Privacy Policy

Ravado Tech Ltd ("Ravado Tech", "we", "us", or "our") is a private limited company registered in England and Wales (Company No. 17051903) with its registered office at 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ, United Kingdom.

This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you use our mobile applications, websites, and related services (collectively, the "Services"). It applies to all users worldwide and is designed to comply with:

• The UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018
• The EU General Data Protection Regulation (EU GDPR)
• The California Consumer Privacy Act (CCPA) / California Privacy Rights Act (CPRA)
• Google Play Developer Programme Policies
• Apple App Store Review Guidelines and Apple Developer Program License Agreement
• The Children's Online Privacy Protection Act (COPPA)

By accessing or using our Services you acknowledge that you have read and understood this Privacy Policy. If you do not agree, please do not use our Services.

The data controller responsible for your personal data is:

3.1 Information You Provide Directly

• Account information — name, email address, username, password, and profile picture when you create an account.
• Contact information — details you submit when contacting support or completing forms.
• User-generated content — any content, feedback, or communications you submit through the Services.
• Transaction information — purchase or subscription records processed through Google Play or the Apple App Store (we do not collect or store payment card details).

3.2 Information Collected Automatically

• Device information — device model, operating system and version, unique device identifiers (e.g. Android Advertising ID, Apple IDFA), language, and time zone.
• Usage data — app interaction events, feature usage, session duration, crash reports, and performance diagnostics.
• Network information — IP address, mobile carrier, and connection type.
• Cookies & similar technologies — on our websites we may use cookies, pixels, and local storage for analytics and essential functionality. See our Cookie Policy for details.

3.3 Information from Third Parties

• Platform providers — Google Play and Apple may share limited account or transaction data with us in accordance with their policies.
• Analytics providers — we receive aggregated analytics and crash-reporting data from services such as Google Analytics for Firebase and Crashlytics.
• Advertising partners — if applicable, advertising networks may provide us with anonymised or pseudonymised performance data. See our Advertising Partners page.

We process your personal data only where we have a lawful basis to do so. The primary bases and purposes are:

We do not sell your personal data. We may share data with the following categories of recipients:

• Service providers — trusted vendors who perform services on our behalf (hosting, analytics, customer support) under contractual data-protection obligations.
• Platform operators — Google and Apple receive certain data as part of the normal operation of Android and iOS.
• Advertising partners — where you have consented, we may share device identifiers with advertising networks for measurement and attribution.
• Legal and regulatory authorities — when required by law, court order, or to protect the rights, property, or safety of Ravado Tech, our users, or the public.
• Business transfers — in connection with a merger, acquisition, or sale of assets, your data may be transferred to the successor entity.

Your data may be transferred to and processed in countries outside the UK and the European Economic Area (EEA). Where such transfers occur, we ensure appropriate safeguards are in place, including:

• Standard Contractual Clauses (SCCs) approved by the UK Information Commissioner's Office and the European Commission.
• Adequacy decisions where the destination country provides an adequate level of data protection.
• Binding Corporate Rules or other recognised mechanisms.

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, to comply with legal obligations, to resolve disputes, and to enforce our agreements. When data is no longer required, we securely delete or anonymise it.

• Account data — retained for the lifetime of your account and up to 30 days after deletion request, unless longer retention is required by law.
• Analytics data — aggregated and anonymised within 26 months of collection.
• Support correspondence — retained for up to 3 years after the last interaction.
• Legal and compliance records — retained as required by applicable law (typically 6–7 years).

We implement industry-standard technical and organisational measures to protect your data against unauthorised access, alteration, disclosure, or destruction. These include:

• Encryption in transit (TLS/SSL) and at rest where applicable.
• Access controls and role-based permissions for personnel.
• Regular security assessments and vulnerability testing.
• Incident response and breach notification procedures.

While we strive to protect your data, no method of transmission or storage is completely secure. We cannot guarantee absolute security.

