Privacy Policy

Last updated: May 14, 2026

This Privacy Policy describes how GuishApp collects, uses, shares, and protects personal information when you use our mobile app or website (the "Platform").

Your privacy matters to us. We only collect the minimum information needed for GuishApp to work, and we never sell your personal data to third parties.

1. Data we collect

1.1 Information you provide

Account: email, name, username (@username), profile photo, date of birth, country.
Optional profile: measurements (height, clothing size, shoe size), favorite brands, tastes, personal notes, and other data you choose to fill in.
User content: lists, saved items, links, images, comments, and messages you send.
Contacts: if you grant permission, we may read your contacts' names and phone numbers to suggest friends who are already on GuishApp. Numbers are matched locally or via hash; we do not store them in plain text.

1.2 Information collected automatically

Device identifiers: push notification token (FCM), device model, and operating system (for debugging).
Technical usage data: errors, crashes, and basic operational metrics needed to keep the service running.
Authentication data: provider used (email, Google, Apple) and login/registration timestamps.

1.3 Information we do NOT collect

We do not use tracking cookies or third-party advertising.
We do not access your precise location (GPS).
We do not read the contents of other apps on your device.

2. How we use your data

We use data solely to:

Create and maintain your account and authenticate you when you sign back in.
Display your lists, items, and profile within the app.
Let you connect with friends and share content.
Send push notifications related to your activity (birthdays, comments, invitations).
Moderate content and protect community integrity (review reports, prevent abuse).
Improve the Platform (debugging, anonymized usage metrics).
Comply with legal obligations when applicable.

3. Who we share data with

We share data with the following providers, only to the extent necessary:

Provider	Purpose	Data
Google Firebase (Authentication, Firestore, Storage, Cloud Messaging)	Account hosting, database, image storage, push notifications.	All account and user content data.
Google Cloud Vision	Detect inappropriate content (NSFW) in images before making them visible.	Images uploaded by the user.
Apple / Google Sign-In	Optional authentication with existing accounts.	Email, name, and avatar (if you authorize sharing them).

We never sell your data to third parties for advertising. The providers listed above act as processors under our instructions.

4. Content visible to other users

Certain information is visible to other users depending on context:

Your username, name, avatar, country, and date of birth can be seen by your friends on GuishApp and, in some cases, by other users when you publish public content (Guishes! feed).
Personal lists are visible to your friends. Lists with public visibility are visible to any logged-in user.
Collaborative lists are visible to all invited members.
Comments on public posts are visible to any user who can see the post.

You can adjust the visibility of each list from its detail screen.

5. Data retention and deletion

We keep your data while your account is active. When you delete your account from Profile → Delete account:

Your profile, lists, items, and messages are deleted within 30 days.
Some data may be retained longer if there is a legal obligation (e.g., fraud prevention or regulatory compliance).
Moderation reports and block logs may be preserved for audit and community safety purposes.

6. Security

We use industry-standard security measures (TLS in transit, Firebase encryption at rest, token-based authentication). No system is 100% secure: if you notice anything suspicious, write to legal@guishapp.com.

7. Your rights

Depending on your jurisdiction, you may have the right to:

Access your personal data.
Correct inaccurate information.
Request deletion of your data.
Export your data in a portable format.
Object to certain uses.

Most of these actions you can do yourself from the app (edit profile, delete account). For any additional request, write to legal@guishapp.com.

8. Minors

GuishApp is not directed at children under 13. If we discover that we have collected data from a child under 13 without parental consent, we will delete that account and its associated data.

9. International data transfers

Your data may be processed on servers located outside your country (for example, in the United States or South America, depending on the Firebase region). We implement the safeguards required by applicable laws.

10. Changes to this Policy

We may update this Privacy Policy. The current version will be posted on this page with the "Last updated" date. If changes are material, we will notify you in the app or by email.

11. Contact

For privacy inquiries or to exercise your rights, write to:
📧 legal@guishapp.com