Propina³ Privacy Policy

by García³ Apps
Effective Date: August 12, 2025

This Privacy Policy describes how García³ Apps ("we", "us" or "our") collects, uses and shares information in relation to your use of our mobile application Propina³ (the "App").

By using the App, you agree to the collection and use of information in accordance with this policy.

Consent for Tracking Technologies

For Mobile Apps: Unlike websites, mobile applications do not require traditional cookie banners. However:

  • iOS: The app will request your explicit consent through the ATT (App Tracking Transparency) dialog before accessing your IDFA for personalized advertising
  • Android: You can control advertising personalization from your device settings at any time
  • First installation: When you install and open the app for the first time, this is considered implicit consent for basic functionalities (non-advertising)

If you change your mind about advertising tracking, you can modify your consent by following the instructions in Section 4.

Contact

If you have any questions about this Privacy Policy, you can contact us at:

Data Controller:

García³ Apps
Controller: Juan Antonio García Guillén
Email: support@garcia3apps.com
Website: https://garcia3apps.com
Address: Supermanzana 1, Manzana 35, Edificio 1, Departamento B
U. Hab. Ejército Constitucionalista
09220 Iztapalapa, Mexico City, Mexico

Data Protection Officer

Given the limited volume of personal data processing and the nature of our application, García³ Apps is not required to designate a Data Protection Officer (DPO) under the GDPR. However, our Privacy Officer handles all data protection inquiries through the main contact email.

1. Information We Collect

To improve and provide our services, we collect the following information:

a) Information You Create in the App

  • App Data: The information you generate and save within the App, such as saved accounts in the "Saved Accounts" section. Important: This data is stored exclusively locally on your device and is not transmitted or stored on our servers.
  • Screenshots and Shared Content: If you use the sharing feature, the app may generate an image (screenshot) of the current calculation to be shared. This image is processed on your device and passed directly to your operating system's native sharing menu (iOS or Android). We do not store these images or track who or through which application you share them with.

b) Information Automatically Collected

When you use our App, we automatically collect certain information to display ads and ensure the proper functioning of premium features.

  • Advertising and Device Identifiers:
    • For Advertising: We collect the Advertising Identifier (IDFA on iOS and AAID on Android) to display personalized ads through Google AdMob.
    • For Functionality: We collect unique device identifiers (such as the Android ID) to securely manage and sync your in-app purchases (for example, to restore the "Remove Ads" purchase on a new device).
  • Application Information: We collect technical metadata from the application such as the app name, version, build number and package name. This information is used solely for internal app functionalities such as displaying version information in settings.
  • Purchase Information: If you make an in-app purchase (such as the "Remove Ads" option), we access the status of that purchase through Google Play or App Store services to verify it and provide you with the corresponding service (disable advertising). We do not store sensitive payment information such as credit card numbers.
  • Location Information: The App does NOT collect or access your geographical location. All calculations are completely local.
  • Analytics and Telemetry: The App does NOT use additional analytics services such as Firebase Analytics, Crashlytics or other telemetry tools. We do not collect detailed usage data or automatic error reports.

2. How We Use Your Information

We use the collected information for the following purposes:

  • To Provide and Maintain the App: To offer the basic tip calculator functionalities and save your accounts locally.
  • To Display Advertising: We use Google AdMob to display ads in the free version of the App. These ads help keep the App free.
  • To Manage In-App Purchases: To verify and restore your purchase of the "Remove Ads" option.
  • To Facilitate Communication: The App may open external links in your browser (for example, to view this privacy policy) or open your email client to contact support. We do not track this activity.

3. Legal Basis for Processing (GDPR)

We process your personal data based on the following legal bases:

  • Legitimate Interest: To display advertising and keep the App free (Advertising Identifiers).
  • Contract Performance: To provide App functionalities and manage in-app purchases.
  • Consent: For advertising data processing when required by local jurisdiction.
  • Legal Compliance: To comply with legal obligations related to in-app transactions.

4. Third-Party Services and Tracking Technologies

Third-Party Services

The App uses third-party services that may collect information used to identify you:

  • Google AdMob: Our main advertising partner. Google may use the collected information to personalize the ads you see.
    Google Privacy Policy and Terms
  • Payment Services (Google Play Billing and Apple In-App Purchase): All in-app purchases are securely processed by Google or Apple. We do not have access to your payment information.
    Google Privacy Policy
    Apple Privacy Policy

Tracking Technologies in Mobile Applications

Important: As a native mobile application, Propina³ does NOT use traditional browser cookies. However, we employ equivalent technologies specific to mobile devices:

Identifiers and Technologies Used

Technology Type Purpose Duration Provider
IDFA (iOS) Advertising Identifier Display personalized ads Until user resets it Apple
AAID (Android) Advertising Identifier Display personalized ads Until user resets it Google
Android ID Device Identifier App functionality Permanent until device reset Google
Local Storage Local Storage Save accounts and configuration Until app uninstall Propina³
AdMob SDK Third-Party SDK Serve ads According to Google policy Google

