Privacy Policy for Greedy
Last updated: October 10, 2025
Owner: Ondara LLC, 55 Pineswamp Rd, Ipswich, MA
Contact: jackson@ondara.io
Greedy is an accountability app that lets you set personal contracts tied to a location, a time, and a monetary stake. If you’re not at the chosen place by the chosen time, the stake is charged.
1) What We Collect & Why
We only collect what’s needed to run the core feature.
Account Info (you provide): email and password (stored as a secure hash).
Why: create and secure your account; send receipts/important notices.Location Data (precise): background/“Always Allow” location access to verify arrival at the time/place you set. We do not continuously record a location trail; we record event logs necessary to confirm whether you arrived on time (e.g., geofence entry/exit or check-in attempt with timestamp and lat/long).
Why: core app functionality—automatic check-in/enforcement.Payment Information: processed by Stripe. We don’t store full card numbers. We place a pending authorization/hold when you create a stake; if you arrive on time, we void/cancel the hold; if you miss, we capture the charge. We may issue refunds for verified extenuating circumstances.
Why: process stakes and payments securely.Diagnostics: crash logs and error reports (e.g., via Firebase Crashlytics) that can include device info and app state at crash time.
Why: maintain reliability and troubleshoot issues.
Not collected: contacts, photos, advertising IDs, behavioral analytics, or third-party ad tracking.
2) How We Use Data
Run the app (verify presence, trigger/void charges, receipts).
Secure accounts, prevent fraud/abuse, and maintain reliability.
Provide support and comply with legal/financial obligations.
3) Sharing & Processors
We don’t sell your data. We share only with service providers that act on our behalf under contracts requiring equal or stronger protection:
Stripe (payments, holds/captures, refunds) – https://stripe.com/privacy
Google Firebase (auth/database/hosting) – https://firebase.google.com/support/privacy
Firebase Crashlytics (diagnostics) – part of Firebase privacy above
4) Data Retention & Deletion
Location event logs: deleted after the relevant contract/event is closed (e.g., once enforcement and any dispute window you define operationally has completed).
Account data: kept while your account is active.
Payment records: retained as required by law (e.g., tax, accounting).
Diagnostics: retained per provider defaults (typically 14–26 months).
Delete Account/Data: In-app “Delete Account” removes your profile and app-stored data. Some transaction/payment records may be retained as required by law. You can also email jackson@ondara.io for help.
5) Consent & Your Choices
On first run (and when needed), we request “Always Allow” location to support automatic check-ins. If you revoke location permission, Greedy’s core features will not function. You can change permissions in iOS Settings → Privacy & Security → Location Services.
We do not use your data for cross-app tracking or targeted advertising.
6) Children
Greedy is not intended for users under 16, and we do not knowingly collect personal data from children under 13. If you believe a minor has provided data, contact us to delete it.
7) Security
We use TLS/HTTPS in transit, provider encryption at rest, least-privilege access, and authentication safeguards. No method is 100% secure, but we work to protect your data.
8) International Transfers
We currently launch in the United States. Our providers may process data on servers in the U.S. and other locations consistent with their policies and applicable law.
9) Your Rights (U.S.)
Depending on your state (e.g., California), you may have rights to access, delete, or limit use of your personal information. To exercise a right or appeal a decision, email jackson@ondara.io.
10) Changes
We may update this policy. We’ll change the “Last updated” date and, if material changes occur, provide in-app notice or email.
Contact: Ondara LLC · 55 Pineswamp Rd, Ipswich, MA · jackson@ondara.io