SpecDock Privacy Policy
1. Controller
SpecDock is provided by its individual developer ("we", "us", "our"). Contact: specdock.contact@gmail.com. For privacy reasons the developer's name and address are not published on this page; they will be disclosed without delay upon request, as described in the Japanese commercial-transactions disclosure (特定商取引法に基づく表示).
2. Your documents are not sent to our cloud
Document contents, review comments, and review state sync only between your iPhone and the review-server running on your own Mac, over TLS with certificate pinning. We do not transmit them to any developer-operated sync cloud or third party. (No method guarantees absolute security.)
3. Data we and our processors handle
For billing and entitlement management we handle:
- an anonymous UUID (issued by Supabase anonymous authentication; not linked to your name or email);
- purchase and subscription data (purchase history and subscription status via RevenueCat / Apple);
- a device identifier (IDFV; not an advertising identifier; used by the RevenueCat SDK for billing infrastructure);
- access logs (IP address, timestamps, and similar transmission metadata); and
- anything you voluntarily send to support (email body, diagnostics).
The anonymous ID, purchase data, and device identifier above correspond to the items we declare on Apple's App Privacy label as data collected (Linked to the user / for App Functionality / not used for tracking).
4. Purposes & legal bases (GDPR Art. 6)
Providing paid features (performance of a contract); fraud prevention and usage limits (legitimate interest); legal compliance (legal obligation); optional diagnostics (consent).
5. Processors / disclosure
We rely on RevenueCat, Inc. (billing infrastructure), Supabase Inc. (authentication and database), and Apple Inc. (payments and distribution), each within the purposes above. We do not sell or share personal information.
6. International transfers
RevenueCat / Supabase servers may be located outside your country (e.g., the United States). We rely on Standard Contractual Clauses (SCCs) or other valid transfer mechanisms.
7. Retention & deletion
Billing and entitlement records are kept for as long as legally required. This app has no user-created account and no login, so on-device and backend data are removed as follows. On-device cache, operation logs, and the anonymous session can be removed through in-app actions: clearing the in-app cache; unpairing; or deleting the app. To delete your backend anonymous ID and billing records, contact us at specdock.contact@gmail.com and we will delete them on your behalf.
8. Your rights
Access / rectification / erasure / restriction (GDPR); the right to know / delete / opt out (CCPA / CPRA — we do not sell or share). Because the ID is anonymous, identification may be difficult (GDPR Art. 11); please include the relevant ID when you contact us.
9. Children
This app is not directed to children under 13.
10. Changes
We may update this policy. We will post material changes in the app or on this page.