Privacy Policy

# Privacy Policy — Sew Assistant

**Last Updated:** February 24, 2026

**Effective Date:** February 24, 2026

---

## 1. Introduction

Welcome to Sew Assistant ("we," "our," or "us"). We are committed to protecting your privacy and ensuring you understand how we collect, use, and safeguard your information when you use our mobile application ("App") available on Android and iOS platforms.

This Privacy Policy explains our practices regarding the collection, use, and disclosure of information when you use our service. By using Sew Assistant, you agree to the collection and use of information in accordance with this policy.

Sew Assistant is a business management application designed for tailors and seamstresses to manage their clients, orders, materials, patterns, suppliers, and appointments.

---

## 2. Data Controller (GDPR)

For users in the European Economic Area (EEA), United Kingdom, and Switzerland:

The data controller responsible for your personal data is:

**Sew Assistant**

Email: sew.assistant.app@gmail.com

If you have any questions about how we process your personal data, please contact us using the details above.

---

## 3. Information We Collect

### 3.1 Account Information

When you create an account, we collect:

- **Email address** – Used for account authentication, password recovery, and essential communications

- **Full name** – Used for personalization and display purposes

- **Profile photo** – Optional, used for account personalization

If you sign in using Google or Apple Sign-In, we receive basic profile information (name, email, profile picture) from these services as authorized by you.

---

### 3.2 Business Data You Create

The App allows you to store and manage your tailoring business information:

| Category | Data Stored |

|---|---|

| **Clients** | Names, email addresses, phone numbers, photos, notes, body measurements |

| **Orders** | Order details, materials, patterns, pricing, payments, deadlines, fittings, notes, photos |

| **Materials** | Names, descriptions, SKUs, categories, prices, units, photos, colors |

| **Patterns** | Names, descriptions, URLs, photos, files (PDFs and other formats), sizes, target gender |

| **Suppliers** | Names, descriptions, phone numbers, email addresses, locations, photos |

| **Measurements** | Custom measurement names, categories, descriptions, reference images |

| **Calendar Events** | Appointments, fittings, deadlines, custom events |

> **Important note about client data:** When you store information about your clients (their names, contact details, measurements), you are acting as a data controller for that information under GDPR. You are responsible for obtaining appropriate consent from your clients to store their personal data and for informing them about how their data is processed.

---

### 3.3 Automatically Collected Technical Data

The following technical data is collected automatically to maintain app stability and diagnose issues:

**Via Firebase Crashlytics (crash and error reporting):**

- Device operating system and version

- App version and build number

- User ID (for grouping related reports — not linked to identifiable information in reports)

- Current screen / navigation breadcrumbs (screen transitions and user actions before a crash)

- Error type, category, and recoverability status

- Custom diagnostic keys (e.g., app version, platform, operation type)

> **Privacy safeguard:** Our error logger filters out personally identifiable information (email, phone, name, address, etc.) before any crash report is sent. Raw client business data is never included in crash reports.

**Via Firebase Analytics (minimal use):**

Firebase Analytics is initialized solely to support Crashlytics breadcrumb logging. We do not log custom analytics events or use Firebase Analytics for behavioral tracking or marketing.

**Via Firebase Remote Config:**

We use Firebase Remote Config to deliver app configuration values (e.g., store URLs, share links) without requiring an app update. No personal data is sent to Remote Config.

---

### 3.4 Feedback Submissions

When you submit feedback through the App, we additionally collect:

- Feedback type (bug, feature request, question, general)

- Subject and message text you provide

- User ID and email address (for follow-up)

- Platform and platform version

- App version and build number

---

### 3.5 Subscription and Purchase Data

When you subscribe to Sew Assistant Premium or restore a purchase, subscription management is handled by RevenueCat. We receive:

- Subscription status and entitlement (active/inactive premium access)

- Purchase history and renewal dates

- Platform (App Store / Google Play)

Payment card details are never collected by us — they are handled directly by Apple App Store or Google Play.

---

### 3.6 Device Permissions

The App requests the following device permissions:

| Permission | Purpose |

|---|---|

| **Camera** | Taking photos for clients, orders, materials, suppliers |

| **Photo Library / Media Images** | Selecting existing photos for the above |

| **File Access (read)** | Selecting pattern files (PDFs, etc.) from device storage |

| **Internet** | Syncing data with Firebase cloud services |

| **Billing (Android)** | Processing in-app purchases via Google Play |

Permissions are requested only when the relevant feature is first used and can be managed in your device settings.

