Privacy Policy

Last updated: January 29, 2026

About This Policy

Goshuin Atlas is operated by David Dias, a sole proprietor based in Toronto, Ontario, Canada. This Privacy Policy explains how we collect, use, and protect your personal information in accordance with Canada's Personal Information Protection and Electronic Documents Act (PIPEDA).

Accountability

Under PIPEDA's accountability principle, the following individual is responsible for our privacy practices:

Name: David Dias
Location: Toronto, Ontario, Canada
Contact: hello@goshuin.com

All questions, concerns, or requests regarding your personal information should be directed to the contact above.

Information We Collect

Account Information

When you create an account, we collect:

Email address
Username you choose
Profile information you optionally provide (bio, avatar)

If you sign in using third-party authentication:

Sign in with Apple: Your name (if you choose to share it), email address (real or Apple's private relay), and a unique Apple user identifier
Sign in with Google: Your name, email address, profile photo, and a unique Google user identifier
Sign in with Facebook: Your name, email address, profile photo, and a unique Facebook user identifier
We do not receive or store your account passwords
We do not access your contacts, posts, or other social data

Biometric Authentication Data

If you enable Face ID or Touch ID for quick sign-in:

Your biometric data (fingerprint or face scan) never leaves your device and is never transmitted to our servers
We only store your authentication credentials (encrypted) locally on your device, protected by Apple's Secure Enclave
Biometric authentication uses Apple's built-in security framework and follows Apple's strict privacy guidelines
We have no access to your biometric information

Location Data

If you use our location-based features, we collect location data as follows:

"When in Use" Permission:

Your current GPS coordinates are used to show nearby temples, provide directions, and enable location-based search
This data is processed locally on your device when possible
Is only collected with your explicit permission
Can be revoked anytime through your device settings

"Always Allow" Permission (Optional):

If you enable proximity notifications, we use iOS background location monitoring (geofencing) to alert you when approaching temples
Your precise location is processed by iOS's region monitoring system and not continuously tracked or stored
This is optional and can be disabled at any time

Location Metadata:

When you contribute photos, we may collect approximate location metadata (city/prefecture level) if included in the photo's EXIF data and if you choose to share it
You can disable this in settings

Important: We do not sell or share your location data with third parties. Location data is used solely to provide app features and improve your experience.

Device & Notification Tokens

If you enable push notifications, we collect:

Your device's push notification token (provided by Apple)
Your notification preferences (which types of notifications you've enabled)
Notification delivery status (whether notifications were successfully delivered)

Notification Service Provider:

Provider: OneSignal, Inc.
Purpose: Delivers push notifications to your device
Data location: United States
Privacy: OneSignal Privacy Policy
Rate limiting: Maximum 1 temple update notification per day to avoid spam

This data is necessary to send you proximity alerts and app updates. You can revoke notification permission at any time through iOS Settings.

Analytics (No Personal Data)

We use privacy-focused analytics that:

Does not use cookies or any client-side storage
Does not collect personal data or track individuals
Does not track across websites or devices
Does not store IP addresses - they are discarded immediately after deriving country-level location

What we collect (aggregated, anonymous data only):

App version, device type, and iOS version
Pages/features used within the app
Session duration and usage patterns
Country (derived from IP, then IP is discarded)

Performance Monitoring

Purpose: Measures app performance and responsiveness
Data location: Global (Vercel infrastructure)
Privacy: Vercel Privacy Policy
Data collected: Anonymous performance metrics (app load times, responsiveness)
No personal data: Does not track individuals or use cookies

TelemetryDeck (iOS Analytics)

Purpose: Privacy-focused analytics for the iOS app
Data location: EU (Germany)
Privacy: TelemetryDeck Privacy Policy
Data collected: Anonymous app usage patterns, feature usage, crash reports
No personal data: Does not track individuals, all data is anonymized
Key point: No cookies, no cross-app tracking, GDPR compliant

PostHog (iOS Feature Flags & Tracking)

Purpose: Feature flag management and product analytics for the iOS app
Data location: United States (PostHog Cloud) or EU (self-hosted)
Privacy: PostHog Privacy Policy
Data collected: Feature usage, user behavior patterns for product improvements
DPA: PostHog DPA

User-Generated Content

When you contribute to Goshuin Atlas, we store:

Photos you upload
Reviews and comments you write
Your goshuin collection data (when using cloud sync)
Pilgrimage progress

Why We Collect This Information

Under PIPEDA, we must identify our purposes before or at the time of collection:

