Home

Privacy Policy

Last updated: January 2025

Introduction

Sayr ("we," "us," "our," or "Company") values your privacy. This Privacy Policy explains how we collect, use, disclose, and process your information when you use our mobile application, website, and related services ("Services"). This policy applies to users worldwide, including those in the European Union (GDPR), California (CCPA), and other jurisdictions. Please read this policy carefully. By using Sayr, you consent to our privacy practices as described herein.

1. Information We Collect

  • 1.1 Location Data: With your permission, we collect your precise or approximate location to provide route recommendations and public transportation information. Location is collected only while you actively use the app (foreground location).
  • 1.2 Search and Destination Data: Information you voluntarily enter, such as starting points, destinations, and travel preferences.
  • 1.3 Device Information: Device type, operating system version, app version, device identifiers (IDFA on iOS, AAID on Android), and device model for optimization and support.
  • 1.4 Usage Analytics: How you interact with the app—features used, routes searched, time spent in app, button clicks, and error reports.
  • 1.5 Account Information: If you create an account, we collect your name, email address, and profile preferences.
  • 1.6 Advertising Identifiers: We collect your mobile advertising ID to enable personalized advertising and frequency capping.
  • 1.7 Crash and Performance Data: Diagnostic logs, error reports, and app performance metrics to improve reliability.
  • 1.8 Web Cookies: On our website, we use cookies, local storage, and similar tracking technologies to analyze traffic, remember preferences, and track conversions.

2. Legal Basis for Processing (GDPR)

  • 2.1 Consent: We rely on your consent for location tracking, device advertising ID collection, and analytics.
  • 2.2 Legitimate Interest: Improving app functionality, fraud prevention, and app security.
  • 2.3 Performance of Contract: Processing necessary to deliver route information and app services.
  • 2.4 Legal Obligation: Compliance with laws and requests from government authorities.

3. How We Use Your Data

  • 3.1 Service Delivery: Providing route recommendations, transit information, and personalized guidance.
  • 3.2 App Improvement: Analyzing usage patterns to identify bugs, optimize performance, and develop features.
  • 3.3 Personalization: Tailoring your experience based on your usage history and preferences.
  • 3.4 Advertising: Serving relevant, non-invasive advertisements through third-party ad networks.
  • 3.5 Analytics: Understanding user behavior, traffic patterns, and engagement metrics.
  • 3.6 Customer Support: Responding to inquiries and providing technical assistance.
  • 3.7 Legal Compliance: Meeting legal, regulatory, and law enforcement requests.

4. Data Sharing with Third Parties

  • 4.1 Ad Networks: We share your advertising ID, general location (country/city level), and usage data with third-party ad partners (e.g., Google AdMob, Facebook Audience Network, AppLovin) to display relevant ads.
  • 4.2 Analytics Providers: We share anonymized and aggregated data with analytics services (e.g., Firebase, Mixpanel, Amplitude).
  • 4.3 Data Processors: We share data with cloud providers (AWS, Firebase) and payment processors under strict data processing agreements.
  • 4.4 Public Transit Authorities: We may share general, anonymized transit usage patterns with transit authorities to improve service planning.
  • 4.5 Legal Requirements: We disclose information if required by law, court order, or government request.
  • 4.6 Business Transfers: In case of merger, acquisition, or sale of assets, your data may transfer as part of the transaction.
  • 4.7 No Sale of Personal Data: We do not sell your personal information to third parties for direct marketing. California residents have additional rights under CCPA.

5. Location Data and Tracking

  • 5.1 Foreground-Only Collection: We collect your location only while you actively use the app. We do not collect background location data.
  • 5.2 Permission Required: Precise location is collected only with your explicit permission in the app and on your device.
  • 5.3 Disabling Location: You can disable location access anytime in your device settings, though this may limit route accuracy.
  • 5.4 Location Retention: Precise location data is not stored permanently. Aggregated, anonymized location patterns may be retained for traffic analysis.
  • 5.5 User Control: You have full control over location permissions at the device level (iOS Privacy Dashboard, Android Location Sharing).

6. Advertising and Behavioral Tracking

  • 6.1 Ad Partners: We use third-party ad networks that may independently collect your advertising ID, IP address, device type, and usage patterns.
  • 6.2 Personalized Ads: Ad partners use this data to show you relevant advertisements based on your interests and behavior.
  • 6.3 User Control: You can opt out of personalized advertising:
  • • iOS: Settings > Privacy > Apple Advertising > Turn off Personalized Ads
  • • Android: Google Settings > Manage Your Google Account > Data & Privacy > Ad Settings > Manage Your Google Ad Settings
  • 6.4 Ad Network Transparency: Ad partners operate under their own privacy policies. Visit their sites for details:
  • • Google AdMob: https://policies.google.com/privacy
  • • Facebook: https://www.facebook.com/privacy/explanation
  • • AppLovin: https://www.applovin.com/privacy
  • 6.5 Frequency Capping: We limit ad frequency to avoid excessive ad exposure.