---

### 3.7 User Preferences

We store your in-app preferences locally and in the cloud:

- Language preference

- Theme preference (light / dark / system)

- Currency preference

- Pinned measurement templates

---

### 3.8 Local On-Device Storage

To enable offline functionality, the App stores a local cache of your Firestore data on your device (up to approximately 100 MB). This cache is managed by Firebase Firestore's offline persistence and is stored in your device's private app storage, inaccessible to other apps.

---

## 4. Legal Basis for Processing (GDPR)

Under GDPR, we process your personal data based on the following legal grounds:

| Processing Activity | Legal Basis |

|---|---|

| Account creation and authentication | **Contract** – Necessary to provide the service |

| Storing your business data | **Contract** – Core functionality of the service |

| Syncing data across devices | **Contract** – Essential feature of the service |

| Sending essential account emails | **Contract** – Password reset, email verification |

| Applying user preferences | **Contract** – Personalizing your experience |

| Processing feedback submissions | **Legitimate Interest** – To improve our service |

| Crash and error reporting (Crashlytics) | **Legitimate Interest** – To maintain app stability and fix bugs |

| Subscription management (RevenueCat) | **Contract** – Required to manage your premium subscription |

---

## 5. How We Use Your Information

We use the collected information to:

- **Provide the Service** – Enable you to manage your tailoring business, including clients, orders, materials, patterns, suppliers, and appointments

- **Authenticate Users** – Verify your identity and maintain account security

- **Sync Data** – Keep your data synchronized across devices using Firebase cloud storage

- **Maintain Stability** – Detect, diagnose, and fix crashes and errors via Firebase Crashlytics

- **Improve the App** – Respond to feedback and enhance app functionality via Firebase Remote Config

- **Manage Subscriptions** – Verify and grant access to premium features via RevenueCat

- **Communicate** – Send essential account-related communications (password reset, email verification)

- **Personalize Experience** – Apply your language, theme, and currency preferences

**We do NOT use your data for:**

- Advertising or marketing purposes

- Selling to third parties

- Behavioral profiling or automated decision-making

- Interest-based targeting or behavioral analytics

---

## 6. Data Storage and Security

### 6.1 Cloud Storage

Your data is stored securely using Google Firebase services:

- **Firebase Authentication** – Secure user authentication

- **Cloud Firestore** – Database storage with per-user data isolation

- **Firebase Storage** – Images and files

- **Firebase Crashlytics** – Crash and error logs

- **Firebase Remote Config** – App configuration

All data is encrypted in transit using HTTPS/TLS and at rest on Firebase servers.

### 6.2 Data Isolation

Your business data is completely isolated from other users. Each user can only access their own data through authenticated and server-enforced security rules.

### 6.3 Security Measures

- Secure authentication protocols (OAuth 2.0)

- Firebase App Check for app integrity verification (Play Integrity on Android, DeviceCheck on iOS)

- Server-side Firestore security rules

- Encrypted data transmission (TLS 1.3)

- Secure password hashing

- PII filtering in crash and error reports

---

## 7. Data Sharing and Disclosure

**We do not sell, trade, or rent your personal information to third parties.**

We may share information only in the following circumstances:

### 7.1 Service Providers

We use the following third-party services to operate our App:

| Service | Purpose | Privacy Policy |

|---|---|---|

| **Google Firebase** | Authentication, database, file storage, crash reporting, analytics, remote config | [policies.google.com/privacy](https://policies.google.com/privacy) |

| **Google Sign-In** | Authentication option | [policies.google.com/privacy](https://policies.google.com/privacy) |

| **Apple Sign-In** | Authentication option (iOS) | [apple.com/legal/privacy](https://www.apple.com/legal/privacy/) |

| **RevenueCat** | Subscription and in-app purchase management | [revenuecat.com/privacy](https://www.revenuecat.com/privacy) |

| **Google Play Billing** | Payment processing (Android) | [policies.google.com/privacy](https://policies.google.com/privacy) |

| **Apple App Store** | Payment processing (iOS) | [apple.com/legal/privacy](https://www.apple.com/legal/privacy/) |

Each service provider is bound by their own privacy policies and relevant data protection agreements. We do not control the data practices of these third parties.

### 7.2 Legal Requirements

We may disclose your information if required by law, legal process, or governmental request.

### 7.3 Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you before your data is transferred and becomes subject to a different privacy policy.

---

## 8. International Data Transfers

For users in the EEA, UK, and Switzerland:

Your data is processed and stored on Google Firebase and RevenueCat servers, which may be located outside the European Economic Area, including in the United States.