Purpose	Data Used	Legal Basis
Provide your account	Email, username	Contract (account creation)
Display your contributions	Photos, reviews, collection	Contract (service features)
Find nearby temples	Location (temporary)	Consent (you grant permission)
Send proximity alerts	Location, notification tokens	Consent (you enable feature)
Sync across devices	Collection data, preferences	Contract (premium feature)
Improve our service	Anonymous analytics	Legitimate interest
Fix bugs and crashes	Error reports, device info	Legitimate interest
Respond to your inquiries	Contact information	Contract / Consent
Security and fraud prevention	Account activity	Legitimate interest

Data Storage and Security

Local Storage

All your primary goshuin collection data, saved temples, and recently viewed items are stored locally on your device using Apple's SwiftData framework. This data:

Is not accessible to us
Is protected by your device's security measures
Remains on your device even if you delete your account
Can only be removed by deleting the app or resetting your device

iCloud Sync (Premium Feature)

If you enable iCloud sync:

Certain app data is stored in your private iCloud account using Apple's CloudKit framework
This data is encrypted in transit and at rest by Apple's iCloud infrastructure
We do not have access to data stored in your iCloud account
iCloud data is governed by Apple's iCloud Terms and Privacy Policy
You can disable iCloud sync at any time; data will remain on your local device

Server-Side Data

For account-based features and cloud sync, we use:

Supabase (Database & Authentication)
- Purpose: Stores your account data and synced content
- Data location: Tokyo, Japan (Asia region)
- Privacy: Supabase Privacy Policy
- DPA: Supabase DPA

Error Monitoring

To maintain app stability and fix crashes, we use Sentry, a third-party error monitoring service that may collect:

Crash reports and stack traces
Device model, browser version, and OS version
App version and state at time of error
Anonymized user identifier

About Sentry:

Provider: Sentry (Functional Software, Inc.)
Data location: United States
Privacy: Sentry Privacy Policy
Data Processing Agreement: Sentry DPA
Usage: Only in production environment, 5% sampling rate
Data scrubbing: Sensitive headers and URL parameters are filtered before sending

This data is used solely for debugging and does not include personally identifiable information. Error reports are automatically collected but contain no user content.

Security Measures

We protect your information through:

Encryption in transit: All connections use HTTPS/TLS
Secure authentication: Passwords are hashed using industry-standard algorithms
Access controls: Database access is restricted and authenticated
Device-level security: Biometric data protected by Apple's Secure Enclave
Reputable infrastructure: We use established, security-audited services

No system is 100% secure. If we discover a breach that poses a real risk of significant harm, we will notify you and the Office of the Privacy Commissioner of Canada as required by PIPEDA.

Third-Party Services

We use the following services to operate Goshuin Atlas:

Authentication Providers

Sign in with Apple: Apple Privacy Policy. Apple allows you to hide your email address using their Private Email Relay service.
Sign in with Google: Google Privacy Policy. You can manage your Google account permissions at any time.
Sign in with Facebook: Meta Privacy Policy. You can manage your Facebook app permissions at any time.

We only receive the information you authorize these services to share with us.

Map Services

To provide directions, we integrate with Apple Maps, Google Maps, Waze, and other mapping applications installed on your device. When you request directions, your current location (if location services are enabled) and destination are passed to your chosen map application. Their use of this information is governed by their respective privacy policies.

Resend (Email Delivery)

Purpose: Sends transactional and marketing emails on our behalf
Data shared: Email address, name, message content
Data location: United States
Privacy: Resend Privacy Policy
DPA: Resend DPA

We use Resend to deliver:

Transactional emails (account confirmations, password resets)
Marketing emails (newsletters, feature announcements) if you opt in
All emails include an unsubscribe link per CASL requirements

RevenueCat (Subscription Management)

Purpose: Manages in-app purchases and subscription status for iOS app
Data shared: Apple transaction receipts, subscription status, user identifier
Data location: United States
Privacy: RevenueCat Privacy Policy
DPA: RevenueCat DPA

RevenueCat processes subscription data to:

Verify purchase validity with Apple
Sync subscription status across devices
Provide subscription management features (upgrade, downgrade, cancellation)
Generate subscription analytics for business purposes

We do not sell your personal information to anyone.

Cookies and Tracking

What We Use

Since we use privacy-focused analytics, we do not use analytics cookies in our mobile app.

We only use essential local storage for:

Session management: Keeps you logged in
Language preference: Remembers your language choice
App preferences: Remembers your settings (theme, units, etc.)

What We Don't Use

No advertising cookies or trackers
No third-party tracking pixels
No cross-app tracking
No fingerprinting

Marketing Communications

We will not send you marketing or promotional emails unless you have explicitly opted in to receive them through your account settings or during signup.

