Privacy Policy for Kiroku
Last Updated: June 10, 2026
This Privacy Policy ("Policy") applies to the Kiroku mobile application ("Kiroku" or the "App"). The operator of Kiroku, identified in the Contact Us section below, is the data controller for the purposes of the General Data Protection Regulation ("GDPR"). This Policy describes how we collect, use, process, and disclose your personal data.
Kiroku is a tool for tracking and reflecting on your own alcohol consumption. We process your data to provide that awareness and harm-reduction functionality. We never use your data to encourage you to drink.
This website (kiroku.cz) does not use cookies, analytics, or other tracking technologies. The only identifiers we process are those used inside the mobile App and described in this Policy.
1. Information We Collect
a. Account and authentication data
- Your email address and, depending on how you sign in, basic profile information from your chosen provider. You can create an account with an email address and password, with Google Sign-In, or with Sign in with Apple.
- Authentication is handled by Google Firebase Authentication, and your account record is stored in the Firebase Realtime Database.
b. Profile data
- Your first name, last name, display name, and username.
- A profile photo, if you choose to upload one. Profile photos are stored in Firebase Storage. Your profile information (including your display name, username, and photo) is visible to other signed-in users of the App, including the friends you connect with.
c. Drinking session data (sensitive)
When you log a drinking session, we process the information you enter, which may include:
- Session date, start time, and timestamps;
- The number and type of drinks and their standardized units;
- Free-text notes you add to a session;
- A "blackout" indicator, if you set one;
- Your device timezone, so sessions are recorded at the correct local time.
This information relates to your alcohol consumption and is the most sensitive data the App handles. We treat it accordingly. See Legal Bases for Processing for how we rely on your consent to process this category of data.
d. Location data (optional, opt-in)
The App can optionally tag each drink you record during a live session with your precise GPS location, so you can later see where a session took place.
- Off by default. Location tracking is collected only if you turn on the in-app preference ("track location during sessions") and grant the operating system's location permission. If you do nothing, no location data is collected.
- What is collected. The precise GPS coordinates captured at the moment you record a drink during a live session, with a timestamp.
-
Where it is stored. In the Firebase Realtime
Database, under
user_session_locations/{uid}/{sessionId}/{timestamp}, associated with your account identifier. - How to delete it. You can erase all of your stored location history at any time in the App from Settings → Privacy → "Clear location history". You can also stop further collection by turning the preference off or revoking the location permission.
e. Friends and social connections
- Your friend list, friend requests you send or receive, and any nicknames you assign to friends.
- Visibility of your sessions to friends. Your drinking sessions and the statistics derived from them are visible to the friends you connect with — by default, to all of your friends. You can hide your sessions from all friends in Settings → Privacy, or from individual friends in that friend's management options, at any time.
- Friends can also see presence information about you: when you were last online and whether you currently have a session in progress.
f. App preferences and usage data
- Your in-app preferences and settings, such as theme, language and locale, units, and first day of the week.
- Your onboarding progress and your last-online status, used to operate the App and remember your choices across sessions and devices. Your last-online status is visible to your friends (see Data Sharing and Disclosure).
g. Subscription and purchase data
If you purchase a Kiroku Supporter subscription, we process limited purchase data through RevenueCat. This is described in Payments and Subscription Management.
h. Device identifiers and push notifications
- A device identifier (a randomly generated GUID) that is assigned to your installation of the App. It persists across sign-outs and is used to manage push-notification preferences for your device.
- If you opt in to push notifications, a push token issued by the operating system, so we can deliver the notifications you requested. Push notifications are opt-in and you can turn them off at any time in the App or in your device settings.
i. Crash and performance diagnostics
- We use Google Firebase Crashlytics to record crash reports and diagnostic information (such as the type of crash, device model, operating system version, and a stack trace) when the App stops working as expected, and Google Firebase Performance Monitoring to collect performance metrics (such as app start time and network request timing). These diagnostics are associated with your account identifier so we can investigate issues affecting your account.
- Diagnostics collection is gated behind a build flag and a user preference, so it is not active in every build or for every user. You can turn diagnostics off at any time in the App's settings.
