BottleBuddy is operated by [LEGAL ENTITY NAME], a company incorporated in Malta with company registration number [MALTA COMPANY REGISTRATION NUMBER] and registered address at [REGISTERED ADDRESS] ("BottleBuddy", "we", "us", or "our").
Contact: support@bottlebuddy.eu. Privacy contact: privacy@bottlebuddy.eu. Legal/DSA contact: legal@bottlebuddy.eu.
BottleBuddy provides a peer-to-peer mobile marketplace that helps people who have refundable deposit bottles ("Providers") connect with people willing to collect those bottles and redeem the deposit value themselves ("Collectors").
This Privacy Policy explains how we collect, use, disclose, store, and protect personal data when you use the BottleBuddy mobile application, website, APIs, support channels, and related services.
This policy applies to users in the European Union and European Economic Area, including Malta. It is intended to satisfy transparency obligations under the GDPR and related Maltese data-protection law.
| Category | Examples | Purpose |
|---|---|---|
| Account data | Email address, password hash, display name, profile photo, role preference | Account creation, authentication, profile operation, trust and safety |
| Location/listing data | City, country, listing title, description, bottle counts, photos, pickup address, pickup notes | Creating and displaying listings, matching users, coordinating pickups |
| Communications | Pickup requests, chat messages, support messages, abuse reports | Coordinating pickups, support, moderation, dispute handling |
| Ratings/reviews | Star ratings, comments, rating count, average rating | Trust and reputation system |
| Subscription/payment metadata | Plan, status, purchase channel, renewal/cancellation status, Stripe/customer IDs or app-store transaction references | Administering paid features, invoices, fraud prevention, legal compliance |
| Category | Examples | Purpose |
|---|---|---|
| Device/app data | Device platform, OS version, app version, crash logs | Security, diagnostics, debugging, service improvement |
| Approximate location | GPS or device location when permission is granted | Showing nearby listings and map functionality |
| Usage events | Listing posted, pickup requested, pickup completed, account settings changed | Service operation, analytics, fraud prevention, feature improvement |
| Security data | IP address, login/session metadata, abuse signals, rate-limit data | Security, fraud prevention, account protection, enforcement |
We do not intentionally collect contacts, microphone audio, browsing history, advertising IDs, or sensitive special-category data unless you voluntarily include such information in messages or uploaded content. Please do not upload or send unnecessary personal or sensitive information.
Exact pickup addresses are sensitive. BottleBuddy is designed so that exact pickup information is not publicly visible.
| Legal basis | Processing purposes |
|---|---|
| Contract performance — GDPR Art. 6(1)(b) | Creating and managing accounts, listings, pickup requests, chat, ratings, subscriptions, and support requests. |
| Consent — GDPR Art. 6(1)(a) | Optional device location, optional push notifications, optional marketing communications, and optional permissions where required. |
| Legitimate interests — GDPR Art. 6(1)(f) | Fraud prevention, platform safety, moderation, security logging, abuse prevention, service improvement, enforcing terms, and handling disputes. |
| Legal obligation — GDPR Art. 6(1)(c) | Tax, accounting, legal compliance, regulatory requests, and legally required recordkeeping. |
We do not sell personal data. We do not use third-party advertising trackers. We share personal data only where necessary for the service, legal compliance, safety, or support.