7. Cookies and Web Tracking Technologies

  • 7.1 Cookies on Our Website: We use cookies to remember your preferences, analyze site traffic, and measure marketing effectiveness.
  • 7.2 Types of Cookies: Session cookies (temporary), persistent cookies (long-term), first-party cookies (set by us), and third-party cookies (set by analytics and ad partners).
  • 7.3 Cookie Control: You can manage cookies through your browser settings. Disabling cookies may affect website functionality.
  • 7.4 Third-Party Analytics: We use Google Analytics and similar services. These track your interactions to help us understand user behavior.
  • 7.5 Opt-Out Options: You can opt out of Google Analytics: https://tools.google.com/dlpage/gaoptout

8. Data Retention

  • 8.1 Active Users: While your account is active, we retain your data to provide services.
  • 8.2 Inactive Accounts: After 12 months of inactivity, we may delete personal data unless required by law.
  • 8.3 Analytics Data: Aggregated, anonymized analytics data may be retained indefinitely for service improvement.
  • 8.4 Location Data: Precise location data is not retained permanently; only anonymized traffic patterns are kept.
  • 8.5 Deletion Requests: You can request deletion of your data anytime by contacting us.

9. International Data Transfers

  • 9.1 Global Operations: Your data may be transferred to, processed, and stored in countries outside your country of residence, including the United States.
  • 9.2 Data Adequacy: We comply with GDPR, CCPA, and other privacy laws when transferring data internationally.
  • 9.3 Standard Contractual Clauses: We use Standard Contractual Clauses (SCCs) and other mechanisms approved by regulators to protect international transfers.
  • 9.4 Data Protection: Even if transferred internationally, your data is protected under the same security standards.

10. User Rights and Controls

  • 10.1 Right to Access (GDPR Art. 15, CCPA § 1798.100): You can request a copy of the personal data we hold about you.
  • 10.2 Right to Correction (GDPR Art. 16, CCPA § 1798.106): You can request that we correct inaccurate data.
  • 10.3 Right to Deletion/Erasure (GDPR Art. 17, CCPA § 1798.105): You can request deletion of your personal data, subject to legal obligations.
  • 10.4 Right to Portability (GDPR Art. 20): You can request your data in a portable, machine-readable format.
  • 10.5 Right to Opt-Out (CCPA § 1798.120): California residents can opt out of the sale or sharing of personal information.
  • 10.6 Right to Object (GDPR Art. 21): You can object to certain processing activities.
  • 10.7 Right to Restrict Processing (GDPR Art. 18): You can request limitation of certain processing activities.
  • 10.8 Exercising Rights: To exercise any of these rights, contact us at support@sayr.app with "Privacy Request" in the subject line. We will respond within 30 days (or as required by law).

11. Security

  • 11.1 Encryption: We use HTTPS encryption for data in transit and AES-256 encryption for sensitive data at rest.
  • 11.2 Access Controls: Employee access to personal data is restricted and logged.
  • 11.3 Third-Party Audits: We conduct regular security assessments and audits.
  • 11.4 No Absolute Security: While we use industry-standard security measures, no system is 100% secure. We cannot guarantee absolute protection against breaches.

12. California Privacy Rights (CCPA)

  • 12.1 Applicability: These rights apply to California residents whose personal information is collected by Sayr.
  • 12.2 Right to Know: You have the right to know what personal information we collect, use, share, or sell.
  • 12.3 Right to Delete: You can request deletion of personal information, subject to exceptions.
  • 12.4 Right to Opt-Out: You can opt out of the sale or sharing of your personal information for cross-context behavioral advertising.
  • 12.5 Right to Correct: You can request correction of inaccurate personal information.
  • 12.6 Right to Limit Use: You can limit how we use sensitive personal information.
  • 12.7 No Discrimination: We will not discriminate against you for exercising your CCPA rights.
  • 12.8 Authorized Agent: You can designate an authorized agent to submit requests on your behalf.

13. GDPR Rights (European Users)

  • 13.1 Legal Basis: We collect data based on your consent, legitimate interest, or contract performance.
  • 13.2 Data Protection Officer: For questions about GDPR compliance, contact our Data Protection Officer at privacy@sayr.app.
  • 13.3 Supervisory Authority: You have the right to lodge a complaint with your local data protection authority (e.g., CNIL in France, ICO in UK).
  • 13.4 Data Processing Agreements: We have Data Processing Agreements in place with all data processors.

14. Children's Privacy

Sayr is not intended for children under 13. We do not knowingly collect personal information from children under 13. If we learn that we have collected data from a child under 13, we will delete it promptly. If you believe a child under 13 has provided information to us, please contact us immediately.

15. Do Not Track Signals

Some browsers include a "Do Not Track" feature. Our app and website do not currently respond to DNT signals, but you can control tracking through device settings, browser preferences, and our privacy controls.

16. Third-Party Links

Our app and website may contain links to third-party websites and services. This Privacy Policy does not apply to third-party sites. We are not responsible for their privacy practices. Please review their privacy policies before sharing your information.

17. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, or legal requirements. We will notify you of material changes by updating the "Last Updated" date and posting the new policy in the app and on our website. Your continued use of Sayr constitutes acceptance of the updated policy. We encourage you to review this policy regularly.

18. Contact Us

  • For questions, requests, or concerns about this Privacy Policy or our data practices, please contact us at:
  • Email: support@sayr.app
  • Address: [Your Company Address]
  • Response Time: We aim to respond to privacy requests within 30 days or as required by applicable law.
  • Data Protection Officer: privacy@sayr.app

If you have questions about this privacy policy, please contact us at support@sayr.app