2. How We Use Your Data
Your data is used for the following purposes:
- To create and maintain your account and authenticate you.
- To provide the App's core functionality, including recording and displaying your drinking sessions and statistics.
- To operate social features, such as friend connections and friend requests.
- To show your drinking sessions, statistics, and online presence to the friends you connect with, subject to your visibility settings (see Data Sharing and Disclosure).
- To manage subscriptions and supporter benefits.
- To send push notifications you have opted in to receive.
- To tag your drinking sessions with location, if you have opted in to location tracking.
- To diagnose crashes, monitor performance, maintain security, and improve the stability of the App.
- To communicate with you about service updates or customer-support inquiries.
- To send you marketing communications, such as product news, tips, and occasional updates about Kiroku, where you have opted in to receive them. You can withdraw this consent at any time, either in the App's settings or via the unsubscribe link in every such email.
We do not use your personal data for automated decision-making or profiling that produces legal or similarly significant effects for you (Art. 22 GDPR).
3. Legal Bases for Processing
Under the GDPR we rely on the following legal bases:
- Performance of a contract (Art. 6(1)(b)) — for account, profile, social, and subscription data that is necessary to provide the App you have asked to use.
- Consent (Art. 6(1)(a), and Art. 9(2)(a) for data concerning your alcohol consumption) — your drinking session data is provided voluntarily by you and may reveal information about your health. We process it on the basis of the explicit consent you give by choosing to log it. If you connect with friends, your sessions are also made visible to them on the same consent basis, subject to the visibility controls described in Information We Collect — you can hide your sessions from all friends or from individual friends at any time. You can withdraw this consent at any time by deleting your sessions or your account; withdrawal does not affect processing carried out before withdrawal.
- Consent (Art. 6(1)(a)) — for push notifications and for location tracking, both of which are opt-in. You can withdraw either at any time in the App's settings.
- Consent (Art. 6(1)(a)) — for marketing emails (product news, tips, and occasional updates about Kiroku), which are opt-in. We send them only if you have given consent, and you can withdraw it at any time in the App's settings or via the unsubscribe link in every marketing email. Withdrawal does not affect processing carried out before withdrawal.
- Legal obligation (Art. 6(1)(c)) — for the retention of purchase and transaction records that we must keep under applicable accounting and tax legislation (see Data Retention).
- Legitimate interests (Art. 6(1)(f)) — for crash and performance diagnostics and security, to keep the App stable and secure. You can object to this processing, and you can turn diagnostics off in the App's settings.
4. Payments and Subscription Management
If you purchase a subscription inside the App, payment is processed by Apple (App Store) or Google (Google Play). We do not receive your payment card details. We use RevenueCat, Inc. ("RevenueCat") as a service provider to manage subscription entitlements and to receive purchase events from the stores.
In this context the following data is processed:
- A RevenueCat app user ID, set to your Kiroku (Firebase) account identifier, used to associate purchases with your account.
- Anonymized device and platform identifiers (such as the platform IDFV on iOS or an installation ID on Android) provided by the operating system or by RevenueCat's SDK.
- Purchase and subscription events from Apple and Google, including product identifier, store transaction ID, purchase and expiration dates, renewal and cancellation status, country of the store account, and the currency and price of the transaction.
This data is used to grant and revoke subscription entitlements, prevent fraud, and provide customer support. For details on RevenueCat's processing, see RevenueCat's privacy policy at revenuecat.com/privacy.
5. Third-Party Service Providers
We rely on the following processors and sub-processors, who process personal data on our behalf under appropriate agreements:
- Google Ireland Limited / Google LLC (Firebase) — Firebase Authentication (sign-in), Firebase Realtime Database (account, profile, session, location, and social data), Firebase Storage (profile photos), Firebase Crashlytics (crash diagnostics), and Firebase Performance Monitoring (performance diagnostics). Our own backend service (api.kiroku.cz), which enforces the App's privacy and visibility rules, also runs on Google's cloud infrastructure.
- RevenueCat, Inc. — subscription entitlement management and purchase events, as described above.
