PRIVACY POLICY

← Back to Portfolio

This Privacy Policy describes how Shawn Delaine Bellazan and Tooensure LLC ("we," "us," or "our") collect, use, and protect information in connection with our mobile applications and websites, including Go-To Transit and any other apps published under the Tooensure LLC developer account.

We are committed to protecting your privacy. This policy is written to comply with Google Play Store requirements, GDPR, CCPA, and applicable US state privacy laws.

1. Information We Collect

Information You Provide Directly

When you create an account or use our apps, we may collect:

• Email address (for account creation and authentication)
• Display name or username (optional)
• Payment information (processed securely by Google Play Billing — we never store card data)

Information Collected Automatically

When you use our apps, we may collect:

• Device information: device model, operating system version, unique device identifiers
• Usage data: features accessed, session duration, in-app actions
• Crash reports: collected automatically through Google Play Services to help us fix bugs
• Location data: only when you explicitly grant permission (see Permissions section)

Information We Do NOT Collect

• We do not collect your contacts, messages, or call history
• We do not access your camera or microphone without explicit in-app action
• We do not collect biometric data
• We do not build advertising profiles

2. How We Use Information

We use collected information to:

• Provide, maintain, and improve app functionality
• Process in-app purchases securely through Google Play Billing
• Authenticate your account via Firebase Authentication
• Sync your data across devices when you're signed in
• Diagnose crashes and technical issues
• Respond to your support requests
• Send important service notifications (not marketing emails unless you opt in)

We do not sell your personal information to third parties. We do not use your data for advertising targeting.

3. Data Sharing

We may share information only in the following circumstances:

• Service providers: Firebase (Google) for authentication and real-time data sync, operating under Google's data processing terms
• Google Play Billing: payment processing (we never receive or store your card details)
• Legal requirements: if required by law, court order, or to protect user safety
• Business transfer: in the event of a merger or acquisition, with prior notice to users

We do not share your data with data brokers, advertising networks, or analytics companies beyond crash reporting through Google Play Services.

4. App Permissions

Go-To Transit — Metro Transit App

• Location (Foreground only, optional): Used to show nearby transit stops and routes. We request this only when you use the map or nearby-stops feature. We do not collect or store location data in the background. You can deny this permission and still use ticket purchasing features.
• Internet: Required to load transit schedules, sync your purchased tickets, and process payments.
• Billing: Required to process in-app purchases via Google Play Billing.
• Storage / Offline Access: Used to store your tickets locally so they remain accessible when you are offline or in areas with poor connectivity.
• Camera (optional): Used only if you choose to scan a QR code. Not accessed otherwise.

5. Data Retention

We retain your account data for as long as your account is active or as needed to provide services. If you delete your account, your personal data is deleted within 30 days, except where we are required to retain it for legal or tax purposes.

Locally-stored data on your device (offline tickets, cached schedules) can be cleared at any time by uninstalling the app or clearing app data in your device settings.

6. Security

We take reasonable technical and organizational measures to protect your information, including:

• HTTPS/TLS encryption for all data in transit
• Firebase Security Rules to restrict database access to authenticated users only
• No storage of plaintext passwords (handled entirely by Firebase Authentication)
• Regular review of third-party service security practices

No method of transmission over the internet is 100% secure. We cannot guarantee absolute security, but we continuously work to protect your data.

7. Children's Privacy

Our apps are not directed at children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us immediately and we will delete it.

8. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

• Access: Request a copy of the data we hold about you
• Correction: Request correction of inaccurate data
• Deletion: Request deletion of your account and associated data ("right to be forgotten")
• Portability: Request your data in a machine-readable format
• Opt-out: Opt out of any non-essential data collection
• California residents (CCPA): You have the right to know what data is collected, to delete it, and to opt out of sale (we do not sell data)

To exercise any of these rights, contact us at shawn2024bellazan@gmail.com.

9. Third-Party Services

Our apps use the following third-party services, each governed by their own privacy policies:

• Google Firebase — Authentication, Firestore database, Analytics: firebase.google.com/support/privacy
• Google Play Billing — In-app purchases: Google Play Terms
• Google Play Services — Crash reporting, device integrity: Google Privacy Policy

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by updating the "Last Updated" date at the top of this page, and where applicable, via an in-app notification or email. Your continued use of our apps after changes are posted constitutes acceptance of the updated policy.

11. Contact Us