Privacy Policy for Facts A Day

Last Updated: January 1, 2026 Effective Date: January 1, 2026 Version: 1.2

1. Introduction

Welcome to Facts A Day! This privacy policy explains how information is collected, used, and protected when you use the Facts A Day mobile application ("App").

Data Controller: Yusuf Seyrek Individual Developer Based in Turkey Email: seyrek91@gmail.com Website: https://factsaday.com

This policy applies to all users of the Facts A Day app, regardless of location. We are committed to protecting your privacy and being transparent about our data practices.

2. Information We Collect

Facts A Day is designed with privacy in mind. Most of your data is stored locally on your device and never leaves it. Here's what we collect:

2.1 Data Stored Locally on Your Device

The following information is stored only on your device and is never sent to our servers:

• Language Preference: Your selected language for app content (English, German, Spanish, French, Japanese, Korean, Turkish, or Chinese)
• Category Selections: Which fact categories you've chosen to receive (e.g., Science, History, Technology)
• Notification Time: Your preferred time to receive daily fact notifications
• Favorited Facts: Facts you've marked as favorites
• Facts Database: The collection of facts downloaded to your device
• App Preferences: Other settings and preferences

Important: This data is stored using device storage (SQLite database and AsyncStorage). We have no access to this data. It remains on your device until you uninstall the app.

2.2 Data Sent to Our Server

We collect minimal data on our server:

• IP Address (Temporary Processing): Your IP address is used temporarily for rate limiting purposes only

  • Purpose: To prevent abuse and ensure fair usage of our API
  • Not stored permanently: IP addresses are not logged or stored beyond the rate limiting window
  • Not linked to personal identity: Used only for request throttling, not for tracking or identification

• Firebase App Check Token: A security token generated by Firebase App Check

  • Purpose: To verify that requests come from authentic instances of the Facts A Day app
  • Security measure: Protects our backend resources from unauthorized access and abuse
  • Not linked to personal identity: This token verifies app authenticity, not user identity

We do NOT collect:

• Your name, email, or phone number
• Your location data
• Personal photos or files
• Contacts or calendar data
• Any personally identifiable information

2.3 Data Collected by Third-Party Services

We use third-party services that may collect data about you:

a) Google AdMob (Advertising)

Facts A Day displays advertisements provided by Google AdMob. AdMob may collect:

• Device Identifiers: Advertising ID (Android) or Identifier for Advertisers/IDFA (iOS)
• IP Address: Your device's internet protocol address
• Device Information: Device model, operating system version, app version
• Ad Interactions: Which ads you view or tap
• Diagnostic Data: Crash reports and performance data related to ad serving

Purpose: To serve relevant advertisements and measure ad performance

AdMob Privacy Policy: https://policies.google.com/privacy

b) Firebase Crashlytics (Crash Reporting)

We use Firebase Crashlytics to monitor app crashes and errors to improve app stability. Crashlytics may collect:

• Crash Logs: Stack traces and error messages when the app crashes
• Device Information: Device model, operating system version, app version
• Crashlytics Installation UUID: A unique identifier for the app installation
• Performance Data: App performance metrics

Purpose: To identify and fix bugs, improve app performance and stability

Firebase Privacy Policy: https://firebase.google.com/support/privacy

c) Firebase Analytics (Usage Analytics)

We use Firebase Analytics to understand how users interact with the app and to improve user experience. Firebase Analytics collects:

• App Events: Anonymized interactions such as screens viewed, buttons tapped, features used
• User Properties: Anonymized attributes like app version, device type, language preference
• Session Data: App open/close times, session duration
• Device Information: Device model, operating system version, screen size
• App Instance ID: A unique identifier for the app installation (not linked to personal identity)

Important: All analytics data is anonymized and aggregated. We cannot identify individual users from this data.

