1. Information we collect
a. Account information
When you create an account we collect your email address and a password hash. You may optionally add a display name. Anonymous (guest) accounts are tied only to a randomly generated identifier.
b. Location information
With your permission, we use your device's approximate or precise location to sort restrooms by distance and to center the map. Location is processed on your device. We do not store your raw coordinates on our servers.
c. Content you submit
Restroom entries, edits, photos, votes, verifications, and notes you submit are stored and shown publicly inside the Service. Treat anything you post as public.
d. Technical & diagnostic data
We collect basic logs (IP address, request timestamps, error traces, device/OS type) for security, abuse prevention, and reliability.
2. How we use information
- Operate the map, search, and restroom database.
- Authenticate users and prevent abuse, spam, and fraud.
- Moderate user-generated content and enforce our Terms.
- Communicate transactional messages (email confirmation, account changes, security).
- Improve performance, debug issues, and develop new features.
We do not sell your personal information and we do not use it for cross-app advertising.
3. Legal bases (EEA / UK)
- Contract — to provide the Service you signed up for.
- Legitimate interests — to keep the Service safe, secure, and reliable.
- Consent — for device location access, which you can withdraw any time in your OS settings.
- Legal obligation — when required by law.
4. Sharing
- Other users see content you publish (entries, votes, notes, display name).
- Service providers who host infrastructure, send transactional email, or provide map and place-search services. Today this includes our backend hosting provider and Google Maps Platform. These providers process data under contract on our behalf.
- Authorities when required by valid legal process.
- Successors in the event of a merger, acquisition, or asset sale, subject to this Policy.
5. International transfers
Data may be processed in countries other than your own. Where required, we rely on appropriate safeguards such as the EU Standard Contractual Clauses.
6. Retention
Account data is kept while your account is active. Public contributions may remain visible after deletion in anonymised form for the integrity of the dataset. Diagnostic logs are kept for up to 90 days.
7. Your rights
Depending on where you live, you may have the right to access, correct, export, or delete personal data, to object to or restrict processing, and to lodge a complaint with a supervisory authority. You can exercise most of these from inside the app, or by contacting support@rx-net.com.
California (CCPA/CPRA)
California residents have rights to know, delete, correct, and limit the use of sensitive personal information, and to non-discrimination for exercising these rights. We do not sell or share personal information for cross-context behavioural advertising.
8. Account & data deletion
You can delete your account and personal contributions at any time inside the app from Profile → Delete my account, or by following the steps at https://www.rx-net.com/data-deletion.
9. Children
The Service is not directed to children under 13 (or under 16 in the EEA/UK). We do not knowingly collect personal information from children. If you believe a child has provided us with information, contact us and we will delete it.
10. Security
We use encryption in transit (TLS), encrypted storage, access controls, and audit logging. No system is perfectly secure; please use a strong, unique password.
11. Changes
We may update this Policy. Material changes will be announced in-app or by email. The "Effective" date above shows the latest revision.
12. Contact
Privacy questions: support@rx-net.com.