Personal Data Protection (GDPR) — Version 1.2 — Effective: May 18, 2026
Preamble
This Privacy Policy informs users of the EquiSafe IA application (the "App") of the conditions under which their personal data is collected, processed, stored and protected, in accordance with EU Regulation 2016/679 (GDPR) and applicable data protection legislation.
Data controller: Marie Dadomo, Sole Trader (Entrepreneur individuel) — SIRET 894 716 158 00023 — 1 rue de la Roseraie, 49110 Beaupréau-en-Mauges, France — equisafeia@gmail.com
Minimum age: The App is intended for users aged 16 or over (or 13 with parental consent, depending on local legislation). No data from children under 13 is knowingly collected.
1 — Data collected and purposes
1.1 Account data
| Data | Purpose |
|---|---|
| Email address | Account creation and management, authentication, password recovery |
| First name and last name | Interface personalisation, PDF export mentions |
| Profile photo (avatar) | Display in the user profile |
| Country of residence | Local veterinary context, legal compliance |
| Unique identifier (UID) | Technical identification in Firebase Authentication |
| Account creation date | Contractual management, legal compliance, support |
| Notification token (Expo/FCM/APNs) | Sending service-related push notifications, only if the user enables them |
| Preferred language | Displaying the interface in the user's language |
| Terms acceptance date | Proof of contractual consent, legal compliance |
1.2 App usage data
| Data | Purpose |
|---|---|
| Photos submitted for AI scan | Analysis of plants and equine symptoms by the AI model, display of results |
| Scan images (storage) | Preserving scan history within the App (Firebase Storage) |
| Scan history (plants, feed, care) | Personal history consultation within the App, user archiving |
| Favourite plants | Personalisation: saving plants marked as favourites |
| Favourite products (feed and care) | Personalisation: saving products marked as favourites per horse |
| Products consumed per horse | Displaying cross-warnings during future analyses |
| Product statuses (approved / to avoid per horse) | Personalising product assessments according to the horse's profile |
| Community alerts (text, plant) | Sharing alerts between users, moderation and statistics |
| GPS location (latitude/longitude) | Geolocating community alerts when a user reports a plant — collected only at that moment and with explicit consent |
| Alert photo (optional) | Illustrating a community alert |
1.3 Horse profile data
This data relates to the horse (animal), not a natural person. It is associated with the user's account and deleted along with it.
| Data | Purpose |
|---|---|
| Horse name | Profile identification within the App |
| Breed, age, weight, sex, activity level | Personalising feed and care compatibility analyses |
| Health conditions, allergies, pathologies | Tailoring recommendations, displaying relevant warnings |
| Horse photo (optional) | Display in the user interface |
| Associated care reminders | Reminder notifications linked to the horse profile |
1.4 Subscription data
| Data | Purpose |
|---|---|
| Subscription status | Pro access management |
| Plan type | Feature rights and limits management |
| Subscription / renewal dates | Contractual management, billing |
| RevenueCat identifier | Cross-platform subscription status reconciliation |
| Free AI scan counter (count + reference month) | Enforcement of the monthly quota of 5 AI scans for free users; automatic reset each month |
| Pro anti-abuse counters (sliding minute / hour / day / month windows) | Enforcement of technical thresholds (6/min · 25/hour · 60/day · 300/month) intended to prevent abusive use and protect the infrastructure |
No payment data (credit card, etc.) is collected or stored directly by the publisher. Subscription prices may change under the conditions set out in the Terms of Service.
1.5 Technical data
| Data | Purpose |
|---|---|
| IP address | Security, abuse prevention, Firebase logs |
| Device type and OS version | Compatibility, technical support |
| Pseudonymised usage data (Firebase Analytics) | Service improvement, aggregated analysis |
| Error logs (Firebase Crashlytics) | Debugging, stability improvement |
| Device integrity signals (Firebase App Check) | Verification of App authenticity, prevention of unauthorised calls |
2 — Legal bases for processing
| Processing | Legal basis |
|---|---|
| Account management, authentication | Performance of contract (Art. 6.1.b GDPR) |
| Provision of features (AI scan, history, horse profiles) | Performance of contract (Art. 6.1.b) |
| Subscription management and billing | Performance of contract (Art. 6.1.b) |
| Service-related notifications | Performance of contract (Art. 6.1.b) |
| Favourites and product statuses | Performance of contract (Art. 6.1.b) |
| Analytics (Firebase) — service improvement | Legitimate interest (Art. 6.1.f) |
| Security and fraud prevention | Legitimate interest (Art. 6.1.f) |
| Crash reporting | Legitimate interest (Art. 6.1.f) |
| App integrity verification (App Check) | Legitimate interest (Art. 6.1.f) |
| Accounting and legal obligations | Legal obligation (Art. 6.1.c) |
3 — Automated decisions and profiling
The App uses an artificial intelligence model (Google Gemini) to analyse images and ingredient lists submitted by the user. These analyses generate decision-support recommendations.
