# Privacy Policy for Waiting List
**Last Updated: May 6, 2026**
**Effective Date: May 6, 2026**
---
## 1. Introduction
Welcome to **Waiting List** ("we," "our," or "us"). This Privacy Policy explains how we collect, use, store, share, and protect your personal information when you use our mobile application ("App").
**Developer Information:**
- **Email:** rektech.uk@gmail.com
- **Phone:** +91 7878959565
- **Website:** https://rektech.uk
- **App Name:** Waiting List
- **App Domain:** waitinglist.rektech.work
By using our App, you agree to the collection and use of information in accordance with this Privacy Policy. This policy complies with Google Play Store policies as of **May 2026 (effective April 15, 2026 policy update)**, including requirements for data transparency, user consent, sensitive permissions handling, AI content disclosure, contacts permissions, age verification, and Android version targeting.
---
## 2. Information We Collect
We collect the following types of information to provide and improve our services:
### 2.1 Personal Information
- **Account Information:** When you create an account or sign in using Google Sign-In, we collect:
- Name
- Email address
- Profile picture (if provided by Google)
- Google User ID
### 2.2 Location Data
- **Precise Location (GPS):** We collect your precise location (latitude and longitude) when you:
- Add or manage waiting list entries that require location information
- Use location-based features within the App
- **Purpose:** Location data is used solely for providing location-based waiting list management features and is not shared with third parties for advertising purposes.
- **Stronger Justification:** In compliance with Google Play's updated Location Permissions Policy (April 15, 2026), we provide explicit, clear justification to users before requesting location access. Location is only accessed when strictly necessary for a specific feature you initiate.
- **User Control:** You can grant or deny location permissions at any time through your device settings. The App will request location access only when needed for specific features.
- **Compliance:** We comply with Google Play's updated Location Permissions Policy (April 2026), using location data only for foreground services and with explicit user consent.
### 2.3 Contacts Data
- **Contact Picker (No Broad Access):** Our App does **not** require broad access to your contacts list. Where contact selection is needed, we use the **Android Contact Picker** — a secure, privacy-preserving system UI that allows you to select specific contacts without granting the App access to your entire contacts database.
- **Compliance:** This aligns with Google Play's new Contacts Permissions Policy (April 15, 2026), which requires apps that do not need broad contact access to use the Android Contact Picker instead.
### 2.4 Device Information
- Internet connectivity status
- Network state and WiFi information (to ensure proper app functionality)
- Device identifiers for authentication purposes
### 2.5 User-Generated Content
- Photos or images you upload through the image picker (stored locally or on our servers)
- Waiting list entries, notes, and related data you create within the App
### 2.6 Usage Data
- App interaction data (features used, screens visited)
- Error logs and crash reports for debugging purposes
- Performance metrics to improve app stability
### 2.7 Age-Related Data (US Users)
- In compliance with applicable US state age verification laws (Utah effective May 2026; Louisiana effective July 2026), where required, we may ingest users' age ranges and parental approval status for significant app changes. This data is used solely to provide age-appropriate experiences and is handled in accordance with Google Play's Age Signals API data-use restrictions (effective January 1, 2026).
---
## 3. How We Use Your Information
We use the collected information for the following purposes:
### 3.1 Core App Functionality
- To create and manage your user account
- To authenticate your identity using Firebase Authentication
- To enable you to create, view, edit, and delete waiting list entries
- To provide location-based features when explicitly requested
- To store and retrieve your data across devices
### 3.2 Service Improvement
- To analyze app usage and improve user experience
- To diagnose and fix technical issues
- To develop new features based on user needs
### 3.3 Communication
- To send important service updates or policy changes
- To respond to your support requests or inquiries
- To notify you about app-related information (only with your consent)
### 3.4 Security and Compliance
- To detect and prevent fraud, abuse, or security incidents
- To comply with legal obligations and enforce our terms of service
- To protect the rights and safety of our users
### 3.5 Age-Appropriate Experience
- Age range data (where collected under US state laws) is used **exclusively** to provide age-appropriate experiences within this App. It will not be shared with third parties, used for advertising targeting, or transferred to other apps or services. This complies with Google Play's Age Signals API restriction (effective January 1, 2026).
