Introduction

Urban Systems Group LLC ("PlatePin," "we," "us," or "our") operates the PlatePin mobile application and related services. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

We are committed to protecting your privacy and being transparent about our data practices. This policy is written to be accurate to how our systems actually operate.

1. Information We Collect

1.1 Information You Provide Directly

Account Information

Email address (required for account creation)
Username (required, user-chosen)
Phone number (optional, for phone authentication)
Password (hashed by Firebase Authentication, never accessible to us)
Profile photo (optional)

Social Login Data (if you choose these methods)

Google OAuth: Email, display name, profile photo URL
Apple Sign-In: User ID, email (if you choose to share), full name (if you choose to share)

Report Content

License plate numbers you report or subscribe to
Report descriptions (up to 1,000 characters)
Report photos (maximum 8MB per image, EXIF metadata stripped)
Report category and severity
Sign/parking restriction details

Verification Documents (for vehicle ownership verification)

Vehicle registration or insurance card images
Documents are processed via OCR and deleted within 30 minutes after processing
Only verification status (approved/rejected) and confidence score are retained

Messages and Communications

Direct messages with other users
Temporary chat messages (expire after 24-90 days depending on type)
Lost item communications
Support inquiries

Payment Information

Processed by Stripe (verification payments) and RevenueCat (subscriptions)
We store only transaction IDs, billing city/state/postal code (not street address), and verification status
We never see or store your full credit card number

1.2 Information Collected Automatically

Location Data

City and state (always collected with reports for geographic context)
Precise GPS coordinates (only when you explicitly enable "precise location" for a report)
Geohash (approximately 150-meter precision for map clustering)
Location data is retained with reports for 14-90 days depending on report lifecycle

Device Information

Device type and operating system
App version and build number
Push notification token (for sending alerts)
Platform type (iOS/Android)

Usage Analytics (Firebase Analytics - Opt-Out Available)

Screen views and navigation patterns
Feature usage (reports created, subscriptions added)
App performance metrics
Error occurrences (with PII automatically scrubbed)

Technical Data

IP address (masked, first 3 octets only, used for rate limiting and security)
Browser/app user agent
Timestamps of activities

1.3 Information from Third Parties

Payment Processors: Transaction confirmations, AVS results, billing details (Stripe, RevenueCat)
OCR Processing: Text extracted from verification documents (Google Cloud Vision)
Authentication Providers: Basic profile information (Google, Apple)

2. How We Use Your Information

2.1 Core Service Operations

Create and maintain your account
Process vehicle reports and deliver notifications to relevant subscribers
Enable communication between users about vehicle incidents
Process vehicle ownership verification ($0.99 fee)
Provide customer support
Enforce our Terms of Service and Community Guidelines

2.2 Safety and Security

Detect and prevent fraud, abuse, and violations of our terms
Moderate content using AI (Perspective API for toxicity, Google Vision for images)
Rate limit API calls to prevent abuse
Verify device authenticity via Firebase App Check
Protect against bot and spam attacks using reCAPTCHA Enterprise

2.3 Analytics and Improvement

After opt-in consent (analytics enabled by default, opt-out available in Settings):

Understand how users interact with features
Identify and fix bugs and performance issues
Improve app functionality and user experience
Generate aggregate insights (no individual identification)

2.4 Anonymized Data and Business Intelligence

After 14-90 days (depending on report type), report data undergoes anonymization:

User identifiers are removed
License plate numbers are removed
Photos are deleted
Location data (city/state/coordinates) is preserved for geographic analysis

Anonymized data may be used for:

Creating geographic heatmaps of incident patterns
Traffic and parking trend analysis for urban planning
Safety analytics for municipalities and researchers
Commercial licensing of aggregated insights

Your personal information is NEVER included in commercial datasets.

2.5 Legal Compliance

Comply with legal obligations and valid legal process
Respond to lawful requests from law enforcement
Protect the rights, safety, and property of PlatePin and its users
Enforce our agreements and policies

3. Data Retention Schedule

We retain data for the minimum period necessary for the stated purpose:

Data Type	Retention Period	Purpose
User Profiles	Until account deletion	Service provision
Active Reports	14 days publicly visible	Community alerts
Hidden Reports	Days 14-90 (visible only to reporter and subscribers)	Reference period
Archived Reports	Anonymized, indefinite	Analytics only
Report Photos	Deleted with report (max 90 days)	Evidence verification
Direct Messages	7 days after soft delete	Communication
Temporary Chats	24 hours - 90 days (type-dependent)	Incident discussion
Sign Reports	Until sign end date + 3 days	Parking information
Verification Documents	30 minutes after OCR processing	Document verification
Verification Results	Indefinite (status only, no documents)	Ownership records
Payment Records	7 years	Legal/tax requirements
IP Activity Logs	90 days	Security/rate limiting
Audit Logs	90 days	Security compliance
Analytics Data	Per Firebase policies (13-26 months)	Service improvement

