← Diário das Francesinhas

Privacy Policy

Diário das Francesinhas

Last updated: 11 April 2026

1. Who We Are

This Privacy Policy explains how Diário das Francesinhas processes personal data. The app is provided by Ricardo Rocha ("we", "us", "our").

Contact: contact@ricardorocha.dev

2. Scope

This policy applies to personal data processed through the mobile app and related backend services, including account authentication, personal journal entries, community feed interactions, and moderation workflows.

3. Data We Process

Depending on how you use the app, we may process:

  • Account data: user ID, email address, display name (from authentication provider).
  • Journal data: ratings, comments, date, place/address, coordinates, and saved places.
  • Media data: photos uploaded by users.
  • Feed data: posts, moderation status (for example pending/approved/rejected), likes, and related metadata.
  • Technical/security data: logs and operational metadata needed for reliability and abuse prevention.

4. Why We Process Data (Purposes and Legal Bases)

  • To provide core app features (journal, sync, map/feed features) - performance of a contract.
  • To authenticate users and secure accounts - performance of a contract and legitimate interests.
  • To moderate community content and reduce abuse/spam - legitimate interests.
  • To maintain security and integrity of services - legitimate interests and legal obligations where applicable.

5. Automated Photo Moderation and Safeguards

For community feed posts, uploaded photos are analyzed by an automated backend moderation pipeline. The pipeline includes image validation checks to determine whether content is likely related to francesinha posts and additional safety checks to reduce the risk of inappropriate content.

Moderation decisions may set a post to pending, approved, rejected, or manual review. No automated system is perfect. False positives and false negatives may occur. To mitigate this risk, we apply confidence thresholds, quarantine logic, and human review pathways when needed.

6. Reports, Appeals, and Human Review

If you believe a moderation decision is incorrect, you may request a review by contacting us. Users may also report potentially inappropriate content. Reported content may be re-evaluated manually and/or by additional automated checks.

7. Data Sharing and Processors

We use trusted third-party infrastructure providers to operate the app, such as:

  • Firebase services (Authentication, Firestore, Storage)
  • Google Play Services / Google Maps / Places APIs (where enabled)

These providers process data on our behalf under their own contractual and legal terms.

8. International Data Transfers

Your data may be processed in countries outside your own, including outside the EEA/UK. Where required, appropriate safeguards are used (for example contractual protections and provider compliance mechanisms).

9. Data Retention

We keep personal data only for as long as necessary to provide the service, comply with legal obligations, resolve disputes, and enforce terms. User-generated content may be removed by users in-app where supported, or upon request where applicable.

10. Your GDPR Rights

If you are in the EEA/UK, you may have rights to:

  • access your personal data,
  • rectify inaccurate data,
  • erase data ("right to be forgotten"),
  • restrict or object to certain processing,
  • data portability,
  • request human review of significant automated decisions where applicable,
  • lodge a complaint with your local supervisory authority.

To exercise your rights, contact: contact@ricardorocha.dev.

11. Security

We apply reasonable technical and organizational measures to protect personal data, including access controls and service-level security features. No method of transmission or storage is 100% secure.

12. Children's Privacy

The service is not directed to children under 13. In jurisdictions where a higher digital consent age applies (for example some EEA countries between 13 and 16), we require compliance with local law, including parental/guardian consent where required.

We do not knowingly collect personal data from children without an appropriate legal basis. If you believe a child provided personal data unlawfully, contact us and we will review and, where appropriate, delete such data.

13. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be reflected on this page with an updated "Last updated" date.

14. Contact

Privacy questions or requests: contact@ricardorocha.dev