Privacy Policy

Version 1.0 — Effective Date: 1st April, 2026

1. Operator and Data Controller

Critiqle is operated by Frank Pierini, 382 Colgate Way, Freehold, NJ 07728, United States. Contact: support@critiqle.com. For purposes of the EU General Data Protection Regulation (GDPR), Frank Pierini is the data controller.

2. Data We Collect

(a) Account Data:

  • Email address
  • Username and display name
  • Password (hashed; never stored in plain text)
  • Phone number (if voluntarily provided)
  • Profile photo (if voluntarily uploaded)

(b) User Content:

  • Posts, comments, votes, feedback, and any media you upload

(c) Transaction and Payment Data:

  • Purchase history and subscription status. Payment details are processed and held by Apple or Google; we do not store full payment card information.

(d) Device and Technical Data:

  • Device type, operating system version, app version
  • IP address
  • Mobile advertising identifier (IDFA/GAID) only where App Tracking Transparency consent has been granted (Apple) or as permitted by applicable law

(e) Usage Data:

  • Pages viewed, features used, time spent in app, click events
  • Crash reports and performance data (Firebase Crashlytics)
  • Analytics events (Firebase Analytics / Google Analytics for Firebase)

(f) Communications:

  • Messages sent to us via email or in-app support features

3. How We Use Your Data

We use your personal data to:

  • Create and manage your account and authenticate your identity
  • Operate, maintain, and improve the Critiqle platform
  • Process and fulfill in-app purchases
  • Send service-related notifications (account activity, votes, comments)
  • Provide AI-assisted feedback summarization features
  • Detect, prevent, and investigate abuse, fraud, and violations of our Terms
  • Comply with applicable legal obligations
  • Analyze aggregate usage patterns to improve app performance

4. Legal Basis for Processing (GDPR — EU/EEA Users)

If you are located in the EU or EEA, we process your personal data under the following legal bases:

  • Contract performance: To provide the Critiqle service you have signed up for
  • Legitimate interests: To improve our service, prevent fraud, and ensure platform security, where not overridden by your rights
  • Legal obligation: To comply with applicable laws
  • Consent: Where relied upon (e.g., marketing communications or tracking), you may withdraw consent at any time without affecting prior processing

5. Analytics and Crash Reporting — Firebase Services

We use the following Firebase services operated by Google LLC:

  • Firebase Analytics: Collects anonymized usage data, event logs, and engagement metrics
  • Firebase Crashlytics: Collects crash reports, stack traces, and device state to diagnose app errors
  • Firebase Authentication: Manages user sign-in securely
  • Cloud Firestore: Stores app data including user profiles and content

Google's privacy policy is available at https://policies.google.com/privacy. For EU/EEA users, these services involve data transfer to the United States under Standard Contractual Clauses.

6. App Tracking Transparency (Apple Users)

We do not use your device advertising identifier (IDFA) for cross-app or cross-site advertising tracking. You will not be shown an App Tracking Transparency prompt for advertising purposes. If this changes in a future version of the app, we will update this policy and request your explicit permission.

7. Push Notifications

We may send push notifications to alert you of account activity such as new comments, votes, or messages. You may disable push notifications at any time through your device system settings without affecting your ability to use the app.

8. Data Sharing

We do not sell your personal data. We share data only in the following circumstances:

  • Service providers: With vendors (including Google Firebase) that process data on our behalf under data processing agreements
  • Platform operators: With Apple and Google in connection with app distribution and in-app purchases
  • Legal authorities: Where required by law, court order, or to protect user or public safety
  • Business transfer: In the event of a merger, acquisition, or asset sale, subject to the same privacy protections

9. Data Retention

We retain personal data for as long as your account is active or as needed to provide the service. Upon account deletion:

  • A 30-day soft-delete period begins; data is preserved in case you wish to restore
  • After 30 days, personal data is permanently deleted
  • Posts are removed; comments and votes may be retained in anonymized form
  • Transaction records may be retained for up to 7 years as required by law

10. Your Rights

All Users:

You may access, correct, or request deletion of your personal data by contacting support@critiqle.com at any time.

California Residents (CCPA / CPRA):

  • Right to know the categories and specific pieces of personal information collected about you
  • Right to delete your personal information (subject to certain exceptions)
  • Right to opt-out of the sale or sharing of personal information (we do not sell or share personal information for advertising purposes)
  • Right to correct inaccurate personal information
  • Right to limit use of sensitive personal information
  • Right to non-discrimination for exercising your rights

To exercise any right, contact support@critiqle.com. We will respond within 45 days as required.

EU/EEA Residents (GDPR):

  • Right of access to your personal data
  • Right to rectification of inaccurate data
  • Right to erasure ("right to be forgotten")
  • Right to restriction of processing
  • Right to data portability
  • Right to object to processing based on legitimate interests
  • Right to withdraw consent at any time
  • Right to lodge a complaint with your national supervisory authority

Contact support@critiqle.com. We will respond within 30 days.

11. International Data Transfers

Critiqle is operated in the United States. If you access the app from outside the US, your data will be transferred to and processed in the United States. For EU/EEA users, such transfers are made under Standard Contractual Clauses approved by the European Commission.

12. Data Security

We implement reasonable technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These include encrypted data transmission (HTTPS/TLS), hashed password storage, and access controls. No method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

13. Children's Privacy

Critiqle is not intended for children under 13. We do not knowingly collect personal data from children under 13. If we become aware that a user is under 13, we will promptly delete their account and associated data. If you believe a child under 13 has provided us with personal data, contact support@critiqle.com.

14. Third-Party Services

Critiqle may contain links to or integrations with third-party services. Those services have their own independent privacy policies. We are not responsible for the privacy practices of any third party.

15. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the effective date above and notify you of material changes through the app or via email. Your continued use of Critiqle after any changes constitutes acceptance of the updated policy.

16. Contact

For questions, concerns, or to exercise your rights:

Email: support@critiqle.com

Mail: Frank Pierini, 382 Colgate Way, Freehold, NJ 07728, United States