For these international transfers, we rely on:

- **Standard Contractual Clauses (SCCs)** approved by the European Commission

- **Google's compliance with the EU–U.S. Data Privacy Framework**

- **RevenueCat's compliance with applicable data transfer mechanisms**

Google has certified under the EU–U.S. Data Privacy Framework, ensuring adequate protection for your data.

---

## 9. Data Retention

| Data Type | Retention Period |

|---|---|

| **Active account data** | Retained while your account is active |

| **Deleted account data** | Permanently deleted within 30 days of account deletion, including all client records, orders, materials, patterns, suppliers, measurements, calendar events, and uploaded files |

| **Crash reports (Crashlytics)** | Retained by Firebase for up to 90 days |

| **Feedback submissions** | Retained for product improvement; may be anonymized after 2 years |

| **Database backups** | Backup copies may persist for up to 30 days after deletion |

| **Local on-device cache** | Cleared when the App is uninstalled |

---

## 10. Your Rights and Choices

### 10.1 Access and Update

You can access and update your account information directly within the App through the **Profile** section.

### 10.2 Data Export

You can view all your business data within the App at any time. To request a machine-readable export of your data, please contact us at sew.assistant.app@gmail.com.

### 10.3 Account Deletion

You can delete your account and all associated data through the App:

1. Navigate to **Profile**

2. Select **"Delete Account"**

3. Re-authenticate for security

4. Confirm the deletion

> **This action is irreversible** and will permanently delete all your data.

### 10.4 Withdraw Consent

You may stop using the App at any time. To withdraw consent for data processing, please delete your account as described above.

### 10.5 Manage Device Permissions

You can revoke camera, photo library, and file access permissions at any time through your device settings. Revoking these permissions will disable the corresponding features but will not affect data already stored.

### 10.6 Manage Subscriptions

You can manage or cancel your subscription at any time through:

- **iOS:** Settings → Apple ID → Subscriptions

- **Android:** Google Play → Subscriptions

---

## 11. GDPR Rights (EEA, UK, and Switzerland Users)

If you are located in the European Economic Area, United Kingdom, or Switzerland, you have the following rights under GDPR:

| Right | Description |

|---|---|

| **Right to Access** | Request a copy of your personal data we hold |

| **Right to Rectification** | Request correction of inaccurate or incomplete data |

| **Right to Erasure** | Request deletion of your personal data ("right to be forgotten") |

| **Right to Restrict Processing** | Request limitation of how we process your data |

| **Right to Data Portability** | Receive your data in a structured, machine-readable format |

| **Right to Object** | Object to processing based on legitimate interests |

| **Right to Withdraw Consent** | Withdraw consent at any time where processing is based on consent |

| **Right to Lodge a Complaint** | File a complaint with your local data protection authority |

To exercise any of these rights, please contact us at **sew.assistant.app@gmail.com**. We will respond within 30 days.

---

## 12. CCPA Rights (California Residents)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA):

- **Right to Know** – Request disclosure of personal information collected, used, and shared

- **Right to Delete** – Request deletion of your personal information

- **Right to Opt-Out** – Opt-out of the sale of personal information *(we do **not** sell your data)*

- **Right to Non-Discrimination** – We will not discriminate against you for exercising your privacy rights

**California "Shine the Light" Law:** We do not share personal information with third parties for their direct marketing purposes.

---

## 13. Children's Privacy

Sew Assistant is not intended for children under the age of 16 (or 13 in jurisdictions where 13 is the applicable minimum age). We do not knowingly collect personal information from children.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at **sew.assistant.app@gmail.com**, and we will delete such information promptly.

---

## 14. Third-Party Links

The App may contain links to third-party websites or services (e.g., pattern URLs you add, supplier websites). We are not responsible for the privacy practices of these third-party sites. We encourage you to review their privacy policies before providing any personal information.

---

## 15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any significant changes by:

- Posting the new Privacy Policy in the App

- Updating the "Last Updated" date at the top of this policy

- Sending an email notification for material changes (where required by law)

We encourage you to review this Privacy Policy periodically. Continued use of the App after changes constitutes acceptance of the updated policy.

---

## 16. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

**Email:** sew.assistant.app@gmail.com

We aim to respond to all privacy-related inquiries within 30 days.

---

*By using Sew Assistant, you acknowledge that you have read and understood this Privacy Policy and agree to the collection, use, and disclosure of your information as described herein.*

---

© 2026 Sew Assistant. All rights reserved.