BeBored – Privacy Policy & Cookie Policy
Quick summary (non‑binding)
BeBored is for 16+, not medical advice, not for emergencies.
We collect name, email, avatar from Apple/Google sign‑in; device IDs, push tokens; usage/progress; crash/analytics events.
No ads or cross‑app tracking. Data primarily stored in the EU (eur3) on Firebase.
Delete your account in‑app; backups/logs cleared within 90 days.
For anything else: support@beboredapp.com.
Effective date: [2025‑09‑17]
1. Who is the controller?
Hitaya Kollektiv ApS is the controller for personal data processed via the BeBored app.
Contact: support@beboredapp.com
CVR: 45890899
2. Scope
This Privacy Policy applies to our mobile apps (iOS and Android). Our website is covered by the Cookie Policy below and any website‑specific notices.
3. What data we collect
We collect the following categories of personal data:
Category | Examples | Source |
|---|---|---|
Account data | Full name (when available from Apple/Google), email, profile photo/avatar | Provided by you via Sign in with Apple / Google |
Device & app data | Device model/OS version, device identifiers, push notification tokens, app version, language/locale | Your device / app |
Usage & progress | Session durations, minutes, streaks, badges, in‑app actions and feature usage (non‑sensitive) | Generated during your use |
Diagnostics | Crash logs, performance events | App/OS; Firebase Crashlytics |
We do not collect special categories of data (e.g., health, biometric, religious) and do not ask you to upload content at launch.
4. Purposes and legal bases (GDPR)
Purpose | Legal basis |
|---|---|
Provide and operate the Service (account creation; core functionality; progress syncing) | Contract (Art. 6(1)(b)) |
Analytics & product improvement (aggregate usage trends, feature performance) | Legitimate interests (Art. 6(1)(f)) – to understand and improve the Service; not used for ads or cross‑app tracking |
Crash reporting & diagnostics | Legitimate interests (Art. 6(1)(f)) – to maintain stability and security |
Push notifications (reminders, streak nudges) | Legitimate interests (Art. 6(1)(f)); you can opt out in OS settings |
Security & fraud prevention | Legitimate interests (Art. 6(1)(f)) |
Legal compliance | Legal obligation (Art. 6(1)(c)) |
Where we rely on legitimate interests, we balance our interests against your rights and expectations. You can object to processing based on our legitimate interests (see Your rights).
5. Sub‑processors & international transfers
We use trusted providers to process data on our behalf:
Google LLC / Google Ireland Limited – Firebase (Authentication, Firestore/Database in eur3 multi‑region within the EU, Crashlytics, Analytics), Cloud Functions/Cloud Messaging. Transfers outside the EEA, if any, are protected by EU Standard Contractual Clauses (SCCs) and Google’s Data Processing Terms.
Apple Inc. – Sign in with Apple (authentication). Apple may act as an independent controller for sign‑in data.
Data is primarily stored in the EU (eur3). Where data is transferred internationally (e.g., for support or provider operations), we rely on appropriate safeguards such as SCCs.
6. Data retention
We keep data only as long as necessary for the purposes above:
Data | Typical retention |
|---|---|
Account & profile (name, email, avatar) | Kept while account is active; deleted upon account deletion (see below) |
Usage & progress | Kept while account is active; deleted upon account deletion |
Crash logs & analytics events | Short to moderate periods needed for diagnostics/improvements (e.g., 90–180 days), then aggregated or deleted |
Backups & system logs | Deleted within 90 days after account deletion |
7. Account deletion & data export
Delete your account anytime in the app: Profile → Delete Account. Primary records are removed promptly; backups/system logs are cleared within 90 days.
Data export: Email support@beboredapp.com from your account email to request a copy of your data.
8. Your rights (EEA/UK)
Subject to conditions and limitations under GDPR, you have the right to access, rectify, erase, restrict, port, and object to certain processing. You also have the right to lodge a complaint with your local supervisory authority. In Denmark, this is Datatilsynet.
To exercise rights, contact support@beboredapp.com. We may need to verify your identity.
9. Children’s privacy
BeBored is not for children under 16. If you believe a minor under 16 has created an account, contact us and we will take appropriate steps to delete the account and associated data.
10. Security
We use administrative, technical, and organizational measures appropriate to the risk, including secure authentication via Apple/Google, encrypted transport, access controls, and least‑privilege practices. No method is 100% secure.
11. No advertising & tracking
We do not serve third‑party ads or engage in cross‑app tracking. Analytics is used only to understand app performance and usage in aggregate.
12. Changes to this Privacy Policy
We may update this Policy as we evolve the Service (e.g., if we add social features or payments). We will notify you of material changes where required (e.g., in‑app notice).
13. Contact
For privacy questions or requests: support@beboredapp.com
3) Cookie Policy (website)
This Cookie Policy explains how we use cookies on our website beboredapp.com (the “Website”). It does not apply to the mobile apps (see Privacy Policy above for app data).
1. What are cookies?
Cookies are small text files placed on your device to make the site work, keep it secure, and help us understand how it’s used. Similar technologies (like local storage) may be used for the same purposes.
2. How we use cookies
We aim to be minimal and privacy‑friendly:
Strictly necessary cookies – required for basic site functionality and security; cannot be switched off.
Analytics cookies (optional) – used to understand visits and improve the site. If used, these will run only with your consent (via a banner) and will not be used for advertising or cross‑site tracking.
3. Your choices
On your first visit, you may see a cookie banner. You can accept or reject analytics cookies and can change your choice at any time via the banner’s “Cookie settings” link (or your browser settings). Blocking some cookies may impact site performance.
4. Cookies we use (illustrative)
Necessary: session cookie to keep your preferences (expires at end of session or shortly thereafter).
Analytics (if enabled): a first‑party analytics cookie with a randomized identifier (e.g., 6–12 months expiry).
We will keep this section updated with the exact names and lifetimes if/when analytics is enabled.
5. Updates
We may update this Cookie Policy from time to time. Material changes will be communicated via the banner or on this page.
6. Contact
Questions about cookies? support@beboredapp.com