4. Data Sharing and Disclosure

4.1 With Other Users

Public Reports: Report content (without your email or phone) is visible to subscribers of that vehicle's license plate
Username Display: Your username appears on reports you create (anonymous reporting available in settings)
Messages: Only shared with conversation participants

4.2 With Service Providers (Subprocessors)

We share data with trusted service providers under data processing agreements:

Provider	Purpose	Data Shared
Google Cloud / Firebase	Hosting, database, authentication, analytics	All app data
Stripe	Payment processing for verification	Billing details, transaction data
RevenueCat	Subscription management	User ID, subscription events
SendGrid	Email delivery	Email addresses, notification content
OpenAI	Image categorization	Report photos (temporary)
Google Cloud Vision	Document OCR	Verification document images (immediate deletion)
Sentry	Error tracking	Error logs (PII automatically scrubbed)
Google Maps	Map display	Location queries, map interactions

4.3 With Partners (Anonymized Only)

Municipalities: Aggregated, anonymized incident patterns for urban planning
Researchers: Anonymous traffic and parking trend data
No PII: Individual user data is never shared with partners

4.4 Legal Requirements

We may disclose information when:

Required by law, court order, or valid legal process
Necessary to protect our legal rights or defend against claims
Needed to prevent illegal activities, fraud, or threats to safety
Required to enforce our Terms of Service

4.5 We Do NOT

Sell your personal information to third parties
Share your email or phone with other users without consent
Provide advertisers access to your personal data
Include any PII in commercial data products
Share data with data brokers

5. Data Security

5.1 Technical Safeguards

Encryption in Transit: All data transmitted via HTTPS/TLS 1.3
Encryption at Rest: Firestore and Cloud Storage use AES-256 encryption
Authentication: Firebase Authentication with secure password hashing
App Check: Device attestation prevents unauthorized API access (iOS App Attest, Android Play Integrity)
Rate Limiting: Distributed rate limiting prevents abuse attacks
Input Validation: License plates limited to alphanumeric characters, text fields sanitized

5.2 Data Protection Measures

PII Scrubbing: Error logs automatically remove emails, phone numbers, coordinates, and license plates
EXIF Stripping: Photo metadata removed before storage
Document Deletion: Verification documents deleted within 30 minutes of processing
Access Controls: Role-based access with principle of least privilege
Audit Logging: All admin actions and data deletions logged

5.3 Incident Response

Security incidents investigated within 24 hours
Affected users notified within 72 hours of confirmed breach
Regulatory authorities notified as required by law

6. Your Rights and Choices

6.1 Access and Control

You have the right to:

Access: View your personal data via Settings > Privacy Dashboard
Export: Download your data in JSON or CSV format (3 exports per 24 hours)
Correct: Update inaccurate profile information
Delete: Request account deletion (Settings > Privacy Dashboard or email us)
Opt-Out of Analytics: Disable in Settings > Privacy & Security

6.2 Vehicle Privacy Controls

Opt-Out: Vehicle owners can opt their plate out of PlatePin at no cost (CCPA requirement)
Verification: Verify ownership for enhanced privacy controls ($0.99)
Report Visibility: Control who can see reports about your verified vehicles

6.3 Notification Preferences

Push notifications (on/off)
Email notifications (on/off)
Proximity alerts for nearby parking restrictions
Weekly digest (premium feature)
Quiet hours configuration

6.4 How to Exercise Your Rights

In-App: Settings > Privacy Dashboard > Manage Data
Email: legal@platepin.com
Response Time: Within 30 days for most requests (45 days for complex requests)
Verification: We may verify your identity before processing requests

7. California Privacy Rights (CCPA/CPRA)

California residents have additional rights:

7.1 Right to Know

You may request disclosure of:

Categories of personal information collected
Sources of personal information
Business purposes for collection
Third parties with whom we share data
Specific pieces of personal information we hold about you

7.2 Right to Delete

You may request deletion of your personal information, subject to exceptions for:

Completing transactions you initiated
Security and fraud prevention
Legal obligations and compliance
Internal uses consistent with your expectations

7.3 Right to Opt-Out of Sale

We do not sell personal information. We do not share personal data with third parties for their direct marketing purposes.

