Privacy Notice

Last updated: June 12, 2026

1. Who we are

FlushMap ("the Service") is operated by the FlushMap team ("we", "us"), who acts as the data controller for personal data processed in connection with the Service.

2. Personal data we collect

  • Account data: email address, name, and authentication identifiers (including identifiers from sign-in providers such as Google and Apple).
  • User content: bathroom listings, ratings, reviews, and any other content you submit.
  • Photos: images you upload for bathroom listings or reviews. These are stored in our hosted object storage and are publicly viewable when attached to a public listing or review.
  • Approximate location: when you opt in, to surface nearby bathrooms.
  • Usage and device data: IP address, browser/device identifiers, pages viewed, and basic telemetry needed to operate and secure the Service.
  • Install and app events: anonymous records of app installs, opens, and other product events used to measure performance and detect abuse.
  • Notifications: in-app notification records, and — if you opt in — email or push notification preferences and delivery state (including unsubscribe tokens and bounce/complaint suppression lists).
  • Subscription and Pro status: records of Pro unlocks and subscription state (plan, status, renewal/cancellation dates) returned by our payment provider.
  • Contact messages: messages you send through in-app contact forms and our replies to them.
  • Support communications: any messages you send us.
  • Transaction metadata: when you tip, our payment provider Paddle processes your payment. We receive a transaction record (amount, currency, status, timestamp) but do not see or store your full card details.

3. How we use personal data

  • To provide, maintain, and improve the Service (contract performance / legitimate interests);
  • To create and secure your account and prevent fraud and abuse (legitimate interests / legal obligation);
  • To process voluntary tips and keep a record of them (contract performance);
  • To respond to your support requests (legitimate interests);
  • To comply with applicable legal obligations.

4. Sharing of personal data

We share personal data with the following categories of recipients:

  • Service providers / subprocessors that host and operate the Service (database, authentication, analytics, error monitoring).
  • Paddle.com, our Merchant of Record, for processing payments, subscription management, invoicing, and tax compliance.
  • Sign-in providers (Google, Apple) when you choose to use them.
  • Authorities where required by law or to protect rights, safety, or property.

5. International transfers

Our providers may process data in countries outside your own. Where required, we rely on appropriate safeguards such as Standard Contractual Clauses or adequacy decisions.

6. Data retention and deletion policy

We retain personal data only as long as needed to provide the Service, comply with legal obligations, resolve disputes, and enforce agreements.

  • Account data (email, name, auth identifiers): retained while your account is active. If you delete your account, this data is permanently removed within 30 days, except where we must retain it for legal or tax reasons.
  • User content (bathroom listings, ratings, reviews, photos): retained until you delete the content or your account. Public listings and reviews may remain visible until explicitly removed by you or a moderator.
  • Approximate location: processed ephemerally to show nearby results and not stored long-term.
  • Usage and device data / telemetry: retained for up to 90 days, then deleted or aggregated into anonymised statistics that cannot identify you.
  • Support communications: retained for 12 months from the last message to help resolve follow-up issues, then deleted.
  • Transaction metadata (tips): retained for 7 years to meet tax and accounting obligations, then deleted.
  • Backups: encrypted backups may retain deleted data for up to 30 days beyond the periods above before being purged.

How to request deletion: You can delete your account and associated data directly from the Service settings, or contact us to request deletion of specific data. We will confirm receipt and complete deletion within 30 days unless a legal obligation requires longer retention.

What happens after deletion: Once deleted, personal data is permanently removed from active systems and databases. Aggregated or anonymised statistics derived from your data may remain, but these cannot be linked back to you.

7. Your rights

Subject to applicable law, you may have the right to access, correct, delete, restrict, or port your personal data, object to certain processing, and withdraw consent. EU/UK residents also have the right to lodge a complaint with their local supervisory authority. To exercise these rights, contact us at the address below.

8. Security

We use appropriate technical and organisational measures, including encryption in transit, access controls, and audit logging, to protect personal data. No method of transmission or storage is 100% secure.

9. Cookies

We use essential cookies and similar technologies to keep you signed in and to operate core features of the Service. You can manage cookies through your browser settings.

10. Children

The Service is not directed to children under 13 (or the applicable minimum age in your country) and we do not knowingly collect personal data from them.

11. Changes

We may update this Privacy Notice from time to time. Material changes will be communicated through the Service.

12. Contact

For privacy questions or to exercise your rights, contact the FlushMap team via the contact methods provided on the Service.