Privacy Policy for Microva - microgreens tracker

Effective date: March 17, 2026

Last updated: March 17, 2026

1. Who We Are

This Privacy Policy applies to the Microva - microgreens tracker mobile application (the “App”), which is provided by Rafał Nawojczyk Code of ul. Tęczowe Ogrody 24, 72-005 Warzymice, Poland, email: info@microva.app (“we”, “us”, “our”, or the “Controller”).

If you have any questions about this Privacy Policy or about how we process personal data, you can contact us at info@microva.app.

2. Scope of This Privacy Policy

This Privacy Policy explains how we collect, use, store, disclose, and otherwise process personal data in connection with your use of the App, including when you:

• download, install, access, or use the App,
• create an account or sign in,
• purchase a subscription or other paid feature,
• contact us for support,
• receive service-related messages from us,
• interact with analytics, diagnostics, or other technical features of the App.

3. What Data We Collect

Depending on how you use the App, we may collect and process the following categories of data:

a) Account and identity data

If you create an account or sign in, we may collect:

• your email address,
• your user ID,
• your display name or profile name,
• authentication and session identifiers,
• information received from a third-party sign-in provider, if you use one.

b) Data you provide in the App

We may collect information that you voluntarily enter into the App, such as:

• names of crops, trays, batches, or projects,
• sowing, growth, and harvest dates,
• notes,
• settings and preferences,
• other content you choose to store in the App.

c) Purchase and subscription data

If you purchase paid access, we may collect:

• the selected product or subscription type,
• purchase and entitlement status,
• subscription start and expiry dates,
• transaction-related identifiers,
• app store billing status information,
• information needed to validate your purchase and grant premium access.

If purchases are made through the Apple App Store or Google Play, we do not generally receive your full payment card details. Payments and billing are handled by the relevant app store, and we receive only the information necessary to confirm the purchase and provide the relevant paid access.

d) Technical, usage, and diagnostics data

When you use the App, we may automatically collect certain technical and usage information, such as:

• your device’s IP address,
• device model,
• operating system and version,
• App version,
• device language,
• time zone,
• crash reports,
• error logs,
• diagnostic data,
• pages, screens, or features viewed,
• dates and times of use,
• time spent in the App or on specific screens,
• basic event and analytics data relating to App performance and usage.

e) Contact and support data

If you contact us, we may collect:

• your email address,
• the content of your message,
• the history of our communications,
• information needed to investigate and resolve your request.

f) Location data

The App does not collect precise location data from your device.

g) AI statement

The App does not currently use artificial intelligence technologies to process your personal data or provide AI-based features.

4. Where We Get Data From

We collect personal data:

• directly from you,
• automatically from your device when you use the App,
• from app store and billing providers in connection with purchases,
• from authentication, hosting, analytics, crash reporting, and infrastructure providers we use to operate the App.

5. Why We Process Personal Data and the Legal Bases

We process personal data only where we have a valid legal basis under applicable law.

a) To provide and operate the App

We process data to:

• provide the App’s features,
• save your data and preferences,
• authenticate users,
• sync data across devices where available,
• grant and maintain access to paid features.

Legal basis: performance of a contract, or steps taken at your request before entering into a contract.

b) To manage purchases, subscriptions, and paid access

We process data to:

• verify purchases,
• assign premium entitlements,
• manage renewals, expirations, and lifetime access,
• handle support requests relating to billing or access.

Legal basis: performance of a contract.

c) To maintain security, stability, and improve the App

We process data to:

• detect and fix errors,
• monitor performance and reliability,
• prevent abuse or misuse,
• improve the App and user experience.

Legal basis: our legitimate interests in maintaining the security, reliability, and quality of the App.

d) To provide customer support and service communications

We process data to:

• respond to your messages,
• investigate issues,
• send important service notices and account-related communications.

Legal basis: performance of a contract, compliance with legal obligations, or our legitimate interests in supporting users and operating the App.

e) To send marketing communications

Where permitted by law, we may send you information about updates, offers, or promotions relating to the App.

Legal basis: your consent, where consent is required, or our legitimate interests where permitted by law.

You can opt out of marketing communications at any time by using the unsubscribe option, adjusting your settings where available, or contacting us at info@microva.app.

f) To comply with legal obligations and protect our rights

We may process data where necessary to:

• comply with applicable laws, regulations, court orders, or lawful requests,
• maintain accounting and tax records,
• establish, exercise, or defend legal claims,
• investigate fraud, security incidents, or violations of our terms.

Legal basis: compliance with a legal obligation and, where applicable, our legitimate interests.