7.4 Right to Non-Discrimination

We will not discriminate against you for exercising your privacy rights.

7.5 Shine the Light

California residents may request information about disclosure of personal information to third parties for direct marketing. Contact legal@platepin.com.

To submit a CCPA request: Email legal@platepin.com with subject "CCPA Request" or use Settings > Privacy Dashboard.

8. European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland:

8.1 Legal Basis for Processing

Processing Activity	Legal Basis
Account and service provision	Contract performance
Payment processing	Contract performance
Safety and fraud prevention	Legitimate interests
Analytics (with opt-out)	Consent
Legal compliance	Legal obligation
Commercial data use (anonymized)	Legitimate interests

8.2 Your Rights Under GDPR

Access: Obtain a copy of your personal data
Rectification: Correct inaccurate data
Erasure: Request deletion ("right to be forgotten")
Restriction: Limit processing of your data
Portability: Receive data in machine-readable format
Object: Object to processing based on legitimate interests
Withdraw Consent: Revoke consent for analytics at any time

8.3 Data Transfers

Your data may be transferred to and processed in the United States. We rely on:

Standard Contractual Clauses (SCCs) with our service providers
Data Processing Addendums with Firebase, Stripe, and other processors
Appropriate safeguards for international transfers

8.4 Supervisory Authority

You have the right to lodge a complaint with your local data protection authority.

9. Children's Privacy

PlatePin is not intended for users under 16 years of age.

We do not knowingly collect information from children under 16
If we discover such collection, we delete it immediately
Parents or guardians may contact us to request deletion of child data
Users under 18 require parental consent

10. Changes to This Policy

We may update this Privacy Policy periodically:

Material Changes: 30-day advance notice via email and in-app notification
Minor Updates: Notice in app with updated "Last Updated" date
Continued Use: Constitutes acceptance of updated policy after notice period
Previous Versions: Available upon request

11. Contact Information

General Privacy Questions:
Email: legal@platepin.com

Data Protection Officer:
Email: legal@platepin.com

Security Issues:
Email: support@platepin.com

Legal Inquiries:
Email: legal@platepin.com

Mailing Address:
Urban Systems Group LLC
Attn: Privacy Team
Philadelphia, PA 19103
United States

Response Time: We respond to privacy inquiries within 30 days.

12. Cookie Policy (Web Properties)

Our web properties (platepin.app, id.platepin.app, admin.platepin.app) use:

Essential Cookies

Firebase Authentication session management
Security tokens (CSRF protection)
User preferences (theme, language)

Analytics Cookies (with consent)

Firebase Analytics (usage patterns)
Performance monitoring

How to Manage Cookies

Browser settings to block or delete cookies
Our cookie consent banner on first visit
Settings > Privacy to adjust analytics preferences

13. AI and Automated Decision-Making

13.1 How We Use AI

Content Moderation: Perspective API analyzes text for toxicity, hate speech, and policy violations
Image Categorization: OpenAI GPT-4o-mini suggests report categories from photos
OCR Processing: Google Cloud Vision extracts text from documents and signs
Plate Recognition: Computer vision identifies license plate numbers

13.2 Human Review

AI moderation decisions flagged as uncertain go to human review
All vehicle ownership disputes include human moderator review
You may appeal AI-based content removal via support@platepin.com

13.3 Your Rights

You are not subject to fully automated decisions with legal effects without human review
You may request human review of automated moderation decisions

14. Technical Implementation Details

This section provides transparency about specific data handling in our systems.

14.1 License Plate Data

License plates are normalized (uppercase, alphanumeric only)
Stored with region/state identifier
Used to match reports with subscriber notifications
Not shared with external parties except as anonymized aggregates

14.2 Location Precision

City/State: Always included with reports for geographic context
Geohash (7 characters): ~150 meter precision for map clustering
Precise coordinates: Only stored when user explicitly enables for a specific report

14.3 Photo Processing

EXIF Removal: Camera metadata stripped before storage
Compression: Images compressed to max 1024px dimension
Content Moderation: Scanned for inappropriate content before publication
Deletion: Automatically deleted with parent report (90 days max)

14.4 Analytics Opt-Out

When you disable analytics:

Firebase Analytics events no longer sent from your device
Performance monitoring disabled
Your preference stored locally in AsyncStorage
Core app functionality unaffected

Policy Version: 3.0 | Last Reviewed: December 17, 2025

This Privacy Policy was developed through comprehensive code analysis to ensure accuracy with actual system behavior. It should be reviewed by legal counsel before publication.