Third-Party Cookies (Web Ads Only)

When AdMob displays ads containing web content, temporary cookies may be set:

  • Google Ads Cookies: For ad frequency and personalization (30 days)
  • Measurement Cookies: For advertising performance metrics (90 days)
  • Advertising Partner Cookies: According to each advertising network's policies

Advertising Tracking Control

On iOS:

  1. Go to Settings > Privacy & Security > Tracking
  2. Turn off "Allow Apps to Request to Track"
  3. Or turn off specifically for Propina³

On Android:

  1. Go to Settings > Google > Ads
  2. Turn on "Opt out of Ads Personalization"
  3. You can also "Reset advertising ID"

Apple iOS 14.5+ Limitations:

  • Apps must request explicit permission for tracking
  • Propina³ respects your choice if you deny ATT permission
  • Ads will continue to show but will be less personalized

Note: Disabling advertising personalization will not eliminate ads, but will make them less relevant to your interests.

5. Data Retention

  • Local Data: The data you create in the App (such as saved accounts) is stored on your device until you:
    • Manually delete the data from the App settings
    • Completely uninstall the application
    • Restore your device to factory settings
    • This data has no automatic expiration date and remains under your direct control
  • Advertising Identifiers: Google AdMob retains this data according to its own retention policy, typically up to 24 months from the last recorded advertising activity.
  • Purchase Information: In-app purchase status is verified in real time with Google Play/App Store each time you open the application. We do not store purchase histories on our servers.
  • Technical Metadata: Application technical information (version, device model) is processed only during the active session and is not retained beyond application closure.

Automatic Data Deletion

In compliance with data protection regulations, if you do not use the application for more than 36 consecutive months, any associated advertising identifier will be automatically purged from Google AdMob systems according to their retention policies.

6. International Data Transfers

  • Google AdMob: Collected data may be transferred and processed in countries outside your jurisdiction, including the United States, where Google has its main servers.
  • Protections: Google implements adequate security measures in accordance with international data protection regulations (GDPR, CCPA).
  • Legal Basis: Transfers are carried out under legally recognized mechanisms such as the EU Standard Contractual Clauses.

7. Your Privacy Rights and Options

You have control over your information and can make the following decisions:

  • Disable Personalized Ads: You can opt out of personalized ads by adjusting your mobile device settings.
    • On iOS: Go to Settings > Privacy & Security > Tracking, and turn off "Allow Apps to Request to Track".
    • On Android: Go to Settings > Google > Ads, and turn on "Opt out of Ads Personalization".
  • Delete Local Data: You can delete locally stored data (such as saved accounts) by uninstalling the application.

Additional Rights by Jurisdiction

For EU/EEA Users (GDPR):

If you reside in the European Union or European Economic Area, you have the following rights under the GDPR:

  • Right of Access (Art. 15 GDPR):
    • Obtain confirmation of whether we process your personal data
    • Receive a copy of your personal data and information about how we process it
    • Know the purposes, data categories, recipients and retention periods
  • Right of Rectification (Art. 16 GDPR):
    • Correct inaccurate or incomplete personal data
    • Complete data that is incomplete through an additional statement
  • Right to Erasure/"Right to be Forgotten" (Art. 17 GDPR):
    • Request deletion of your data when it is no longer necessary
    • Withdraw consent if processing is based on consent
    • Object to processing based on legitimate interest without overriding reasons
  • Right to Restriction of Processing (Art. 18 GDPR):
    • Restrict processing while data accuracy is being verified
    • Limit use when processing is unlawful but you do not want deletion
  • Right to Data Portability (Art. 20 GDPR):
    • Receive your data in structured, common and machine-readable JSON format
    • Transmit that data to another controller when technically possible
    • Applies only to: locally saved account data (does not apply to advertising identifiers)
  • Right to Object (Art. 21 GDPR):
    • Object to processing based on legitimate interest (includes personalized advertising)
    • Absolute right to object to direct marketing at any time

For California, USA Users (CCPA/CPRA):

If you reside in California, you have the right to:

  • Know: What personal information we collect and how we use it
  • Delete: Request deletion of your personal information
  • Not Sell: Opt out of selling your personal information (Not applicable - we do not sell data)
  • Non-Discrimination: Not be discriminated against for exercising your privacy rights

For Brazil Users (LGPD):

If you reside in Brazil, you have rights similar to GDPR, including access, rectification, deletion and data portability.

For Canada Users (PIPEDA):

If you reside in Canada, you have the right to access and correct your personal information, as well as file complaints with the Privacy Commissioner of Canada.

For Mexico Users (LFPDPPP):

If you reside in Mexico, you have ARCO rights over your personal data:

  • Access: Know what personal data we have and what we use it for
  • Rectification: Correct personal data when it is inaccurate or outdated
  • Cancellation: Request deletion of your personal data when you consider it unnecessary
  • Opposition: Object to the use of your personal data for specific purposes

You also have the right to revoke your consent for data processing and to portability of your personal data.

