← Back to Legal Documents

Privacy Policy for Crochet Diagrams

1. Introduction

This Privacy Policy describes how Crochet Diagrams ("we," "our," or "us") collects, uses, and shares information when you use our mobile application (the "App"). We are committed to protecting your privacy and ensuring transparency about our data practices.

2. Information We Collect

2.1 Information You Provide

• Account Information: Email address, username, and authentication credentials
• Profile Information: Display name and preferences
• User-Generated Content: Crochet patterns, diagrams, comments, and ratings
• Pattern Data: Hook sizes, stitch types, dimensions, yarn calculations
• Communication: Messages, feedback, and support requests

2.2 Information Collected Automatically

• Usage Data: App features used, session duration, and interaction patterns
• Device Information: Device type, operating system version, and app version
• Technical Data: IP address, device identifiers, and crash reports
• Location Data: Country/region for compliance and content localization (no precise location)
• Performance Data: App load times, response times, error rates

2.3 Third-Party Information

• Authentication Providers: Google Sign-In and Apple Sign-In profile information
• Analytics Providers: Usage statistics and performance metrics
• Advertising Partners: Ad interaction data and advertising ID (with your consent)
• Payment Providers: Subscription status and purchase validation (no payment card details)

2.4 Biometric Data

When you enable biometric authentication (Face ID/Touch ID on iOS, fingerprint on Android):

• Biometric data is processed locally on your device only
• We never collect, store, or have access to your biometric information
• Authentication tokens are stored securely in device keychain/keystore
• You can disable biometric authentication at any time in app settings

2.5 Pattern and Diagram Specific Data

When you create crochet patterns:

• Mathematical calculations are processed locally on your device
• Patterns are encrypted before cloud storage
• Shared patterns include your username unless made anonymous
• Pattern generation count is tracked for free tier limits (3 patterns)

3. How We Use Your Information

3.1 Core App Functions

• Provide and maintain the App's functionality
• Create and manage your account
• Save and sync your crochet patterns across devices
• Generate diagrams based on your specifications
• Enable social features (comments, ratings, sharing)
• Process mathematical calculations for pattern generation

3.2 Communication

• Send important app updates and notifications
• Respond to your support requests and feedback
• Notify you of changes to our policies
• Send transactional emails (password resets, purchase confirmations)

3.3 Improvement and Analytics

• Analyze usage patterns to improve the App
• Debug issues and optimize performance
• Develop new features based on user behavior
• Monitor app stability and crash reports

3.4 Advertising and Marketing

• Display relevant advertisements (free tier only, with your consent)
• Personalize ad content based on your interests
• Measure advertising effectiveness
• Provide rewarded ads for additional free patterns

3.5 Legal and Safety

• Comply with legal obligations and regulations
• Protect against fraud, abuse, and security threats
• Enforce our Terms of Service
• Protect intellectual property rights

3.6 Automated Decision Making

We use automated systems only for:

• Enforcing usage limits (3 patterns for free tier, 20 for premium)
• Detecting and preventing spam or abuse
• No automated profiling is used for marketing or other purposes

4. Legal Basis for Processing (GDPR)

For users in the European Union and UK, we process your data based on:

• Contract: To provide the App services you've requested
• Legitimate Interest: To improve our services and ensure security
• Consent: For advertising, analytics, and optional features
• Legal Obligation: To comply with applicable laws

5. Information Sharing and Disclosure

5.1 Third-Party Service Providers

We share information with trusted service providers who help us operate the App:

• Firebase (Google):
  • Authentication: Stores user credentials and authentication tokens
  • Firestore Database: Hosts user-generated patterns and preferences
  • Cloud Storage: Stores video tutorials and pattern images
  • Analytics: Collects anonymous usage patterns and performance metrics
  • Crashlytics: Collects crash reports and error logs
  • Cloud Functions: Processes server-side logic
• Google Mobile Ads:
  • Displays advertisements to free tier users
  • Uses Advertising ID for ad personalization (with consent)
  • Collects ad interaction data
• RevenueCat:
  • Manages subscription status and entitlements
  • Processes purchase validation
  • Stores anonymized transaction data
  • Never has access to payment card information
• Google Play Services / Apple Services:
  • Provides authentication services
  • Processes in-app purchases
  • Enables push notifications

5.2 Data Sharing Practices

We do NOT:

• Sell your personal data to third parties
• Share data with third parties for their marketing purposes
• Share your patterns without your explicit consent

Data shared with service providers is limited to:

• Analytics providers: Anonymized usage data only
• Payment processors: Transaction data required for purchases
• Cloud services: Encrypted user content for storage

5.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the new entity. We will notify you before any such transfer.

5.4 Legal Requirements

We may disclose information when required by law, court order, or to protect our rights and safety.

5.5 With Your Consent

We may share information in other circumstances with your explicit consent.

