DiscRadar Privacy Policy

Last updated: May 2026

1. Introduction

DiscRadar takes your privacy seriously. This Privacy Policy explains what personal data we collect, why we collect it, who we share it with, how long we keep it, and what rights you have under the General Data Protection Regulation (GDPR) and other applicable laws, including Google Play data safety requirements.

By creating an account or using DiscRadar, you confirm that you have read and understood this policy.

Data controller: DiscRadar (operator of the DiscRadar mobile application).
Contact: privacy@discradar.app (replace with your official support email before publication)


2. Age rating

DiscRadar is not directed at children under 13. You must be 13 years of age or older to create an account and use the app. We do not knowingly collect personal data from children under 13. If you believe a child has provided us with data, contact us and we will take steps to delete it.


3. Data encryption

All data sent between the DiscRadar app and our backend services is encrypted in transit using industry-standard HTTPS and TLS. Firebase Authentication, Cloud Firestore, Firebase Storage, and Firebase Cloud Messaging use encrypted connections by default.

Data at rest on Google Cloud infrastructure is protected by Google’s platform security measures. Local caches on your device (see Section 11) are stored in the app’s private storage area and are not shared with other apps.


4. Identifiers & account data (Table A)

What we collect Why we collect it Shared with
Firebase user ID (UID) Sign-in, security, linking your data to your account Google (Firebase Authentication)
Email address Account recovery, moderation, feedback, ban enforcement Google (Firebase Auth); stored on your profile in Firestore when applicable
Sign-in provider (email/password, Google, Facebook) and OAuth tokens exchanged at login Authentication only; tokens are handled by Firebase Auth, not stored in chat messages Google (Firebase Auth); Meta (Facebook Login) when you choose Facebook sign-in
Display name Shown in profiles, pins, and chats Other signed-in DiscRadar users
Friend code (4-digit) Lets friends find and add you Other signed-in users who search your code
FCM device token Push notifications (new pins on followed courses, chat messages, friend DMs) Google (Firebase Cloud Messaging). Notification previews may include sender name and a short excerpt of message text.

Legal basis (GDPR): Performance of a contract (providing the service); legitimate interests (security and abuse prevention). Push notifications rely on your device permission (consent where required).


5. Profile & optional data (Table B)

What we collect Why we collect it Shared with
Profile photo Personalise your profile and chats Other users when your profile or messages are shown; stored in Firebase Storage
City, age, gender, bio, disc golf club, rating Optional profile fields you choose to add Other signed-in users on profile and chat views
blockedUserIds (list of user IDs you blocked) Safety: hide blocked users’ pins on your map Stored in Firebase; used for app-side filtering (not published as a public list)

Legal basis: Contract; legitimate interest (community safety).


6. Location data (Table C) — sensitive

What we collect Why we collect it Shared with
Device GPS (when you grant location permission) Centre the map on your position; proximity alerts (“bell”) for new pins within about 1 km of courses you follow Processed on your device; not sold to advertisers. Map tiles are loaded from Google Maps (see Section 12).
Pin coordinates (latitude/longitude + geohash) when you create a pin Show players on the shared map, link pins to disc golf courses All authenticated DiscRadar users can see active pins on the map

Important disclosure: Location permission and pin placement are core to the map and bell experience. If you deny location access, the app can still work with a default map view, but GPS-centred map behaviour and proximity alerts will be limited. Pin locations you place are visible to other players by design.

Legal basis: Contract; consent for device location where required by your OS.


7. User-generated content (Table D)

What we collect Why we collect it Shared with
Pin text (“chat description”), skill level, game type Core gameplay and map markers Authenticated users
Pin & group chat messages (text up to ~2,000 characters) Communication on a pin Chat participants; push previews via FCM
Friend direct messages (text up to ~280 characters) Private messaging between friends Recipient; Firebase; push previews via FCM
Chat images (JPEG) Rich chat on pins Firebase Storage (chat_images/…); URLs in Firestore; participants in the chat

Legal basis: Contract; legitimate interest (moderation and safety).