Transactional emails (account confirmations, password resets, security alerts, service updates) do not require consent and will be sent as necessary to operate your account and keep it secure.

Marketing emails (newsletters, feature announcements, tips, community updates) require your explicit consent under Canada's Anti-Spam Legislation (CASL).

You can unsubscribe from marketing emails at any time by:

Clicking the "unsubscribe" link in any marketing email
Updating your email preferences in your account settings
Contacting us at hello@goshuin.com

Unsubscribing from marketing emails will not affect transactional emails necessary for your account.

Your Rights

For All Users

Regardless of where you live, you can:

Access your personal information
Correct inaccurate information
Delete your account and associated data
Export your data
Withdraw consent at any time

PIPEDA Rights (Canadian Users)

Under PIPEDA, you have the right to:

Know what personal information we hold about you
Challenge the accuracy of your information
Withdraw consent to future use of your information
File a complaint with the Office of the Privacy Commissioner of Canada

Response time: We will respond to access or correction requests within 30 days. If we need more time, we will notify you within that period.

GDPR Rights (EU/EEA Users)

If you are in the European Union or EEA, you have additional rights including:

Right to data portability
Right to object to processing
Right to lodge a complaint with your local Data Protection Authority

CCPA Rights (California Users)

California residents have the right to:

Know what personal information is collected
Request deletion of personal information
Know that we do not sell personal information

Account Deletion

If you decide to delete your account, here's what happens:

Personal Data Deleted

The following personal information will be permanently removed from our servers:

Your profile information (username, display name, bio, avatar)
Your email address and authentication credentials
Your private check-ins, collections, and activity history
Your saved temples and preferences stored in the cloud
Any connections between your account and your contributed content

Community Contributions Anonymized

Photos you uploaded to help the community (temple photos, goshuin images) remain visible to other users but are anonymized, meaning they are no longer linked to your identity. This approach:

Preserves valuable educational and cultural resources for the community
Protects your privacy by removing all personal connections to the content
Complies with GDPR Article 17(3)(e) public interest exceptions
Follows industry standards used by platforms like Reddit, Stack Overflow, and Wikipedia

Anonymized content no longer qualifies as "personal data" under GDPR and CCPA regulations, as it cannot be used to identify you.

Local Data on Your Device

Data stored locally on your device (your goshuincho collections, personal goshuin photos, offline temple data, and check-in history) remains accessible after account deletion. This local data is only removed when you:

Delete the Goshuin Atlas app from your device
Reset your device to factory settings
Manually clear app data through iOS settings

Data Export Before Deletion

Before deleting your account, we strongly recommend exporting your data through the app's settings under "Export Personal Data." This will provide you with a complete copy of:

Your profile information
Your check-ins and activity history
Your goshuin collection metadata
A list of photos you contributed
All other personal data we hold

Data Retention

Active accounts: We retain your data while your account is active
Deleted accounts: Personal data is deleted within 30 days of account deletion
Public contributions: Reviews and photos you've shared publicly may remain visible after account deletion, but will be anonymized (not linked to your name)
Breach records: Kept for 2 years as required by PIPEDA

To delete your account, go to your account settings in the app and follow the deletion process. If you need assistance, contact us at hello@goshuin.com.

International Data Transfers

Business location: Toronto, Ontario, Canada
Database: Tokyo, Japan (Supabase)
CDN: Global edge locations

Your data may be processed in Japan (database) and various countries (CDN). Our service providers maintain appropriate safeguards including Standard Contractual Clauses for international transfers.

Children's Privacy

Goshuin Atlas is not intended for use by children under 13. We do not knowingly collect personal information from children under 13. If you believe we have collected such information, please contact us immediately at hello@goshuin.com.

Changes to This Policy

We may update this Privacy Policy when our practices change or when required by law. For significant changes, we will:

Update the "Last updated" date at the top
Post a notice on our website and in the app
Email registered users if the changes materially affect how we use your data

You are advised to review this Privacy Policy periodically for any changes.

Contact Us

For any privacy-related questions, requests, or complaints:

Email: hello@goshuin.com
Support: goshuinatlas.featurebase.app/help
Response time: We aim to respond within 7 business days, and will fulfill access/correction requests within 30 days as required by PIPEDA

If you are not satisfied with our response, you may file a complaint with the Office of the Privacy Commissioner of Canada.

Sources & References

This policy was written to comply with:

PIPEDA (Canada)
PIPEDA Fair Information Principles
GDPR (EU users)
CCPA (California users)
Apple Platform Security (Biometric data)