---
## 4. Data Sharing and Disclosure
We respect your privacy and do not sell your personal information to third parties. We may share your data only in the following limited circumstances:
### 4.1 Service Providers
We use trusted third-party services to operate our App:
- **Firebase (Google):** For authentication, cloud storage, and analytics
- Privacy Policy: https://firebase.google.com/support/privacy
- **Google Sign-In:** For user authentication
- Privacy Policy: https://policies.google.com/privacy
- **Payment Processors (if applicable):** Razorpay for payment processing
- Privacy Policy: https://razorpay.com/privacy/
These service providers have access to your data only to perform specific tasks on our behalf and are obligated to protect your information.
**Third-Party SDK Responsibility:** In accordance with Google Play's Data Safety & Privacy Policy (April 15, 2026), we are responsible for the data handling behavior of all third-party SDKs integrated into our App, even after app approval. We regularly audit our SDKs to ensure compliance.
### 4.2 Legal Requirements
We may disclose your information if required by law, court order, or government regulation, or if we believe disclosure is necessary to:
- Comply with legal processes
- Enforce our Terms of Service
- Protect our rights, property, or safety
- Protect the rights, property, or safety of our users or the public
### 4.3 Business Transfers
In the event of a merger, acquisition, or sale of assets, your information may be transferred to the new entity. We will notify you via email and/or prominent notice in the App before your data is transferred.
> **Note on Account Transfers:** Any transfer of developer account ownership is conducted exclusively through the official "Transfer ownership" workflow within Google Play Console, in compliance with Google Play's Account Transfer Policy (April 15, 2026).
---
## 5. User Consent and Control
### 5.1 Explicit Consent
We obtain your explicit consent before:
- Accessing your device location
- Accessing your camera or photo gallery
- Collecting any sensitive personal information
- Sending you promotional communications
**Consent Mechanism:**
- All consent requests are presented through clear, unambiguous dialogs
- You must take an affirmative action (tap "Accept," "Allow," or similar)
- Navigating away from a consent dialog does NOT constitute consent
- Auto-dismissing messages are NOT used as a means of obtaining consent
This complies with Google Play's Consent Requirements (April 2026).
### 5.2 Your Rights
You have the right to:
- **Access:** Request a copy of the personal data we hold about you
- **Correction:** Update or correct inaccurate information
- **Deletion:** Request deletion of your account and associated data
- **Withdrawal:** Withdraw consent for data collection at any time
- **Portability:** Request your data in a portable format
- **Objection:** Object to certain types of data processing
To exercise these rights, contact us at rektech.uk@gmail.com.
### 5.3 Permission Management
You can manage app permissions at any time through your device settings:
- **Android:** Settings > Apps > Waiting List > Permissions
Revoking permissions may limit certain app features but will not delete your existing data.
---
## 6. Data Storage and Security
### 6.1 Data Storage
- **Local Storage:** Some data is stored locally on your device using SQLite and SharedPreferences
- **Cloud Storage:** Account information and synced data are stored securely on Firebase servers
- **Location:** Our servers are located in secure data centers with industry-standard protections
### 6.2 Security Measures
We implement appropriate technical and organizational measures to protect your data, in compliance with Google Play's Security & Malware policies (April 15, 2026):
- Encryption of data in transit using HTTPS/TLS
- Encryption of sensitive data at rest
- Secure authentication using Firebase Authentication
- Regular security audits and updates following secure coding practices
- Access controls limiting who can access user data
- Timely app updates to address security vulnerabilities
### 6.3 Data Retention
- **Active Accounts:** We retain your data as long as your account is active
- **Deleted Accounts:** Upon account deletion, we delete your personal data within 30 days, except where retention is required by law
- **Backup Data:** Backup copies may be retained for up to 90 days for disaster recovery purposes
---
## 7. Children's Privacy
Our App is not intended for children under the age of 13 (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personal information from children.
If you are a parent or guardian and believe your child has provided us with personal information, please contact us at rektech.uk@gmail.com, and we will delete such information immediately.