Purpose: To understand app usage patterns, improve features, fix usability issues, and provide a better user experience

Firebase Privacy Policy: https://firebase.google.com/support/privacy

d) Firebase App Check

We use Firebase App Check to protect our backend resources from abuse. App Check:

• Generates attestation tokens: Verifies that requests originate from authentic app installations
• Does NOT collect personal data: App Check tokens are security credentials, not user identifiers
• Works with device attestation: Uses platform-specific attestation (DeviceCheck on iOS, Play Integrity on Android)

Purpose: To ensure only legitimate app instances can access our API, protecting against bots and unauthorized access

Firebase Privacy Policy: https://firebase.google.com/support/privacy

3. How We Use Your Information

3.1 Local Data (Stored on Your Device)

• To provide personalized fact delivery based on your language and category preferences
• To remember your notification time preferences
• To display your favorited facts
• To provide offline access to facts

3.2 IP-Based Rate Limiting

• To temporarily process your IP address for rate limiting purposes
• To prevent abuse and ensure fair usage of our services
• Not used for tracking, profiling, or identifying individual users
• Not stored or logged permanently

3.3 Firebase App Check Token

• To verify that API requests come from authentic Facts A Day app installations
• To protect our backend resources from unauthorized access
• To ensure service availability for legitimate users

3.4 Third-Party Data

• AdMob: To serve advertisements that help support the free app
• Firebase Crashlytics: To monitor crashes and improve app stability
• Firebase Analytics: To understand usage patterns and improve user experience
• Firebase App Check: To secure our backend and prevent abuse

3.5 Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), United Kingdom, and Switzerland:

• Local Data Storage: Contractual necessity (required to provide the app service)
• IP-Based Rate Limiting: Legitimate interest (preventing abuse and ensuring service quality)
• Firebase App Check: Legitimate interest (security and protecting service integrity)
• AdMob Advertising: Consent (obtained via Consent Management Platform)
• Firebase Crashlytics: Legitimate interest (improving app quality and security)
• Firebase Analytics: Legitimate interest (improving user experience and app features)

4. Data Sharing and Third Parties

4.1 Our Backend Server

• What we process: IP address (temporarily for rate limiting), App Check token (for authentication)
• Purpose: Rate limiting and security verification
• Location: Server location details available upon request
• No personal data stored permanently

4.2 Google AdMob

• What they collect: See Section 2.3(a)
• Purpose: Advertising
• Privacy Policy: https://policies.google.com/privacy
• Your Controls: See Section 10 for opt-out options

4.3 Firebase (Crashlytics, Analytics & App Check)

• What they collect: See Sections 2.3(b), 2.3(c), and 2.3(d)
• Purpose: Crash reporting, usage analytics, app improvement, and security
• Privacy Policy: https://firebase.google.com/support/privacy
• Data Processing Agreement: Firebase/Google is GDPR-compliant with Standard Contractual Clauses

4.4 No Sale of Data

We do NOT sell your personal information to third parties. However, under CCPA, data sharing with AdMob for advertising purposes may be considered a "sale." See Section 7.3 for California residents' opt-out rights.

5. Over-The-Air (OTA) Updates

Facts A Day uses Over-The-Air (OTA) updates to deliver improvements directly to your device without requiring app store updates.

5.1 What OTA Updates Include

OTA updates are used for:

• Bug fixes: Resolving issues and crashes
• Performance improvements: Optimizing app speed and responsiveness
• Minimal UI changes: Minor interface adjustments that align with the app's core purpose

5.2 What OTA Updates Do NOT Include

OTA updates will NOT:

• Add new features that significantly change app functionality
• Collect additional data beyond what's described in this privacy policy
• Change the core purpose or behavior of the app
• Require new permissions

5.3 How OTA Updates Work

• Updates are downloaded automatically when available
• Updates are applied when you restart the app
• No personal data is collected during the update process
• You always have the latest bug fixes and improvements

6. Your Data Rights

6.1 Rights for All Users

You have the right to:

• Access: Request information about what data we have about you
• Deletion: Request deletion of your data
• Opt-Out: Opt out of personalized advertising (see Section 10)
• Contact Us: Ask questions about our privacy practices

How to exercise these rights:

• Local Data: Uninstall the app or clear app data in your device settings
• Third-Party Data: See Section 10 for opt-out instructions
• General Inquiries: Contact us at seyrek91@gmail.com

6.2 Additional Rights for EU Users (GDPR)

If you are in the European Economic Area (EEA), United Kingdom, or Switzerland, you have additional rights:

• Right to Access: Request a copy of your personal data
• Right to Rectification: Correct inaccurate data
• Right to Erasure: Request deletion of your data ("right to be forgotten")
• Right to Restriction: Limit how we process your data
• Right to Data Portability: Receive your data in a portable format
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent for advertising at any time
• Right to Lodge a Complaint: File a complaint with your local data protection authority

How to exercise these rights:

• Email us at seyrek91@gmail.com
• We will respond within 30 days
• No fee unless request is excessive or unfounded

EU Representative: For GDPR inquiries, contact: seyrek91@gmail.com

6.3 Additional Rights for California Users (CCPA)

If you are a California resident, you have the right to:

• Right to Know: What personal information we collect, use, disclose, and sell
• Right to Delete: Request deletion of your personal information
• Right to Opt-Out: Opt out of the "sale" of personal information (AdMob data sharing)
• Right to Non-Discrimination: Equal service and pricing regardless of privacy choices

Categories of Personal Information Collected:

• Device identifiers (Advertising ID)
• Internet/network activity (ad interactions)
• Device information (model, OS version)

Categories of Third Parties We Share With:

• Advertising networks (AdMob)
• Analytics and crash reporting providers (Firebase)

How to exercise these rights:

• Email us at seyrek91@gmail.com with "CCPA Request" in the subject line
• We will respond within 45 days (may extend by 45 days if needed)
• Verify your identity by providing device details

Do Not Sell My Personal Information: To opt out of AdMob data sharing, visit: https://adssettings.google.com

7. Data Retention

7.1 Local Data

• Retention Period: Stored on your device until you uninstall the app or clear app data
• No Cloud Backup: We do not back up your local data; once deleted, it cannot be recovered

7.2 IP Address Data

• Our Server: Processed temporarily for rate limiting only
• No Permanent Storage: IP addresses are not logged or stored beyond the rate limiting window
• Automatic Expiration: Rate limiting data expires automatically

7.3 Firebase App Check Tokens

• Session-Based: Tokens are short-lived and automatically expire
• No Permanent Storage: Tokens are verified in real-time and not stored on our servers

7.4 Third-Party Data

• AdMob: Governed by Google's data retention policies (typically up to 24 months)
• Firebase Crashlytics: Crash logs retained for 90 days
• Firebase Analytics: Analytics data retained for up to 14 months (default Google retention period)

8. Children's Privacy

Facts A Day is suitable for all ages and does NOT knowingly collect personal information from children under 13 (or under 16 in the EEA).

• No User Accounts: We do not collect names, emails, or other identifying information
• Parental Consent: Not required as we collect no personal data
• Ad Content: Ads are filtered to be family-friendly

If you believe a child has provided information to us, please contact seyrek91@gmail.com.

9. International Data Transfers

Facts A Day is operated from Turkey and used worldwide. Your data may be transferred to and processed in:

• Turkey: Our backend server
• United States: Firebase/Google servers (Crashlytics, Analytics, AdMob, App Check)
• European Union: Google servers

For EU Users: Data transfers to countries outside the EEA are protected by:

• Standard Contractual Clauses (SCCs): Used by Google/Firebase
• Adequacy Decisions: Where applicable
• Your Consent: For AdMob, obtained via Consent Management Platform

10. Security

We take reasonable measures to protect your data:

10.1 Device-Level Security

• Local Storage: Facts and preferences stored securely using platform encryption
• No Transmission: Most data never leaves your device

10.2 Server-Level Security

• Firebase App Check: Verifies that requests come from authentic app instances
• Minimal Data Processing: We process only IP addresses temporarily and don't store personal data
• Encryption: Data encrypted in transit (HTTPS/TLS)
• Rate Limiting: IP-based rate limiting protects against abuse

10.3 Limitations

• No Guarantee: No method of transmission or storage is 100% secure
• Device Security: Your device security (passcode, biometrics) protects local data
• Responsibility: Keep your device secure and updated

11. Advertising and Tracking

11.1 Advertising Identifiers

Facts A Day uses advertising identifiers to show ads:

• iOS: Identifier for Advertisers (IDFA)
• Android: Advertising ID (AAID)

These identifiers are used by AdMob to:

• Serve advertisements
• Measure ad performance
• Provide personalized ads (with consent)
• Prevent fraud

11.2 How to Opt Out of Personalized Ads

For All Users:

• Google Ad Settings: Visit https://adssettings.google.com to opt out of personalized ads

For iOS Users:

1. Open Settings on your iPhone/iPad
2. Tap Privacy & Security
3. Tap Tracking
4. Toggle off Allow Apps to Request to Track (prevents personalized ads)

Or for individual app control:

1. Settings > Privacy & Security > Apple Advertising
2. Toggle on Personalized Ads to disable

For Android Users:

1. Open Settings on your Android device
2. Tap Google > Ads
3. Enable Opt out of Ads Personalization

Note: You will still see ads, but they will be less relevant to your interests.