6. Third-Party Services and Sharing of Data

We may share personal data with service providers who process data on our behalf and only to the extent necessary to provide their services.

Depending on the actual configuration of the App, these recipients may include:

• Apple or Google, for app store infrastructure, billing, and purchase processing,
• RevenueCat, for subscription and purchase status management,
• Sentry, for crash reporting and diagnostics,
• Supabase, for authentication, backend, and database services,
• PostHog, for analytics and product usage insights,
• Expo and providers of technical infrastructure used to operate the App,
• professional advisers, hosting providers, and other service providers acting on our instructions,
• public authorities, courts, regulators, or law enforcement where disclosure is required by law or necessary to protect rights, safety, or security.

We may also disclose information:

• if required by law, subpoena, court order, or other legal process,
• if we believe in good faith that disclosure is necessary to protect our rights, your safety, the safety of others, investigate fraud, or respond to a lawful government request,
• in connection with a merger, acquisition, financing, reorganisation, or sale of assets, subject to appropriate safeguards.

We do not share personal data with third parties for their own independent use except as described in this Privacy Policy or where required by law.

7. Third-Party Privacy Policies

The App may use third-party services that have their own privacy policies. You should review those policies separately where relevant.

Examples may include:

• Apple App Store: https://www.apple.com/legal/privacy/
• Google Play / Google: https://policies.google.com/privacy
• RevenueCat: https://www.revenuecat.com/privacy
• Sentry: https://sentry.io/privacy/
• Supabase: https://supabase.com/privacy
• PostHog: https://posthog.com/privacy
• Expo: https://expo.dev/privacy

Keep only the services you actually use.

8. International Data Transfers

Some of our service providers may process personal data outside the European Economic Area or your country of residence. Where this happens, we take reasonable steps to ensure that appropriate safeguards are in place, including, where required, standard contractual clauses or other lawful transfer mechanisms.

9. Data Retention

We retain personal data only for as long as necessary for the purposes described in this Privacy Policy, including:

• account and App data: for as long as you use the App or maintain an account, and for up to 90 days thereafter where reasonably necessary for backups, dispute handling, and deletion processing,
• purchase and subscription data: for as long as necessary to manage paid access, refunds, complaints, accounting, tax obligations, and legal claims,
• technical, analytics, and diagnostics data: typically for up to 24 months, unless a shorter or longer period is required for security, troubleshooting, or legal reasons,
• support correspondence: for as long as necessary to resolve your request and typically for up to 24 months thereafter, unless a longer retention period is required by law or needed for legal claims.

We may retain certain information for longer where required by law or where necessary to establish, exercise, or defend legal claims.

10. Your Rights

Depending on your location and applicable law, you may have the right to:

• request access to your personal data,
• request correction of inaccurate or incomplete data,
• request deletion of your personal data,
• request restriction of processing,
• request portability of your personal data,
• object to processing based on legitimate interests,
• withdraw consent at any time where processing is based on consent,
• lodge a complaint with a competent supervisory authority.

To exercise your rights, please contact us at [contact email]. We may need to verify your identity before responding to your request.

If you are located in Poland, you may also lodge a complaint with the President of the Personal Data Protection Office (UODO).

11. Opt-Out, Uninstall, and Deletion

You can stop further collection of data by the App by uninstalling it using the standard uninstall process available on your device or through the relevant app marketplace.

Please note:

• uninstalling the App does not automatically delete data already stored on our systems,
• uninstalling the App does not automatically cancel an active subscription billed through Apple App Store or Google Play,
• if you want us to delete your personal data, you can contact us at info@microva.app, and we will handle your request in accordance with applicable law.

12. Children’s Privacy

The App is not directed to children under the age of 13, and we do not knowingly collect personal data from children under 13 without the involvement of a parent or legal guardian where required by applicable law.

If we become aware that we have collected personal data from a child under 13 in violation of applicable law, we will take reasonable steps to delete that data.

If you are a parent or guardian and believe that a child has provided us with personal data, please contact us at info@microva.app.

13. Security

We use reasonable technical and organisational measures designed to protect personal data against unauthorised access, loss, misuse, destruction, or unauthorised alteration.

However, no method of transmission over the internet or electronic storage is completely secure, and we cannot guarantee absolute security.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we do, we will post the updated version in the App, on our website, or in another appropriate location, and we will update the “Last updated” date above.

Where required by law, we will provide additional notice of material changes.

15. Contact Us

If you have any questions about this Privacy Policy or about our privacy practices, please contact us at:

Rafał Nawojczyk Code

ul. Tęczowe Ogrody 24, 72-005 Warzymice, Poland

info@microva.app