8. Retention (data storage duration)

Data type Retention
Active map pins Automatically expire and drop out of active queries after approximately 4 hours from creation.
Pin and friend chat messages Retained in Firestore until deleted by users (where allowed), pin/account cleanup, or moderation. Needed for chat history and safety.
Reports, ban records, feedback Retained as long as necessary for moderation, legal compliance, and support (admin access only where rules restrict).
FCM tokens Updated while you use the app; removed when you delete your account or disable notifications.
Local caches (Hive, SharedPreferences) Stay on your device until you clear app data or uninstall.

9. Social graph (Table E)

What we collect Why we collect it Shared with
Friends list (friends_list: UID, display name, friend code, photo URL) Friends feature and chat Your friends (mutual list updates); Firebase
Friend requests (pending) Add friends by code Sender and recipient; Firebase
Friend code lookup (friend_codes) Map 4-digit code → user Firebase (authenticated users only)
Friend DM threads (friend_chats) 1:1 messaging Recipient; Firebase

10. Moderation & compliance (Table F)

What we collect Why we collect it Shared with
User reports (reporterId, reportedUserId, pinId, details) Community safety and admin review Admins via Firestore
Ban records (banned_users, banned_emails) Enforce suspensions Firebase; checked at sign-in
In-app feedback (topic, description, email, userId) Support and product improvement Admins via Firestore; archived copies may move to feedbacks_SAVED

11. Technical & local data (Table G)

What Where it stays Shared with third parties?
Language choice, translation cache, sound preferences, friend-request cooldown timestamps Your device (SharedPreferences) No (not uploaded as a separate export)
Cached friends list for faster UI Your device (Hive) No
Google ML Kit on-device translation UI strings translated locally; language models may be downloaded from Google Google (model delivery only). No ad tracking.
Firebase App Check Fraud and abuse prevention Google (integrity signals)

Bundled UI translations for English and Norwegian ship inside the app. Other languages may be generated on-device via ML Kit and cached locally.


12. International transfers & subprocessors (Table H)

DiscRadar uses cloud services that may process data outside your country, including outside the European Economic Area (EEA).

Subprocessor Service Notes
Google LLC / Google Cloud Firebase Authentication, Cloud Firestore, Firebase Storage, FCM, App Check, Google Sign-In, Google Maps Platform, ML Kit Transfers may rely on Standard Contractual Clauses (SCCs) and, where applicable, the EU–US Data Privacy Framework.
Meta Platforms Facebook Login (optional) OAuth for sign-in only when you choose Facebook.
Google Cloud Functions Server-side push triggers Deployed in europe-west1 (Belgium) for Firestore-triggered notifications.

We do not sell your personal data. We do not use Firebase Analytics, Crashlytics, or third-party advertising SDKs in the current app build.


13. Account deletion

You may delete your account from Settings in the app. After you re-authenticate, our AccountDeletionService and AccountDeletionCleanup remove your data from our servers in this order (while your sign-in session is still valid):

  1. Pins you created — pin documents, their chat messages, and any chat images in Firebase Storage.
  2. Chat messages you sent — text messages you posted in pin group chats and friend direct messages are permanently deleted from Firestore (including messages on pins owned by other users). Any image attachments linked to those messages are removed from Storage where applicable.
  3. Social and activity data — your friends list document, incoming and outgoing friend requests, course-follow records, your public friend-code mapping, and feedback you submitted through the app. You are removed from friends’ contact lists where possible.
  4. Participation metadata on pins — your user ID is removed from participantIds and unreadForUsers on pins you joined.
  5. Profile and files — your users/{uid} profile (including notification tokens), avatar (users/avatars/{uid}.jpg), and legacy profile images in Storage.
  6. On-device cache — locally cached friends data (Hive) for your account is cleared.
  7. Sign-in account — your Firebase Authentication user is deleted and you are signed out.

Chat threads after deletion

Reports, ban records, or archived moderation copies may be retained as described in Section 8.


14. Your rights & contact

If you are in the EEA/UK, you may have the right to:

To exercise your rights, contact us at privacy@discradar.app or use the in-app Feedback form.

We may update this policy from time to time. Material changes will be reflected in the app and, where required, by notice to users.