No automated decision producing legal effects or significantly affecting the user (within the meaning of Art. 22 GDPR) is made. Results are provided for informational purposes only and do not replace professional veterinary advice.
4 — Retention periods
| Data | Retention period |
|---|---|
| Account data (email, profile) | Active use period + 3 years after last login |
| Scans and history | Active use period + 3 years after last login |
| Horse profiles and associated data | Active use period or until deleted by the user |
| Favourites and product statuses | Active use period or until deleted by the user |
| Subscription and billing data | 10 years from transaction (accounting obligation) |
| Technical and security logs | 12 rolling months |
| Firebase Analytics usage data | Up to 14 months (Google policy) |
| FCM tokens | Active use period or until revocation |
Upon account deletion, all personal data is permanently deleted within a maximum of 30 days, except data subject to statutory retention obligations (billing data: 10 years).
5 — Subprocessors and transfers outside the EU
Several service providers are established in the United States. These transfers are governed by Standard Contractual Clauses (SCCs) in accordance with EU Implementing Decision 2021/914, and/or the EU-US Data Privacy Framework (DPF).
| Subprocessor | Purpose | Safeguards |
|---|---|---|
| Google Firebase (Auth, Firestore, Storage, Functions) | Authentication, database, storage, server functions | SCCs / DPF |
| Firebase Analytics | Pseudonymised usage analysis | SCCs / DPF |
| Firebase Crashlytics | Crash reporting — debugging | SCCs / DPF |
| Firebase App Check | App integrity verification | SCCs / DPF |
| Firebase Cloud Messaging (FCM) | Push notifications | SCCs / DPF |
| Google Gemini / Imagen (Generative Language API) | AI analysis of scan images and generation of botanical illustrations | SCCs / DPF |
| RevenueCat | In-app subscription management | SCCs |
| Apple App Store (In-App Purchase) | iOS payments | Apple policy |
| Google Play (Google Play Billing) | Android payments | Google policy |
For more information: Firebase Privacy Policy — RevenueCat Privacy Policy.
6 — Rights of data subjects
| Right | Description |
|---|---|
| Access (Art. 15) | Obtain a copy of the data concerning you. |
| Rectification (Art. 16) | Request correction of inaccurate data — available via the "Personal Information" screen in the App. |
| Erasure (Art. 17) | Request deletion — available via "Delete my account" in the App (Settings › Security). |
| Restriction (Art. 18) | Request temporary suspension of processing. |
| Portability (Art. 20) | Receive your data in a structured, machine-readable format. |
| Objection (Art. 21) | Object to processing based on legitimate interest. |
| Non-profiling (Art. 22) | Not to be subject to a solely automated decision with significant legal effect (not applicable — see section 3). |
To exercise these rights: use the App's built-in features or send a written request to equisafeia@gmail.com. Response within 1 month.
You may also lodge a complaint with your local supervisory authority. In France: CNIL — 3 Place de Fontenoy, TSA 80715, 75334 Paris Cedex 07 — www.cnil.fr. In the UK: ICO — ico.org.uk.
7 — Data security
- Data encrypted in transit (TLS/HTTPS on all communications)
- Data encrypted at rest on Firebase (managed by Google)
- Secure authentication via Firebase Authentication (passwords hashed)
- Strict Firestore security rules: access limited to the account owner only
- No unencrypted sensitive data stored locally on the device
- Subprocessors certified SOC 2 / ISO 27001 (Google Firebase)
- Firebase App Check: verifies that requests originate from the official EquiSafe IA application
In the event of a data breach likely to result in a risk: notification to the relevant supervisory authority within 72 hours (Art. 33 GDPR); affected users informed if high risk.
8 — Push notifications and trackers
The App may send push notifications via Firebase Cloud Messaging (FCM), exclusively for service purposes (care reminders, alerts). No marketing notifications are sent without explicit consent. Users can manage their preferences in the App (Settings › Notifications) and in their device settings.
The App does not place cookies on the device. Third-party SDKs (Firebase Analytics, RevenueCat) collect pseudonymised usage data for service improvement purposes only.
Advertising tracking (ATT / App Tracking Transparency): The App does not perform any cross-app advertising tracking. No advertising identifier (IDFA/GAID) is used for targeting or sharing with third-party advertising networks.
9 — Guest access (anonymous mode)
The App offers guest access via Firebase anonymous authentication. In this mode, no personally identifiable data is collected. An anonymous user can convert their account to a full account at any time. Data created in guest mode is permanently deleted if the anonymous account is not converted and the session ends.
10 — Changes to this policy
The publisher reserves the right to amend this Policy at any time. Any material changes will be notified to users via in-app notification and/or email at least 30 days before taking effect.