Privacy Policy

Last updated: 09 August 2025

This Privacy Policy explains how Birdby ("Birdby," "we," "us," or "our") collects, uses, and shares information when you visit https://birdby.app (the "Website") or use the Birdby mobile and web applications (collectively, the "App"). Birdby is an AI-powered bird identification companion that offers chat, insights, and personalized features.

By accessing or using the App or Website, you agree to this Privacy Policy and our Terms of Use. If you do not agree, please do not use Birdby.

1. Information We Collect

• Account and Profile Information: Email, username, and password when you register. We also support OAuth sign-in via Apple and Google; we receive identifiers needed to authenticate but do not obtain your social media content.
• Authentication Data: We maintain an authentication token to keep you signed in. On mobile, this token is stored in secure device storage. We also support anonymous accounts that may later be converted to registered accounts.
• Content You Provide: Messages, prompts, chat histories, and any media you upload (e.g., images or files) to use App features.
• Device and Usage Information: Device model, OS version, app version, IP address, language, in-app events, and general interaction data. We may infer coarse location from IP address; we do not collect precise GPS location.
• Crash and Diagnostics: Crash reports and diagnostics to help us troubleshoot and improve stability.
• Push Notification Tokens: If you enable notifications, we collect a device push token to deliver them. You can disable notifications in your device settings.
• Purchase Information: Subscription and purchase status, entitlement information, and related identifiers necessary to provide paid features and restore purchases. In-app purchases are processed by Apple App Store or Google Play. Birdby does not receive full payment card details.
• Advertising and Identifiers: If you use the ad-supported experience, we may collect or access advertising identifiers (e.g., IDFA/GAID) and show ads through our partners. Where required, we request consent and honor your platform ad settings.
• Cookies and Similar Technologies (Website): We use cookies and similar technologies on the Website for essential functionality, analytics, and preference storage. Your browser may offer controls to manage cookies.

2. How We Use Information

• Provide, operate, and improve the App and Website
• Authenticate users, maintain sessions, and secure accounts
• Deliver chat and personalization features
• Process purchases, manage entitlements, and restore access
• Measure performance and usage (analytics) and improve quality (crash logs)
• Show ads (where applicable) and measure ad performance, subject to consent where required
• Send service communications, updates, and, where permitted, marketing messages
• Comply with law, enforce terms, and protect the rights, safety, and security of users and the service

3. Legal Bases (EEA/UK users)

Where GDPR or similar laws apply, we rely on one or more of the following legal bases: performance of a contract, legitimate interests (e.g., to secure and improve the App), consent (e.g., cookies/ads where required), and compliance with legal obligations.

4. Sharing and Disclosures

We do not sell your personal information. We may share information with:

• Service Providers: To host, process, and operate the App (e.g., backend, analytics, crash reporting, messaging, ads, payments/subscriptions).
• Analytics and Crash Reporting: Google Firebase Analytics and Crashlytics to measure usage and improve reliability.
• Advertising Partners: Google Mobile Ads to show and measure ads (subject to consent where required). We use industry-standard consent tooling where applicable.
• Subscription and Purchase Processing: RevenueCat to manage entitlements, link purchases to your account, and restore access.
• Authentication: Apple and Google for optional sign-in.
• Backend: Our API and database services (PocketBase) to store accounts, chats, and history.
• Legal/Compliance: If required by law, to protect rights and safety, or in connection with a merger, acquisition, or asset transfer.

5. Cookies and Choices

On the Website, you can manage cookies via your browser settings. Mobile platforms provide settings to reset or limit advertising identifiers (IDFA/GAID). We do not respond to "Do Not Track" signals. In supported regions (e.g., EEA/UK), we use consent dialogs for non-essential cookies/analytics and ad personalization where legally required. You can update your choices at any time via the Website's cookie preferences link.

6. Data Retention

We retain information as long as necessary to provide the App, comply with law, resolve disputes, and enforce agreements. Retention varies by data type, account status (e.g., active vs. deleted), and legal requirements.

7. Your Rights

Depending on your location, you may have rights to access, correct, delete, or port your data; object to or restrict certain processing; and withdraw consent where processing is based on consent. To exercise these rights, contact us at the email below. If you delete your data, some features may no longer work. You may also have the right to complain to a supervisory authority.

8. Security

We use technical and organizational measures appropriate to the risk (e.g., secure storage for tokens, encryption in transit) to protect your information. No method of transmission or storage is fully secure.

9. International Transfers

We may process and store information in countries outside your own. Where required, we implement appropriate safeguards for cross-border transfers, such as the European Commission's Standard Contractual Clauses for transfers to countries without an adequacy decision.

10. Children's Privacy

Birdby is not directed to children. We do not knowingly collect personal information from children under 13 (or under 16 in the EEA/UK). If you believe a child has provided information, contact us and we will take steps to delete it.

11. Changes to This Policy

We may update this Privacy Policy. We will post updates here and update the "Last updated" date. Material changes will be communicated as required by law.

12. Contact Us

If you have questions or wish to exercise your privacy rights, contact us:

Email: info@pixoby.space

Links: Terms of Use, Privacy

13. California Privacy Rights (CPRA)

California residents have the right to know, access, correct, delete, and port certain personal information, and to opt out of the sale or "sharing" (cross-context behavioral advertising) of personal information. We do not sell personal information. To the extent our use of advertising partners constitutes "sharing," you may opt out by contacting us at info@pixoby.space with the subject "CPRA Opt-Out." Where supported, we will honor applicable opt-out preference signals (e.g., Global Privacy Control) as required by law.