**Compliance with Google Play Families Policy (April 15, 2026 update):**
- We strictly limit data collection for any users who may be minors
- We do not engage in targeted advertising directed at children
- All content within the App is age-appropriate
- Apps with content not globally appropriate are made available only in regions where such content is deemed appropriate
- Non-compliance with the Families Policy may result in removal from Google Play
---
## 8. Location Permissions Policy Compliance
In accordance with Google Play's updated Location Permissions Policy (April 15, 2026):
- We use location data only for foreground services (when the app is actively in use)
- We do NOT use geofencing as a foreground service; if geofencing is implemented in the future, we will use the official Geofence API
- Location access is requested only when necessary for specific features
- We provide clear, strong justification of why location access is needed before requesting permission — as now required under the updated policy
- Users can use the "location button" feature (Android 12+) for one-time precise location access
---
## 9. Contacts Permissions Policy Compliance
In accordance with Google Play's new Contacts Permissions Policy (April 15, 2026):
- Our App does **not** request broad READ_CONTACTS or WRITE_CONTACTS permissions
- Where contact selection is required, we exclusively use the **Android Contact Picker** system UI
- This approach minimizes data collection, improves user safety, and ensures no bulk contact data is accessed or stored by the App
- We do not store, transmit, or share any contact data selected through the Contact Picker beyond the immediate use for which it was selected
---
## 10. AI-Generated Content Policy
In compliance with Google Play's AI-Generated Content Policy (April 15, 2026):
- Where any content within the App is created or assisted by artificial intelligence, we will clearly disclose this to users
- AI-generated content within the App is reviewed to ensure it is not deceptive, harmful, or misleading
- We do not use AI to generate deepfakes, impersonate real individuals, or produce misleading outputs
- We are committed to responsible AI usage in accordance with Google Play's guidelines
---
## 11. Monetization, Payments & Subscriptions
In compliance with Google Play's Monetization & Subscriptions Policy and updated Payments Policy (April 15, 2026):
### 11.1 Subscription Transparency
If the App offers subscription-based features, we clearly disclose:
- Subscription pricing and billing cycles
- What is included in each subscription tier
- How to cancel a subscription
- Refund eligibility and process
Hidden charges and misleading offers are strictly prohibited. The App provides an easy way for users to manage and cancel subscriptions.
### 11.2 Payment Methods (US Users)
In accordance with the updated Google Play Payments Policy (effective January 28, 2026, for US users):
- We may offer alternative in-app payment methods in addition to Google Play Billing
- Users may be informed of the availability of alternative payment methods (e.g., Razorpay)
- We may provide links to external content or payment options outside the Play Store where permitted
- All payment options are clearly disclosed and users are never misled about pricing
---
## 12. Android Version & App Quality
Our App targets **Android 15 or higher**, in compliance with Google Play's Android Version Requirement (April 15, 2026). This ensures:
- Compatibility with the latest Android security features and privacy controls
- Access to the latest performance improvements
- Continued visibility on Google Play (apps not meeting this requirement risk removal)
We are committed to maintaining a high-quality, original, and useful app experience. We do not engage in deceptive titles, fake functionality, or spam-like behavior, in compliance with Google Play's App Quality & Store Listing Policy.
---
## 13. Third-Party Services and SDKs
Our App integrates the following third-party services:
| Service | Purpose | Privacy Policy |
|---------|---------|----------------|
| Firebase Authentication | User authentication | https://firebase.google.com/support/privacy |
| Firebase Cloud Storage | Data storage | https://firebase.google.com/support/privacy |
| Google Sign-In | Social authentication | https://policies.google.com/privacy |
| Geolocator | Location services | https://pub.dev/packages/geolocator |
| Geocoding | Address conversion | https://pub.dev/packages/geocoding |
| Razorpay | Payment processing | https://razorpay.com/privacy/ |
We do not use third-party advertising SDKs or trackers for personalized advertising.
**SDK Compliance:** Per Google Play's Data Safety & Privacy Policy (April 15, 2026), we are responsible for ensuring all integrated SDKs handle user data in compliance with applicable policies. Our Data Safety declarations reflect the actual data access behavior of all SDKs used in the App.
---
## 14. Data Safety Declaration
In compliance with Google Play's Data Safety requirements (updated April 15, 2026), we declare:
### Data Collected:
- ✅ Location (precise)
- ✅ Personal information (name, email)
- ✅ Photos and videos (user-uploaded)
- ✅ App activity (interactions, usage data)
- ✅ Age range (where required by US state law — used only for age-appropriate experiences)
### Data Usage:
- ✅ App functionality
- ✅ Analytics
- ✅ Account management
- ✅ Age-appropriate experience delivery (Age Signals API data — restricted to this App only, per January 1, 2026 policy)
### Data Sharing:
- ❌ We do NOT sell user data
- ✅ Data shared only with essential service providers (Firebase, payment processors)
- ❌ We do NOT share age range or health data with third parties
### Security Practices:
- ✅ Data encrypted in transit
- ✅ Users can request data deletion
- ✅ Committed to following Google Play Families Policy
- ✅ Third-party SDK data handling audited for compliance
- ✅ Data Safety declarations cross-referenced with actual app permissions and SDK behaviors
---
## 15. International Data Transfers
Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws.
