Privacy Policy — Pik-A-Spot

Effective date: March 2, 2026

GoldenK Tech ("we," "our," or "us") built Pik-A-Spot as a free mobile application. This page informs you of our policies regarding the collection, use, and disclosure of information when you use our app and the choices you have associated with that information.

We take your privacy seriously. Pik-A-Spot is designed to be fully anonymous — we do not require you to create an account, and we do not collect your name, email address, or any other personally identifying information.

1. Information We Collect

a) Location Data

When you use Pik-A-Spot, we request permission to access your device's approximate or precise location. This is used exclusively to find restaurants near you. Location data is:

Sent to our backend only at the moment you complete a swipe session
Used to query a restaurant search API (Foursquare)
Never stored in a database linked to your identity
Never shared with advertisers or third parties for targeting purposes

If you deny location permission, you may enter a zip code in Settings as a fallback. That zip code is stored only on your device.

b) Device Identifier

We generate a random, anonymous device identifier and store it locally on your device using encrypted secure storage. This identifier is sent to our backend solely to enforce a burst rate limit (3 sessions per 5 minutes) that prevents automated abuse and controls costs. It is not linked to your identity, not shared with third parties, and is stored on our servers only as an anonymous session log that auto-expires.

c) Usage and Analytics Data

We use Google Firebase Analytics to collect anonymous app-usage data, including:

Which screens you visit and how long you use the app
Swipe actions (right/left) — counted as aggregate events, not linked to individual images or your identity
App session start and end events
Crash reports via Firebase Crashlytics
Performance traces via Firebase Performance Monitoring

This data is collected in aggregate and anonymized. We use it to improve app stability and understand general usage patterns. Firebase is operated by Google LLC. See Firebase Privacy.

d) Advertising Data (AdMob)

Pik-A-Spot displays ads served by Google AdMob. AdMob may collect and use your device's advertising identifier (GAID on Android, IDFA on iOS) and other non-personal signals (device type, general location) to serve relevant ads. We do not control this data collection.

You can opt out of interest-based advertising in your device settings:

Android: Settings → Google → Ads → Opt out of Ads Personalization
iOS: Settings → Privacy & Security → Tracking → disable ad tracking

See Google Advertising Policy.

2. Information We Do Not Collect

We do not collect:

Your name, email address, phone number, or any account credentials
Photos, camera, or microphone access
Contacts, calendar, or files on your device
Precise GPS coordinates stored in our database
Payment information of any kind

3. How We Use Information

Data	How it is used	Retained?
Location (lat/lng)	Query nearby restaurants via Foursquare API	Not stored
Zip code	Fallback location — geocoded to coordinates locally	On-device only
Anonymous device ID	Enforce burst rate limit (3 sessions / 5 min)	Anonymized session log; auto-expires
Firebase Analytics events	Understand usage, improve stability	Retained by Google per their policy
Crash logs (Crashlytics)	Debug and fix app crashes	Retained by Google per their policy
Ad identifier (GAID/IDFA)	Serve ads via AdMob	Managed by Google

4. Third-Party Services

Pik-A-Spot relies on the following third-party services, each with their own privacy policies:

Supabase Our backend database and serverless functions platform. Anonymous session rate-limit records and food image metadata are stored here. No personal data is stored. supabase.com/privacy

Foursquare Places API Restaurant search API. We send your current coordinates and search terms to Foursquare to retrieve nearby restaurant results. Foursquare may log API requests per their own policies. foursquare.com/legal/privacy

Google Firebase (Analytics, Crashlytics, Performance) Anonymous usage analytics and crash reporting provided by Google LLC. firebase.google.com/support/privacy

Google AdMob In-app advertising provided by Google LLC. Subject to Google's data practices. policies.google.com/privacy

5. Data Security

We use commercially reasonable technical measures to protect the information we handle. The anonymous device identifier is stored using encrypted secure storage on your device. All communication between the app and our backend is encrypted in transit via HTTPS/TLS.

No method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security, but we minimise risk by collecting only the minimum data necessary to operate the app.

6. Children's Privacy

Pik-A-Spot is not directed to children under the age of 13. We do not knowingly collect any personally identifiable information from children. If you are a parent or guardian and believe your child has provided us with information, please contact us and we will take steps to delete it.

7. Your Rights and Choices

Location access: You can revoke location permission at any time in your device settings. The app will fall back to zip code mode.
Ad personalization: Opt out via your device's ad settings (see Section 1d above).
Analytics opt-out: Firebase Analytics can be limited via your device's "Limit Ad Tracking" or "Opt out of Ads Personalization" setting.
Favorites and settings: All locally stored favorites and settings (zip code, like limit, dietary filters) can be cleared from the Settings screen inside the app.
Data deletion: Since we hold no personal data linked to your identity, there is nothing to delete on our end. Anonymous session rate-limit records expire automatically. To request deletion of any data, contact us at the address below.

8. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the effective date at the top. Changes are effective immediately upon posting. We encourage you to review this policy periodically.

9. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us:

GoldenK Tech Email: support@goldenktech.org