Privacy Policy

Effective: May 25, 2026  ·  Last updated: May 25, 2026

MVPPrices ("we", "us", "our") operates the MVPPrices mobile app and website at mvpprices.com (the "Service"). This policy explains what data we collect, why, how we use it, and the choices you have.

We designed the Service to need as little personal information as possible. We do not sell your personal data and we do not use it to target advertising.

1. Information we collect

1.1 Account information

When you sign in, we receive the following from your identity provider (Google, Apple, or email/password sign-up):

• Email address — used to identify your account and send transactional messages.
• Display name and profile photo (Google / Apple Sign-In only) — shown alongside posts you create in the app's social feed.
• Provider user ID — an opaque identifier from Google or Apple used to link sign-ins to your account.

Authentication is handled by Firebase Authentication (Google LLC).

1.2 Location data

If you grant the Location permission, we use your precise GPS coordinates at the moment you open price-comparison features in order to:

• Find nearby gas stations, grocery stores, restaurants, and bars.
• Estimate rent prices for your area.
• Show the closest store offering the best price for an item.

We do not track your location continuously, in the background, or after you close the app. Each location lookup happens on-demand and the coordinates are not stored on our servers beyond the immediate request.

1.3 Camera and photos

The Service uses your camera and photo library only when you actively choose to:

• Scan a product barcode to look up nutrition or price information.
• Scan a paper receipt to add items to your grocery list.
• Attach a photo to a feed post or profile.

Photos you attach to posts are uploaded to Firebase Storage. Scanned barcodes are sent to the Open Food Facts public database to retrieve product details; the barcode itself is not personally identifying. Receipts are processed locally on your device and the parsed item names — never the raw image — are saved to your list.

1.4 Content you create

If you use the social feed or maintain a grocery list, we store the posts, comments, likes, and list items you create. This content is associated with your account.

1.5 Device and diagnostic information

We collect standard diagnostic data through Firebase: device model, operating system version, app version, language, crash reports, and a Firebase-generated installation ID. We use this strictly to debug crashes and improve performance.

2. Third-party services we use

The Service relies on the following third parties. Each receives only the data necessary to perform its function.

• Firebase (Google LLC) — authentication, database, storage, push notifications, crash reporting. Privacy policy
• Google Cloud Platform (Google LLC) — hosts our backend API in Iowa, USA. Privacy notice
• Cloudflare, Inc. — content delivery and DNS. Receives IP address for routing. Privacy policy
• Kroger Co. Developer API — receives a ZIP code or latitude/longitude to return grocery prices. Privacy policy
• Yelp, Inc. (Yelp Fusion API) — receives latitude/longitude to return restaurant and bar listings. Privacy policy
• Open Food Facts — receives barcode lookups; no user identifier is sent. Privacy policy
• U.S. Department of Housing and Urban Development (HUD) — Fair Market Rent dataset; public data, no user data sent.
• U.S. Energy Information Administration (EIA) — weekly gas-price dataset; public data, no user data sent.
• Rentcast.io — receives ZIP code or address to return rental estimates. Privacy policy

3. How we use your information

• To provide and operate the Service (sign you in, show you prices for your area, save your list).
• To prevent fraud and abuse (rate-limiting, account integrity).
• To debug crashes and improve reliability.
• To communicate with you about important changes to the Service.

We do not:

• Sell, rent, or trade your personal data to third parties.
• Use your data to target advertising inside or outside the app.
• Build advertising profiles based on your behavior.
• Share your data with data brokers.

4. Data retention

We keep your account information for as long as your account exists. Content you create (posts, comments, list items) is kept until you delete it or your account. Diagnostic and crash data is retained by Firebase for up to 90 days.

When you delete your account (see Section 6), we delete your personal information from our active systems within 30 days. Backups containing your data are overwritten within 90 days.

5. Children's privacy

The Service is not directed to children under 13. We do not knowingly collect personal information from anyone under 13. If you believe a child has provided us with personal information, contact us at the email below and we will delete it.

6. Your rights

You have the right to:

• Access the personal information we hold about you.
• Correct inaccurate or incomplete information.
• Delete your account and associated data. You can do this in-app under Profile → Settings → Delete Account, or by emailing us.
• Export a copy of your data in a machine-readable format.
• Withdraw consent at any time for camera, photos, or location by revoking the permission in your device settings.

Residents of California (CCPA/CPRA), the European Economic Area (GDPR), and the UK (UK-GDPR) have additional rights including the right to object to processing and to lodge a complaint with their supervisory authority. We respond to all valid requests within 30 days.

7. Security

We protect your data with industry-standard measures: HTTPS/TLS for all network traffic, Firebase Authentication for identity, Firestore security rules for data access, encrypted secrets in Google Secret Manager, and rate-limiting against abuse. No method is 100% secure; if we become aware of a breach affecting your data, we will notify you and the relevant authorities as required by law.

8. International transfers

Our backend is hosted in the United States (Iowa). If you use the Service from outside the U.S., your information will be transferred to and processed in the U.S., which may have different data-protection laws than your country.

9. Changes to this policy

We may update this policy from time to time. We will post the new policy on this page and update the "Last updated" date above. Material changes will be notified in-app or by email.

10. Contact

Questions, requests, or complaints: henockbdev@gmail.com

This policy is provided as a starting point and does not constitute legal advice. You should have an attorney review it for your specific jurisdiction and business needs before launch.