11.3 App Tracking Transparency (iOS)

On iOS 14.5+, you may see a prompt asking permission to track you across apps and websites. This is for:

• Personalized advertising
• Ad measurement

You can choose Allow or Ask App Not to Track. Either choice will not affect app functionality.

12. Cookies and Similar Technologies

Facts A Day does NOT use cookies. However:

• AdMob may use similar technologies (device identifiers, local storage) for ad serving
• Firebase may use local storage for crash reporting and analytics

These are managed by the respective third-party services. See their privacy policies for details.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect:

• Changes in our practices
• Changes in applicable laws
• New features or services

How you'll be notified:

• In-App Notification: If material changes affect your rights
• Updated Date: The "Last Updated" date at the top will change
• Continued Use: Using the app after changes = acceptance of updated policy

Your Options:

• Review the policy periodically
• Contact us with questions
• Stop using the app if you disagree with changes

14. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your data:

Email: seyrek91@gmail.com Website: https://factsaday.com Response Time: We aim to respond within 30 days (GDPR) or 45 days (CCPA)

For GDPR Inquiries (EU Users):

Data Controller: Yusuf Seyrek Email: seyrek91@gmail.com

For CCPA Requests (California Users):

Subject Line: "CCPA Request" Email: seyrek91@gmail.com

To Lodge a Complaint (EU Users):

If you are unsatisfied with our response, you have the right to lodge a complaint with your local data protection supervisory authority.

15. Jurisdiction-Specific Information

15.1 European Economic Area (EEA), UK, and Switzerland

• Legal Basis: See Section 3.5
• Data Protection Officer: Not required for individual developers of this size; contact seyrek91@gmail.com
• Supervisory Authority: Your local data protection authority
• Data Transfers: Protected by Standard Contractual Clauses

15.2 California, USA

• CCPA Compliance: See Section 6.3
• Categories of Data: Device identifiers, network activity
• Sale of Data: AdMob data sharing may constitute "sale"; opt out at https://adssettings.google.com
• Shine the Light: California residents may request information about data sharing with third parties (email seyrek91@gmail.com)

15.3 Turkey

• KVKK Compliance: Turkish users' data is protected under KVKK (Law No. 6698)
• Contact: seyrek91@gmail.com for KVKK inquiries

15.4 Rest of World

All users, regardless of location, have the rights described in Section 6.1.

16. Third-Party Links and Services

16.1 External Links

Facts may occasionally include links to external sources or websites. We are NOT responsible for:

• Privacy practices of external sites
• Content on external sites
• Your interactions with external sites

Please review the privacy policies of any external sites you visit.

16.2 Third-Party Service Links

• Google AdMob Privacy Policy: https://policies.google.com/privacy
• Google Ad Settings (Opt-Out): https://adssettings.google.com
• Firebase Privacy Policy: https://firebase.google.com/support/privacy
• Firebase Data Processing Terms: https://firebase.google.com/terms/data-processing-terms
• iOS Tracking Settings: Settings > Privacy & Security > Tracking
• Android Ad Settings: Settings > Google > Ads

Summary

What We Collect:

• ✅ Local data (on your device only): preferences, favorites, facts
• ✅ IP address (temporary, for rate limiting only - not stored)
• ✅ Firebase App Check token (for security verification)
• ✅ AdMob advertising data (device ID, ad interactions)
• ✅ Firebase Crashlytics data (crash logs, device info)
• ✅ Firebase Analytics data (anonymized events, usage patterns)

What We DON'T Collect:

• ❌ Your name, email, or phone number
• ❌ Your location
• ❌ Personal photos or files
• ❌ Contacts or calendar
• ❌ Any personally identifiable information

Your Rights:

• Access, delete, or correct your data
• Opt out of personalized ads
• Contact us with questions
• Lodge complaints with authorities (EU)

Our Commitment: We are committed to transparency and protecting your privacy. If you have any questions or concerns, please don't hesitate to contact us at seyrek91@gmail.com.

Facts A Day | Developed by Yusuf Seyrek | https://factsaday.com

This privacy policy was created to comply with GDPR, CCPA, and mobile app store requirements.