6. Your Rights and Choices

6.1 Access and Control

• View and update your profile information
• Download your data (data portability)
• Delete your account and associated data
• Export your patterns in standard formats

6.2 Privacy Preferences

• Manage consent for advertising and analytics
• Opt out of promotional communications
• Control push notification settings
• Disable biometric authentication

6.3 Regional Rights

EU/UK Users (GDPR):

• Right to access your personal data
• Right to rectification (correction)
• Right to erasure ("right to be forgotten")
• Right to restrict processing
• Right to data portability
• Right to object to processing
• Right to withdraw consent

California Users (CCPA):

• Right to know what personal information is collected
• Right to delete personal information
• Right to opt-out of sale of personal information (we don't sell data)
• Right to non-discrimination

7. Data Retention

We retain your information for as long as necessary to provide services and comply with legal obligations:

• Account Data: Deleted within 30 days of account closure
• User-Generated Patterns: Deleted with account unless shared publicly
• Usage Analytics: Anonymized after 90 days, deleted after 2 years
• Support Communications: Up to 3 years for quality assurance
• Legal Requirements: As required by applicable law
• Backup Data: Deleted within 90 days of primary deletion

8. Data Security

We implement appropriate technical and organizational measures to protect your information:

• Encryption in transit using TLS/SSL
• Encryption at rest for sensitive data
• Regular security assessments and updates
• Access controls and authentication
• Secure third-party integrations
• Regular backups with encryption
• Incident response procedures

8.1 Data Breach Notification

In the event of a data breach that may affect your personal information:

• We will notify affected users within 72 hours of discovery
• Notification will be via email and in-app message
• We will provide information about the breach and steps to protect yourself
• We will notify relevant authorities as required by law

9. International Data Transfers

Your information may be processed in countries outside your residence. We ensure adequate protection through:

• Standard Contractual Clauses (SCCs) with service providers
• Adequacy decisions by relevant authorities
• Firebase services comply with GDPR requirements
• Data processing locations primarily in the United States and European Union

10. Children's Privacy

The App is not intended for children under 13 (or 16 in the EU). We do not knowingly collect personal information from children. If we become aware of such collection, we will delete the information immediately. Parents who believe we have collected information from their child should contact us.

11. Advertising and Tracking

11.1 Advertising

We display ads through Google Mobile Ads (free tier only). You can control ad personalization through:

• App privacy settings
• iOS App Tracking Transparency (ATT) settings
• Android Advertising ID settings
• Google Ad Settings

11.2 App Tracking Transparency (iOS)

For iOS 14.5+ users:

• We request permission to track via the ATT prompt
• If you decline, we don't use IDFA for advertising
• Core app functionality remains available regardless of choice
• You can change this setting in iOS Settings > Privacy > Tracking

11.3 Analytics

We use Firebase Analytics to understand app usage. Data collected includes:

• Screen views and user flows
• Feature usage statistics
• Session duration and frequency
• Anonymous demographic information

You can opt out through app settings.

11.4 Cookies and Similar Technologies

The mobile app doesn't use cookies. Web views within the app may use session storage for functionality.

12. Video Content and Premium Features

For premium subscribers with access to video tutorials:

• Video viewing progress is saved to enable resume functionality
• Bandwidth usage is monitored for optimization
• Content is delivered via secure CDN
• Downloaded videos are encrypted on device

13. Community Features

When you interact with community features:

• Comments are linked to your public profile
• Ratings are aggregated anonymously
• Shared patterns include attribution unless made anonymous
• Blocking a user prevents mutual visibility of content
• Moderators may review flagged content

14. Updates to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes through:

• In-app notifications
• Email notifications (if you've provided an email)
• App Store update notes

Continued use of the App after changes constitutes acceptance of the updated policy.

14.1 Change Log

• v1.0.0 (January 27, 2025): Initial release

15. Contact Us

If you have questions about this Privacy Policy or want to exercise your rights:

For EU/UK Users: If you're not satisfied with our response, you may lodge a complaint with your local data protection authority.

16. Jurisdiction-Specific Information

16.1 European Union & United Kingdom

This section applies to users in the EU and UK under GDPR and UK GDPR.

• Data Controller: Individual Developer, Vojenska 27a, Levice, Slovakia
• Legal Basis: As described in Section 4
• Supervisory Authority: Office for Personal Data Protection of the Slovak Republic

16.2 California, United States

This section applies to California residents under CCPA.

• Categories of Information: As described in Section 2
• Business Purpose: As described in Section 3
• Sale of Information: We do not sell personal information
• Shine the Light: California residents may request information about disclosure to third parties

16.3 Other Jurisdictions

We comply with applicable privacy laws in all jurisdictions where we operate, including but not limited to:

• Canada (PIPEDA)
• Australia (Privacy Act)
• Brazil (LGPD)
• Other applicable regional laws