Privacy Policy

1. Information We Collect

We collect information in three ways: (1) information you provide directly, (2) information we collect automatically, and (3) information from third parties.

Information You Provide

• Account Information: When you create an account, we collect your name, email address, and password (hashed and salted). If you use Sign in with Apple or Google, we receive your name, email, and a unique identifier from those services.
• Profile & Preferences: Policy issues you follow, representatives you track, bills you save, notification preferences, display settings (theme, language), and saved searches.
• Political Interest Data: When you follow issues, bills, or vote on legislation, this may reveal your political interests. We treat this as sensitive data and use it only to personalize your experience.
• Communications: When you contact support or provide feedback, we collect your email content and any attachments you send.
• Payment Information: If you make a donation, payment processors (Stripe, Apple Pay) collect your billing information. We receive only transaction IDs, amounts, and dates—never full credit card numbers.

Information We Collect Automatically

• Usage Data: Pages/screens viewed, features used, buttons clicked, time spent in app, session duration, and frequency of use.
• Device Information: Device type, operating system version, app version, device identifiers (advertising ID—which you can reset), screen size, and language settings.
• Location Data (Optional): If you grant permission, we collect your precise GPS location or approximate location based on IP address. This helps us show you your correct representatives. You can disable this anytime in device settings.
• Cookies & Similar Technologies: On our website, we use cookies, local storage, and similar technologies. See Section 13 for details.
• Log Data: IP addresses, browser type, referring/exit pages, timestamps, and clickstream data. Logs are retained for 90 days.
• Performance & Crash Data: Error logs, crash reports, performance metrics, and diagnostic information to improve app stability.

Information from Third Parties

• Authentication Providers: If you sign in with Apple or Google, we receive basic profile information as permitted by those services.
• Public Government Data: We collect publicly available information about bills, votes, and representatives from official government sources (Congress.gov, House/Senate websites, FEC data).

2. How We Use Information

• Provide and maintain the Services.
• Personalize content you see.
• Send notifications you opt into and essential service communications.
• Communicate your votes and interests to your representatives on your behalf.
• Analyze usage to improve features and reliability.
• Process payments/donations and provide tax receipts where applicable.
• Detect, prevent, and address fraud, abuse, and security incidents.
• Comply with legal obligations and enforce our terms.

3. How We Share Information

We do not sell your personal information. We share information only with:

• Service Providers/Processors: hosting/storage (e.g., Google Cloud Platform), analytics (e.g., PostHog—self-hosted or cloud), crash/diagnostics, email providers, customer support, and payment/donation processors (e.g., Stripe; Apple in-app payments).
• Compliance & Safety purposes.
• Business Transfers (e.g., merger or reorganization) as permitted by law.

We may share aggregated or de-identified data that cannot reasonably identify you.

4. Legal Bases (GDPR/UK GDPR)

• Performance of a contract
• Legitimate interests (balanced against your rights)
• Consent (e.g., notifications, location, certain analytics)
• Legal obligation

5. Your Rights & Choices

• Access/Correction/Deletion: request a copy, fix inaccuracies, or delete your data/account (in-app where available or email us).
• Portability: request export of certain data.
• Opt-outs: manage notifications in app/device settings; toggle analytics where available; unsubscribe from marketing emails.
• CPRA (California): we do not "sell" or "share" personal information for cross-context behavioral advertising. Exercise rights to know, delete, correct, and non-discrimination.
• EEA/UK: object to processing based on legitimate interests and lodge a complaint with your supervisory authority.

Contact: hello@breakdown.us

6. Data Retention

We retain data only as long as necessary for the purposes above and to meet legal obligations. Account data is retained until you delete your account or request deletion; payments data is retained as required by law; diagnostic logs have shorter retention windows.

7. Security

We use appropriate technical and organizational measures (encryption in transit, access controls, monitoring). No method is 100% secure.

8. International Transfers

If data is transferred internationally (e.g., to the U.S.), we use appropriate safeguards such as Standard Contractual Clauses where required.

9. Children's Privacy

Not directed to children under 13 (or under 16 in the EEA/UK). If you believe a child provided data, contact us to delete it.

10. Do Not Track

We do not respond to DNT signals due to lack of a consistent industry standard. Use the privacy controls described here.

11. Changes to This Policy

We may update this Policy. We will post the new version and update the effective date. Material changes may be announced in-app.

12. Contact Us

Jurisdiction-Specific Disclosures

Appendix: Key Service Providers

• Hosting/Storage: Google Cloud Platform
• Analytics: PostHog (self-hosted or cloud)
• Payments/Donations: Stripe and/or Apple (in-app purchases)
• Email/Support: Email delivery/helpdesk providers

(We will update this list if materially changed.)