For Australia Users (Privacy Act):

If you reside in Australia, you have rights under the Australian Privacy Principles, including access and correction of your personal information.

Procedure to Exercise Your Rights

📧 Email (Primary Method):

  • Address: support@garcia3apps.com
  • Subject: "Privacy Rights Exercise - [Type of Right]"
  • Required information: Full name, associated email (if applicable), specific description of the requested right

✅ Free Processing: All legitimate requests are completely free. We do not charge fees for exercising fundamental privacy rights.

⏱️ Response Times:

  • Confirmation: 5 business days
  • Complete response: 30 calendar days (GDPR/Mexico), 45 days (California)
  • Priority cases: 10 business days (security, urgent rectifications)

Complaints Procedure

If you are not satisfied with how we handle your personal information or have a privacy complaint:

  1. Contact Us First: support@garcia3apps.com - We will respond within 30 days.
  2. Data Protection Authorities by Country:
    • Spain: Spanish Data Protection Agency (AEPD) - www.aepd.es
    • Mexico: National Institute of Transparency, Access to Information and Personal Data Protection (INAI) - www.inai.org.mx
    • United States/California: California Attorney General - oag.ca.gov
    • Brazil: National Data Protection Authority (ANPD) - www.gov.br/anpd
    • Canada: Office of the Privacy Commissioner - www.priv.gc.ca
    • Australia: Office of the Australian Information Commissioner - www.oaic.gov.au
    • EU/EEA: Your local data protection authority

8. Children's Privacy

Our App is not directed to children under 13 years of age (or the equivalent minimum age in the corresponding jurisdiction). We do not intentionally collect personally identifiable information from children.

Protection Measures for Minors

If we discover that a minor has provided us with personal information without parental consent verification, we take the following measures:

  • Immediate Deletion: We delete all information about the minor from our systems within 24 hours after discovery
  • Notification: We contact parents/guardians if possible to identify them to inform about the deletion
  • Preventive Blocking: We implement technical measures to prevent future accidental collections from the same device
  • Process Review: We review our age verification procedures to strengthen safeguards

Report Use by Minors: If you are a parent/guardian and discover that your child has provided personal information, immediately contact support@garcia3apps.com for priority deletion.

9. Legal Jurisdiction and Applicable Laws

This Privacy Policy is governed by the following laws, depending on your location:

  • Mexico: Federal Law on Protection of Personal Data Held by Private Parties (LFPDPPP)
  • European Union: General Data Protection Regulation (GDPR)
  • Spain: Organic Law on Protection of Personal Data and guarantee of digital rights (LOPDGDD)
  • California, USA: California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA)
  • Brazil: General Personal Data Protection Law (LGPD)
  • Canada: Personal Information Protection and Electronic Documents Act (PIPEDA)
  • Australia: Privacy Act 1988

In case of conflict between applicable laws, the strictest laws in favor of protecting your privacy rights will prevail.

10. Data Security

We implement appropriate technical and organizational measures to protect your personal information:

Technical Measures

  • Secure Local Storage: Data is stored using SharedPreferences (Android) and UserDefaults (iOS) with operating system protections
  • Encryption in Transit: All communications with third-party services (AdMob, App Stores) use HTTPS/TLS protocols
  • Data Minimization Principle: We only collect information strictly necessary for app functionality
  • No Own Servers: We do not store personal data on our own servers, eliminating centralized breach risks
  • Regular Updates: We keep security dependencies updated following Flutter best practices

Organizational Measures

  • Limited Access: Only authorized personnel have access to app-related information
  • Privacy Training: Our team receives regular training on data protection and privacy
  • Code Review: All data handling code goes through security review
  • Incident Response Policy: Established procedures to respond to potential data breaches
  • Regulatory Compliance: Periodic reviews to ensure compliance with GDPR, LGPD and other applicable regulations

Data Breach Notification

In the unlikely event of a security breach affecting your personal data:

  • Detection and Assessment: We will investigate the incident within 24 hours of its discovery
  • Authority Notification: If the breach presents a high risk to your rights, we will notify competent data protection authorities within 72 hours
  • User Notification: We will inform you without undue delay if the breach presents a high risk to your rights and freedoms, including:
    • Nature of the personal data breach
    • Categories and approximate number of affected data subjects
    • Measures adopted or proposed to remedy the breach
    • Measures to mitigate possible adverse effects
  • Communication: Notifications will be made through an application update and/or email if we have your address

Given that most data is stored locally on your device, the risk of data breaches from our systems is minimal.

11. Changes to This Privacy Policy

We may update our Privacy Policy from time to time to reflect changes in our practices or for legal reasons. We will notify you of any significant changes:

  • Publishing the new policy on this page
  • Updating the effective date at the top
  • Notification within the app for material changes affecting your rights

We recommend reviewing this policy periodically to stay informed about how we protect your information.

personal experience, professional quality

García³ = simplicity cubed

© 2025 García³ Apps. All rights reserved.

Contact: support@garcia3apps.com