Depending on your jurisdiction, you may have the following rights regarding your personal data:

• Access — request a copy of the personal data we hold about you.
• Rectification — request correction of inaccurate or incomplete data.
• Erasure — request deletion of your personal data ("right to be forgotten").
• Restriction — request that we restrict processing of your data in certain circumstances.
• Data portability — receive your data in a structured, machine-readable format.
• Objection — object to processing based on legitimate interests, including profiling.
• Withdraw consent — where processing is based on consent, withdraw it at any time without affecting the lawfulness of prior processing.
• Non-discrimination — (California residents) we will not discriminate against you for exercising your CCPA/CPRA rights.

To exercise any of these rights, please contact us at support@ravadotech.com or visit our Privacy Request page. We will respond within 30 days (or the period required by applicable law).

Our Services are not directed to children under the age of 13 (or the applicable minimum age in your jurisdiction). We do not knowingly collect personal data from children under this age. If we become aware that we have inadvertently collected data from a child, we will take steps to delete it promptly.

If you believe a child has provided us with personal data, please contact us immediately at support@ravadotech.com.

Where any of our applications are specifically designed for or directed at children, we will create a separate, dedicated privacy policy for that application and comply fully with COPPA, UK Age Appropriate Design Code, and the relevant platform's families policies.

Our applications may integrate third-party services and software development kits (SDKs) that collect data independently. These may include:

• Google Firebase — analytics, crash reporting, push notifications, and remote configuration.
• Google AdMob / Ad Manager — advertising services (where applicable).
• Apple StoreKit — in-app purchase processing.
• RevenueCat — subscription management (where applicable).

These third parties operate under their own privacy policies. We encourage you to review them. We are not responsible for the practices of third-party services.

Some of our free applications may display advertisements served by third-party ad networks. These networks may use device identifiers and usage data to deliver personalised or contextual ads.

• You can opt out of personalised advertising by adjusting your device settings (Android: Settings > Google > Ads; iOS: Settings > Privacy & Security > Tracking).
• You can also visit our Do Not Sell page to opt out of the sale or sharing of your data for advertising purposes.

For a list of our advertising partners, visit our Advertising Partners page.

Our mobile applications may request access to certain device features or data. We only request permissions that are necessary for the app's core functionality. Common permissions include:

• Internet access — required for all online features.
• Storage — to save user preferences or cache data locally.
• Camera / Photos — only if the app includes image capture or selection features.
• Notifications — to send push notifications (with your permission).

You can manage or revoke permissions at any time through your device settings. Revoking certain permissions may limit the functionality of the app.

In compliance with Google Play and Apple App Store requirements, you may request deletion of your account and associated data at any time through:

• The in-app account settings (where available).
• Our Delete My Account page.
• Emailing support@ravadotech.com.

Upon receiving your request, we will delete or anonymise your personal data within 30 days, except where retention is required by law.

Some browsers transmit "Do Not Track" (DNT) signals. There is currently no universal standard for how companies should respond to DNT signals. We do not currently respond to DNT signals but honour opt-out preferences you set via our Cookie Settings and device-level advertising controls.

If you are a California resident, you have additional rights under the CCPA/CPRA:

• Right to Know — you may request details about the categories and specific pieces of personal information we have collected, the sources, business purposes, and third parties with whom we have shared it.
• Right to Delete — you may request deletion of your personal information, subject to certain exceptions.
• Right to Opt-Out — you may opt out of the "sale" or "sharing" of your personal information (as defined under the CCPA/CPRA).
• Right to Correct — you may request correction of inaccurate personal information.
• Right to Limit Use of Sensitive Personal Information — where applicable.

We do not sell personal information for monetary consideration. Where we share identifiers with advertising partners for cross-context behavioural advertising, this may constitute a "sale" or "share" under the CCPA/CPRA. You may opt out via our Do Not Sell page.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons. When we make material changes, we will:

• Update the "Last Updated" date at the top of this page.
• Notify you via in-app notification, email, or a prominent notice on our website as appropriate.

We encourage you to review this Privacy Policy periodically.

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

You also have the right to lodge a complaint with your local data protection authority. In the UK, this is the Information Commissioner's Office (ICO) — ico.org.uk.