (including name, ingredients, preparation instructions)
• Username of the individual who shared the recipe
• Like counts associated with shared content
• Timestamps indicating when content was shared

8.2 Social Features Participation

• Account creation is optional – the Application functions without user authentication
• Access to the Social tab requires authentication
• Users determine whether to share content publicly

9. User Rights and Data Control

9.1 Data Access

• All locally stored data is viewable through Application settings
• Shared content is accessible via the Social tab

9.2 Data Deletion

• Account Deletion: Accounts may be deleted through Application settings or by contacting support
• Local Data: Uninstalling the Application removes all locally stored data
• Shared Content: Removal of shared content may be requested through support channels

9.3 Data Portability

• Local data is stored in standard AsyncStorage format
• Custom recipes may be shared or exported via social features

9.4 Opt-Out

• The Application may be used without account creation
• Social features may be avoided by not authenticating

10. Data Retention Policies

• Local Data: Retained until Application uninstallation or data clearance
• Firebase Authentication: Retained until account deletion
• Shared Recipes: Retained indefinitely unless deletion is requested
• Engagement Data: Retained indefinitely unless account deletion occurs

11. Disclaimers and Warnings

11.1 Blood Alcohol Content Calculator Disclaimer

• Blood Alcohol Content calculations provided by this Application are estimates for entertainment purposes only
• BAC estimates do not constitute accurate medical or legal advice
• BAC calculations should not be used to determine fitness to operate vehicles or machinery
• Numerous factors affect actual BAC levels, including but not limited to: individual tolerance, metabolic rate, food consumption, medications, and health conditions
• Responsible judgment regarding alcohol consumption remains the user's responsibility
• All applicable laws regarding alcohol consumption and operation of vehicles must be observed

11.2 Health and Safety Notice

• This Application provides information regarding alcoholic beverages but does not encourage excessive or underage consumption
• Users bear responsibility for compliance with all applicable laws and regulations concerning alcohol
• Alcohol consumption presents inherent health risks – responsible consumption is advised

12. Cookies and Tracking Technologies

• Cookies: As a mobile application, browser cookies are not employed
• Advertising Trackers: Advertising or behavioral analytics trackers are not utilized
• Cross-Application Tracking: User activity across other applications or websites is not tracked
• React Query Cache: Employed for performance optimization (local storage only)
• Firebase Session Tokens: Utilized exclusively for authentication purposes

13. Children's Privacy (COPPA Compliance)

• This Application is not intended for individuals below the legal drinking age
• This Application is not intended for children under 13 years of age
• Personal information from minors or children is not knowingly collected
• The age gate mechanism is designed to prevent underage access
• Accounts determined to belong to minors will be terminated immediately upon discovery

14. International Users and Data Transfers

14.1 Firebase Hosting Location

• All cloud-stored data resides in the Europe-West-1 (Belgium) region
• Firebase infrastructure complies with General Data Protection Regulation (GDPR) requirements for European Union users
• Users accessing the Application from jurisdictions outside the European Union acknowledge that data will be transferred to and stored within the European Union

14.2 Google OAuth

• Google's Privacy Policy governs authentication via Google services
• Users should review Google's data practices at: https://policies.google.com/privacy

15. Privacy Policy Modifications

• (a) This Privacy Policy may be updated periodically to reflect changes in data practices or to address legal, operational, or regulatory requirements. We will notify you of any material changes by posting the updated policy within the app or by other means of communication.
• (b) Acceptance: Continued use of the Application following policy modifications constitutes acceptance of the updated terms

16. Legal Basis for Data Processing (GDPR)

For users located within the European Union, data processing is conducted under the following legal bases:

• Consent: Users agree to this Privacy Policy and associated Terms of Service
• Contractual Necessity: Processing is required to deliver Application functionality (BAC calculations, account management)
• Legitimate Interest: Social features enable community engagement and content sharing

17. California Privacy Rights (CCPA)

California residents are afforded the following rights:

• Right to Know: Users may request disclosure regarding personal data collection and usage practices
• Right to Delete: Users may request deletion of personal data
• Right to Opt-Out of Sale: Personal information is not sold; therefore, this right is not applicable
• Non-Discrimination: Exercise of privacy rights will not result in discriminatory treatment

To exercise these rights, users should contact support using the information provided below.

18. Contact Information

Questions, concerns, or requests regarding this Privacy Policy or personal data handling should be done via waddleworks.dev

19. Consent and Acceptance

Use of Drink Ally constitutes acknowledgment that this Privacy Policy has been read, understood, and accepted. Account creation constitutes consent to the data processing practices described herein.

Consent may be withdrawn at any time through account deletion or Application uninstallation.

Last Updated: 2025-12-28
Version: 1.0