When we transfer your data internationally, we ensure appropriate safeguards are in place, including:
- Standard contractual clauses approved by regulatory authorities
- Compliance with GDPR (for EU users) and other applicable data protection laws
- Ensuring service providers adhere to privacy frameworks
---
## 16. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in:
- Our practices
- Legal requirements
- App features or functionality
**Notification of Changes:**
- We will notify you of significant changes via:
- In-app notification
- Email to your registered address
- Prominent notice on our website
- The "Last Updated" date at the top of this policy will be revised
- Continued use of the App after changes constitutes acceptance of the updated policy
We encourage you to review this Privacy Policy periodically.
---
## 17. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
**Email:** rektech.uk@gmail.com
**Phone:** +91 7878959565
**Website:** https://rektech.uk
**App Support:** Available through the Help section in the App
**Response Time:** We aim to respond to all inquiries within 7 business days.
---
## 18. Legal Compliance
This Privacy Policy complies with:
- Google Play Store Developer Policies (April 15, 2026 update — effective May 2026)
- General Data Protection Regulation (GDPR) - for EU users
- California Consumer Privacy Act (CCPA) - for California users
- Utah Age Verification Law (effective May 2026) - for Utah users
- Louisiana Age Verification Law (effective July 2026) - for Louisiana users
- Information Technology Act, 2000 (India)
- Other applicable data protection and privacy laws
---
## 19. Dispute Resolution
If you have a complaint about our privacy practices, please contact us first at rektech.uk@gmail.com. We will investigate and attempt to resolve complaints in accordance with this Privacy Policy.
If you are not satisfied with our response, you may have the right to lodge a complaint with your local data protection authority.
---
## 20. Additional Rights for EU Users (GDPR)
If you are located in the European Economic Area (EEA), you have additional rights under GDPR:
- **Right to Access:** Obtain confirmation of whether we process your data and access to such data
- **Right to Rectification:** Correct inaccurate or incomplete data
- **Right to Erasure:** Request deletion of your data ("right to be forgotten")
- **Right to Restriction:** Restrict processing of your data in certain circumstances
- **Right to Data Portability:** Receive your data in a structured, machine-readable format
- **Right to Object:** Object to processing based on legitimate interests
- **Right to Withdraw Consent:** Withdraw consent at any time without affecting prior processing
**Legal Basis for Processing:**
- Consent: For location data and optional features
- Contract Performance: For account management and core app functionality
- Legitimate Interests: For security, fraud prevention, and service improvement
---
## 21. Additional Rights for California Users (CCPA)
If you are a California resident, you have rights under the California Consumer Privacy Act:
- **Right to Know:** Request information about data collected, used, disclosed, or sold
- **Right to Delete:** Request deletion of personal information
- **Right to Opt-Out:** Opt-out of the sale of personal information (Note: We do NOT sell personal information)
- **Right to Non-Discrimination:** Not receive discriminatory treatment for exercising CCPA rights
To exercise these rights, contact us at rektech.uk@gmail.com.
---
## 22. Transparency Commitment
We are committed to transparency in our data practices:
- ✅ We clearly declare all data we collect in the Google Play Data Safety section
- ✅ We provide detailed explanations of how data is used
- ✅ We do NOT engage in silent or hidden data collection
- ✅ We keep our Data Safety declarations accurate and up-to-date
- ✅ We obtain explicit consent before collecting sensitive information
- ✅ We provide easy-to-understand privacy information
- ✅ We disclose AI-generated content where applicable
- ✅ We use the Android Contact Picker instead of requesting broad contacts access
- ✅ We are responsible for and audit all third-party SDK data behaviors
**Google Play Compliance:** Our Data Safety declarations are cross-referenced with our actual app permissions and SDK behaviors to ensure accuracy, in full compliance with Google Play's April 15, 2026 policy update.
---
## 23. No Sale of Personal Information
**We do NOT sell, rent, or trade your personal information to third parties for monetary or other valuable consideration.**
This commitment applies to all users, regardless of location.
---
## 24. Acknowledgment
By using the Waiting List app, you acknowledge that:
- You have read and understood this Privacy Policy
- You consent to the collection, use, and sharing of your information as described
- You understand your rights and how to exercise them
- You agree to receive necessary service communications
If you do not agree with this Privacy Policy, please do not use our App.
---
**Thank you for trusting Waiting List with your information. We are committed to protecting your privacy and providing a secure, transparent experience.**
---
*This Privacy Policy is effective as of May 6, 2026, and supersedes all previous versions.*
Comments
Post a Comment