Privacy Policy

1. Introduction

DuckTracks ("we," "our," or "us") operates a social rubber duck tracking platform that allows users to scan, claim, and pass physical ducks while sharing their journeys through photos and messages. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and services.

2. Information We Collect

2.1 Account Information

• Email address (via AWS Cognito authentication)
• User display name and username
• Profile biography and social media links
• Account creation and update timestamps

2.2 Location Data

• ZIP Codes: We collect ZIP codes where you pass or claim ducks
• Resolved Location Data: We automatically convert ZIP codes to city, state, county information and geographic coordinates (latitude/longitude)
• Home Location: Optional location information you provide in your profile
• Current Location: Location data when interacting with ducks

2.3 Photos and Media

• Profile Photos: Your user profile photo and cover photo
• Gallery Photos: Up to 6 additional personal photos you upload
• Duck Photos: Photos you take of ducks during setup, claiming, or passing
• Photo Metadata: Upload timestamps, photo descriptions, and associated duck/status information

2.4 Duck Interaction Data

• Duck codes you scan and interact with
• Messages you leave when passing ducks
• Duck setup information (duck names, biographies, home locations)
• Timestamps of all duck interactions
• Duck statistics (ducks found, passed, owned, created)

2.5 Social Activity

• Users you follow and who follow you
• Social interaction history

2.6 Technical Information

• Device information and identifiers
• App usage patterns and session data
• Error logs and performance data

3. How We Use Your Information

3.1 Core App Functionality

• Enable duck scanning, claiming, and passing features
• Display duck histories and user profiles
• Facilitate photo sharing and duck journeys
• Calculate and display user statistics

3.2 Location Services

• Show where ducks have been and are currently located
• Enable radius-based user searches
• Provide location context for duck interactions

3.3 Social Features

• Connect users with similar interests
• Enable following/follower relationships
• Display user activity feeds

3.4 Service Improvement

• Analyze app usage to improve functionality
• Debug technical issues
• Develop new features

4. Information Sharing and Disclosure

4.1 Public Information

4.2 Third-Party Advertising Partners

We may share the following data with advertising partners:

• User names and usernames
• General location data (city/state level)
• App usage patterns and preferences
• Device information and identifiers
• Aggregated and anonymized usage statistics

4.3 Service Providers

We may share information with trusted service providers who assist in:

• Cloud hosting and data storage (AWS)
• Photo processing and storage
• Analytics and performance monitoring
• Customer support services

4.4 Legal Requirements

We may disclose information when required by law or to:

• Comply with legal processes
• Protect our rights and property
• Ensure user safety
• Prevent fraud or abuse

5. Data Storage and Security

5.1 Storage Locations

• User Data: Stored in DynamoDB databases in AWS US-East-1 region
• Photos: Stored in Amazon S3 buckets with multiple size variants
• Session Data: Temporarily stored for app functionality

5.2 Data Retention

• Active Accounts: Data retained while account is active
• Photos: Multiple sizes stored (large images moved to deleted folder when removed)
• Duck History: Permanently retained for duck journey continuity
• Session Data: Automatically cleared after 1 hour of inactivity

5.3 Security Measures

• AWS Cognito authentication system
• Encrypted data transmission (HTTPS)
• Automatic session timeout (1 hour)
• Access controls and permission management
• Regular security monitoring

6. Your Rights and Choices

6.1 Account Management

• Update your profile information at any time
• Delete specific photos from your gallery
• Modify privacy settings for your profile

6.2 Data Access

You can request access to your personal data by contacting us at support@ducktracks.com.

6.3 Data Deletion

• You may delete your own photos through the app
• Account deletion requests can be made by contacting us
• Note: Duck interaction history may be retained for platform continuity

6.4 Communication Preferences

• Control social interactions through follow/unfollow features
• Manage notification settings in your account

7. Children's Privacy

8. International Users

DuckTracks is operated from the United States. If you access our service from outside the US, your information will be transferred to and processed in the United States.

9. Changes to This Policy

We may update this Privacy Policy periodically. We will notify users of material changes through:

• In-app notifications
• Email notifications
• Posted notices on our platform

Continued use of DuckTracks after changes indicates acceptance of the updated policy.

10. Contact Information

11. State-Specific Rights

California Residents (CCPA)

California residents have additional rights including:

• Right to know what personal information is collected
• Right to delete personal information
• Right to opt-out of sale of personal information
• Right to non-discrimination for exercising privacy rights

Other State Rights

Residents of other states may have additional privacy rights under applicable state laws. Contact us for information about exercising these rights.