| Recipient / provider | Purpose | Location / safeguards |
|---|---|---|
| Supabase | Database, authentication, storage, backend infrastructure | EU-West-1 (Ireland); DPA in place |
| Stripe | Payment and subscription processing for web purchases | EU primary; may involve non-EEA processing under SCCs and Stripe DPA |
| Apple App Store | App distribution, in-app purchases, diagnostics, subscription management | Apple may process globally under its terms |
| Google Play | App distribution, in-app purchases, diagnostics, subscription management | Google may process globally under its terms |
| OpenStreetMap Nominatim | Address autocomplete and geocoding | EU-hosted; queries do not include user identifiers |
| Sentry | Crash reporting and error monitoring | EU host (sentry.io EU region); PII scrubbed before send |
| PostHog | Product analytics (event names + anonymous device IDs after sign-in: auth user ID only — no email, no chat content) | EU cloud (eu.i.posthog.com) |
| Cloudflare | Email routing (forwarding only — no message storage at Cloudflare beyond transit) | EU presence; SCCs in place |
| Expo Push (APNs / FCM) | Push notification delivery | Apple / Google global infrastructure under their respective DPAs |
Other authenticated users may see your display name, avatar, approximate location, role, ratings, rating count, and listing information. Exact address, email address, private chat content, payment details, and support communications are not publicly visible.
BottleBuddy uses EEA-based hosting for core app data. Some service providers — app stores, payment providers, diagnostics providers — may process limited personal data outside the EEA. Where required, we rely on appropriate safeguards such as adequacy decisions, Standard Contractual Clauses, data-processing agreements, and supplementary technical and organisational measures.
| Data type | Retention |
|---|---|
| Account/profile data | Until account deletion or closure, unless longer retention is required by law or for legitimate safety/fraud reasons. |
| Listings | Normally up to 90 days after expiry, cancellation, or completion. |
| Pickup records and ratings | Normally up to 24 months for trust, safety, and dispute handling. |
| Chat messages | Normally up to 90 days after pickup completion, unless needed for safety, dispute, or legal purposes. |
| Audit / security logs | 180 days (private.audit_log), then automatically deleted by scheduled job. Critical events are mirrored to Sentry for the standard Sentry retention. |
| Server/security logs | Normally up to 30 days, unless needed for abuse prevention, security, or legal purposes. |
| Payment, invoice, tax, and subscription records | 10 years (Malta Companies Act and Income Tax Management Act), or longer/shorter as required by applicable law. |
Subject to applicable law and verification of your identity, you may request access, correction, deletion, restriction, portability, objection to legitimate-interest processing, withdrawal of consent, and information about safeguards for international transfers. You also have the right to lodge a complaint with your local supervisory authority, including the Malta Office of the Information and Data Protection Commissioner.
Send requests to privacy@bottlebuddy.eu. We aim to respond within one month unless an extension is permitted by law.
You may request deletion of your account through the app (Profile → Account → Delete account) or by contacting privacy@bottlebuddy.eu. Deletion is preceded by a 30-day grace period during which the account is soft-disabled but can be restored by signing in. After the grace period the underlying auth record is permanently removed and remaining content is anonymised. Information that must be retained for legal, accounting, fraud-prevention, dispute, or security purposes may be restricted or anonymised in place where deletion is not possible.
BottleBuddy is not intended for children under 16 unless applicable local law permits a lower age and BottleBuddy has implemented the required safeguards. If we learn that a child has unlawfully created an account, we may delete the account and related data.
No online service is completely secure. You should use a strong unique password (minimum 8 characters in BottleBuddy) and notify us promptly if you suspect unauthorised access.
Photos, avatars, listing descriptions, and other uploaded content may be visible to other users depending on the feature. Listing and avatar images are stored in public buckets — anyone with the direct URL can view them, though enumeration is blocked. Photos uploaded through the app are compressed and stripped of EXIF metadata (including precise GPS coordinates from your phone's camera) before upload. Do not upload content that includes unnecessary personal information, other people without appropriate consent, or anything you do not want visible to other users.
We may update this Privacy Policy. If changes are material, we will provide reasonable notice, such as by email, in-app notice, or website notice. Where required by law, we will request fresh consent.
[LEGAL ENTITY NAME]
[REGISTERED ADDRESS]
Company number: [MALTA COMPANY REGISTRATION NUMBER]
Support: support@bottlebuddy.eu
Privacy: privacy@bottlebuddy.eu
Legal/DSA: legal@bottlebuddy.eu