Privacy Policy

This Privacy Policy describes how DIGITAL WARRIORS LLC ("Operator Base," "we," "us," or "our") collects, uses, and shares information when you use our mobile application and related services (collectively, the "Service").

By using the Service, you agree to the collection and use of information in accordance with this policy.

1. Information We Collect

Account Data

When you create an account, we collect your email address, name, and password. Your password is cryptographically hashed by our authentication provider (Supabase) and is never stored in plain text.

User-Generated Content

We collect content you create within the Service, including posts, messages, comments, files you upload, and other community contributions.

Device and Usage Data

We automatically collect:

• Device type, operating system, and app version
• Push notification tokens (used solely to deliver notifications you have opted into)
• In-app usage events and interactions (aggregated for product improvement)

Payment Information

Payments are processed by Stripe. We do not store your credit card number, bank account details, or other financial instruments. We retain only your subscription status and transaction history for billing purposes.

2. How We Use Your Information

• Provide the Service — authentication, data synchronization, messaging, and community features.
• Send notifications — push notifications you have opted into, such as mission reminders, messages, and community updates.
• Improve the product — aggregated, anonymized usage analytics help us understand how features are used and where to invest.
• Billing and fraud prevention — process subscriptions, detect unauthorized transactions.
• Communicate with you — respond to support requests, send service-related announcements.

3. How We Share Your Information

We do not sell your personal information. We share data only with the following service providers, each acting as a data processor on our behalf:

• Supabase — database hosting, authentication, and real-time infrastructure.
• Firebase Cloud Messaging (Google) — delivery of push notifications on Android devices.
• Apple Push Notification Service — delivery of push notifications on iOS devices.
• Stripe — payment processing.

We may also disclose information if required by law, regulation, legal process, or governmental request.

4. Google Calendar Integration

If you connect a Google account, Operator Base requests access to your Google Calendar to provide scheduling features. Specifically, we use the calendar.events and free/busy scopes to:

• read your availability (free/busy) to determine open times;
• list, create, reschedule, and cancel calendar events at your direction.

What we store. We store an encrypted OAuth refresh token so the connection persists until you disconnect it. Short-lived access tokens are held only in memory and are never written to disk. We access your calendar data in real time to perform the actions above and do not retain the contents of your calendar events.

What we do not do. We do not sell Google user data, do not use it for advertising, and do not use it to train generalized artificial-intelligence or machine-learning models. We do not transfer it to third parties except as needed to provide these scheduling features or as required by law.

Deletion. You can revoke access at any time by disconnecting the calendar in Operator Base or via your Google Account permissions. On disconnect or account deletion, we delete the stored refresh token.

Operator Base's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

5. Data Retention

We retain your personal data for as long as your account is active or as needed to provide the Service. When you delete your account, we remove your personal data within 30 days, except where retention is required by law or necessary to resolve disputes.

6. Data Security

We implement industry-standard security measures including encryption in transit (TLS/HTTPS), encryption at rest for stored data, and row-level security policies on our database. However, no method of electronic transmission or storage is 100% secure, and we cannot guarantee absolute security.

7. Your Rights and Choices

• Access and correction — you can view and update your profile information at any time within the app.
• Account deletion— you can delete your account from Settings > Account > Delete Account. You may also request deletion by emailing support@operatorbase.app.
• Push notifications— you can disable push notifications at any time through your device's system settings.
• Data export — you may request a copy of your personal data by emailing support@operatorbase.app.

8. Children's Privacy

Operator Base is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have inadvertently collected data from a child under 13, we will take steps to delete that information promptly.

9. International Data Transfers

Your information may be transferred to and processed in the United States, where our service providers operate. By using the Service, you consent to the transfer of your information to the United States and other jurisdictions where we or our service providers maintain facilities.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or through an in-app notification. Continued use of the Service after changes take effect constitutes acceptance of the revised policy.

11. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at:

DIGITAL WARRIORS LLC
180 NE 29th St, Apt 330
Miami, FL 33137
support@operatorbase.app