Kissmap Logo

Effective date: December 12, 2025

Who we are
Controller: Tibbits Consulting Inc. (“we”, “us”, “our”).
Address: (available upon request)
Email: support@tibbits.ca
App: Kiss Map (the “App”)
Website: https://tibbits.ca/kiss-map (the “Site”)

Scope

This Privacy Policy explains how we collect, use, disclose, and protect personal information when you use the App and the Site. If this Policy conflicts with applicable law, we will follow the law where required.

Information We Collect

We collect the minimum data needed to operate the App:

  1. Account & Authentication
    – Email address and password or third‑party auth identifiers (via Supabase Auth).
    – User ID and session tokens.
  2. Couple & Content Data
    – Couple membership (creator, member, join code association).
    – “Kiss” entries you create: latitude/longitude, timestamp, reverse‑geocoded place string, optional notes or title.
    – Local data cached on your device that syncs to our cloud backend (Supabase) when you are online.
  3. Location
    Precise device location (only when you choose to drop a kiss and grant permission). The App does not request background location.
  4. Diagnostics & Usage (optional)
    – Crash logs, performance metrics, device/OS info, and basic interaction events (e.g., screen opens) to improve reliability.
    – If enabled, these are processed by service providers (e.g., Sentry, Expo Updates). We do not collect advertising identifiers.
  5. Support
    – Messages you send to support and related metadata.

We do not intend to collect sensitive categories of data. Please do not include sensitive information in notes.

How We Use Information

  • Provide the Service: account creation, couple join/creation, map and reverse geocoding, local/cloud sync.
  • Security: authentication, fraud prevention, abuse detection.
  • Support: respond to requests, fix issues, improve UX.
  • Improve & Analyze: aggregate analytics and diagnostics to improve performance and stability.
  • Legal: comply with law, enforce Terms, protect rights.

Legal Bases (where applicable)

  • Contract: to provide the App you requested.
  • Consent: for location access and optional analytics/diagnostics (you may withdraw in device settings where applicable).
  • Legitimate Interests: to secure the service and improve performance.
  • Legal Obligation: to comply with applicable laws/regulators.

Sharing & Processing

We do not sell your data or share it with third parties for their independent advertising/marketing. We use service providers (processors) that act on our instructions:

  • Supabase (database hosting, authentication, storage) — stores account, couple, and kiss data; Row Level Security limits access to authorized users within a couple.
  • Google Maps Platform (maps SDKs, geocoding) — processes location/coordinates to render maps and place names.
  • Expo (EAS/Updates) — distributes app builds/over‑the‑air updates and may process technical metadata.
  • Sentry (optional) — crash/error diagnostics.

These providers may process data in jurisdictions outside your own (e.g., U.S., EU). We use appropriate safeguards as required by law and by each provider’s standard terms.

We may disclose data if required by law, regulation, legal process, or to protect people/property and the integrity of the service.

Data Retention

  • Account & couple data: retained while your account is active.
  • Kiss entries: retained until you delete them or delete your account.
  • Backups/logs: may persist for a limited period after deletion (e.g., backups up to ~30 days; security logs up to ~90 days).
  • We will retain only as long as necessary for the purposes above or as required by law.

Account & Data Deletion

You can delete your account at any time:

  • In‑app: Kiss Map → Settings → Delete account
  • Or by contacting support: support@tibbits.ca

What happens when you delete your account:

  • Account removal: Your account and authentication credentials are deleted.
  • Couple membership: You are removed from any couples you joined or created.
  • Content authored by you: Items you created (e.g., kiss entries) may be soft‑deleted (hidden from normal views) or retained as part of shared couple history. If a partner remains in the couple, shared content may continue to be visible to them.
  • Couple lifecycle: If a couple has no members after your deletion, the couple may be deleted.
  • Device data: Cached data stored locally on your device will be cleared when you sign out or delete your account. If you reinstall the App, previously deleted account data will not be restored.

Retention and backups:

  • Backups and system logs may continue to exist for a limited period after deletion (e.g., backups up to ~30 days; security logs up to ~90 days) but are not used to restore your account.
  • We retain only as long as necessary for operation, security, and legal compliance.

Limits:

  • Deletion requests require identity verification.
  • Once deletion is completed, the action cannot be undone and your account cannot be recovered.
  • If you cannot access the App, you may request deletion via email and we will process it after verification.

Notes on shared data:

Kiss Map is designed for couples; some content is shared by design. We preserve shared couple records so the remaining partner keeps access to the shared timeline. Where applicable, records authored solely by you may be soft‑deleted or marked so the remaining partner’s experience is minimally disrupted.

If you prefer complete removal of your authored contributions (hard delete), contact support@tibbits.ca. We will evaluate and, where feasible and consistent with our data model and partner experience, remove your authored content and inform the partner of changes.

Your Choices & Rights

Depending on your region, you may have rights to: access, correct, delete, export (portability), restrict/opt‑out of certain processing, and withdraw consent (e.g., location). To exercise rights or request account/data deletion, contact support@tibbits.ca. We will verify your identity before acting on requests.

You may disable location at any time in device settings; in that case, some features may not function.

Security

We use reasonable safeguards: encryption in transit (HTTPS), access controls, and database Row Level Security (RLS) to restrict records by user/couple. No system is 100% secure; please use strong, unique passwords and keep your device secure.

Children’s Privacy

The App is intended for individuals 18+. We do not knowingly collect personal information from children under 13. If you believe a child under 13 used the App, contact us to delete the account.

International Transfers

Your data may be processed in countries other than your own. By using the App, you understand that your data may be transferred to and processed in those jurisdictions, subject to appropriate safeguards.

Do Not Track & Third‑Party Signals

The App does not respond to Do Not Track signals. We do not use third‑party advertising SDKs.

Changes to This Policy

We may update this Policy from time to time. We will post the new version with an updated effective date. Material changes may be notified in‑app or on the Site.

Contact

Questions or requests: support@tibbits.ca
Postal address: (available upon request)