/ PRIVACY

Privacy policy

Effective 15 Apr 2026

Data controller: WildSpotter — hola@wildspotter.app. This policy covers both the website wildspotter.app and the WildSpotter mobile app for Android and iOS.

1. Summary

We don't sell or share your data. We don't use third-party advertising or analytics. The app has no user accounts, so we don't ask for your name, age or phone number. Your location is used only on-device to center the map.

2. Website and waitlist

On the website we only collect email, language, campaign UTM parameters, country (from the Cloudflare header) and user agent. No third-party cookies, no Google Analytics. The data is used to notify you at launch. Legal basis: your explicit consent (double opt-in) under the GDPR.

3. Location in the app

The app requests location permission ("while using the app") for one purpose only: to center the map on your position and show a blue dot marker. Your location is never transmitted to our servers, stored, or shared. You can revoke the permission any time from your OS settings.

4. Crash reporting

We use Sentry to detect technical failures. When the app crashes, Sentry receives a stack trace, the app version, device model and OS version. It does not receive your location, your email, or the content you are viewing in the app. Legal basis: legitimate interest in keeping the service stable and secure.

5. WildSpotter API

The app queries the API at api.wildspotter.app to fetch spots for an area. Requests include the map bounding box (coordinates) and your filter preferences. Our server, hosted on Hetzner (Germany), records the request IP in standard access logs for up to 30 days for security purposes. We do not tie that IP to any user because the app has no accounts.

6. Advertising, analytics and children

The app ships no ad SDKs, no Google Analytics, no Facebook/TikTok Pixel, and no other tracking system. WildSpotter is not directed to children under 13 and we do not knowingly collect data from children under that age.

7. Retention

Website: until you unsubscribe; unconfirmed signups older than 30 days are deleted automatically. App: crash reports stored in Sentry for 90 days; API access logs for 30 days.

8. Processors

Cloudflare (website hosting + D1 database), Resend (transactional email), Hetzner Online GmbH in Germany (mobile API hosting) and Sentry / Functional Software, Inc. (app crash reporting). All are GDPR-compliant.

9. Your rights

Access, rectification, erasure, portability and objection. Write to hola@wildspotter.app or use the unsubscribe link in any email. We respond within 30 days.

10. Changes

If we update this policy we'll update the date above. Material changes are emailed to waitlist subscribers.