- Pusher Ltd — real-time delivery of in-app events, such as friend and session updates. Event payloads may include your account identifier and the content of the update, and are processed on Pusher's EU cluster. Pusher Ltd is established in the United Kingdom.
- Apple Inc. and Google LLC — payment processing for in-app purchases via the App Store and Google Play.
6. Data Sharing and Disclosure
We do not sell your personal data. We may share your data with:
- The third-party service providers listed above, who process data on our behalf.
- Other users of the App: your profile information (display name, username, and photo) is visible to other signed-in users, and your drinking sessions, statistics, and presence information (when you were last online and whether a session is in progress) are visible to the friends you connect with — by default, to all of your friends. You can hide your sessions from all friends in Settings → Privacy, or from individual friends, at any time.
- A successor operator, if the App or our business is transferred or assigned (see our Terms of Service). The successor remains bound by this Policy, and we will notify you of any change of controller.
- Legal authorities when required by law.
7. Your Rights
Under the GDPR, you have several rights regarding your personal data:
- Access: You can request a copy of your personal data.
- Rectification: If you believe any of your data is inaccurate, you can request to have it corrected.
- Erasure: You can request to have your data deleted. You can also delete your account directly in the App (in your account settings), which removes your account and associated data. See our account deletion page for step-by-step instructions.
- Restriction: You can ask us to restrict how we use your data.
- Objection: You can object to our use of your data, including processing based on legitimate interests.
- Data Portability: You can request a copy of your data in a format that's easy to move from one service to another.
- Withdraw consent: Where we rely on your consent (including for drinking session data and push notifications), you can withdraw it at any time.
- Lodge a complaint: You have the right to lodge a complaint with a supervisory authority. In the Czech Republic this is the Office for Personal Data Protection (Úřad pro ochranu osobních údajů, uoou.cz).
To exercise any of these rights, contact us using the details in the Contact Us section.
8. Data Retention
We retain different categories of data for different periods:
- Account, profile, drinking-session, and social data — kept while your account is active, and deleted or anonymized when you delete your account (in the App or by request).
- Location history — kept until you delete it via Settings → Privacy → "Clear location history", or until you delete your account.
- Subscription and purchase records — retained for as long as required by applicable accounting and tax law (in the Czech Republic, this can be up to 10 years).
- Crash and diagnostic data — retained by Firebase Crashlytics for approximately 90 days.
- Push tokens — removed when you disable notifications or sign out.
- The device identifier (GUID) — persists on your device across sign-outs until you delete the App; copies stored on our servers are removed when you delete your account.
Residual copies may remain in encrypted backups for a limited period after deletion before being overwritten.
9. Security
We implement appropriate technical and organizational measures to protect your personal data from unauthorized access, use, or disclosure.
If a personal data breach occurs, we will handle it in accordance with Articles 33 and 34 GDPR — notifying the Czech supervisory authority (ÚOOÚ) within 72 hours where required, and informing you without undue delay if the breach is likely to result in a high risk to your rights and freedoms.
10. Children's Privacy
Our App is not intended for individuals under 18 years old. We do not knowingly collect or solicit data from children under 18.
11. International Data Transfers
Some of our service providers may process your personal data outside the European Economic Area. Google LLC and RevenueCat, Inc. may process data in the United States; both are certified under the EU-U.S. Data Privacy Framework, and we rely on that adequacy decision and, as a fallback, on the European Commission's Standard Contractual Clauses. Pusher Ltd processes data on servers in the EU but is established in the United Kingdom, which is covered by a European Commission adequacy decision.
12. Changes to This Policy
We may update our Privacy Policy from time to time. We will post the updated Policy on this page and update the "Last Updated" date. If the changes are material — for example, if we start processing new categories of data or processing data for new purposes — we will also notify you in the App reasonably in advance of the changes taking effect.
13. Contact Us
If you have any questions or concerns about this Privacy Policy, please contact us at:
Operator: Petr Čala, Všemina 251, 763 15 Všemina
Business ID (IČO): 08000131
Not a VAT payer.
Kiroku