Legal
Privacy Statement
Last updated 2 July 2026.
RiverLaunch.app ("RiverLaunch", "we", "us") respects your privacy. This statement explains what personal data we collect, how we use and share it, how long we keep it, and the rights you have. It covers the RiverLaunch app and website.
Who we are
RiverLaunch.app is a community river-intelligence app for paddlers. RiverLaunch is the data controller for the personal data processed through the app and this website. For any privacy question or request, contact support@riverlaunch.app.
RiverLaunch is currently offered as a preview (beta) service, so some of the features described here may change as the product develops.
What personal data we collect
- Account details — your email address and display name, created through Firebase Authentication (including Google sign-in if you choose it). If you build a paddler profile, this may also include an avatar, a short bio, your home area, and self-declared skills or qualifications.
- Content you add — contributions (access points, hazards, features, condition reports), photos, paddle logs, kit lists, and any clubs, groups, or meetups you create or join, plus any free text you enter.
- Emergency contact — if you choose to add one, we store it so it can be shared with a trip leader for a single session when you opt in. It is not shared otherwise.
- Photo metadata — photos you upload may contain embedded information, such as the time a photo was taken or camera details.
- Location — the map centres on places you look at; if you turn on live location, your device location is used to show where you are. We do not track your location in the background.
- Usage & analytics — with your consent, we collect anonymous analytics about which features are used, to help us improve the app.
- Technical & log data — to run the service securely we process basic technical data such as your IP address, device and browser type, and timestamps, including security and error logs.
- Communications — if you email us for support, we keep that correspondence so we can help you and improve the service.
Cookies and local storage
We use a small amount of browser storage to make the service work: to keep you signed in, to remember your theme choice, and to record your analytics choice so we don't ask on every visit. Analytics cookies are only set if you choose "Allow analytics"; you can withdraw that at any time and continue to use the service without them.
How we use your data
- To provide and operate the app — accounts, maps, contributions, clubs, and meetups.
- To moderate community contributions and keep safety-relevant information honest.
- To keep the service secure and prevent misuse or abuse.
- To improve the app, using analytics where you have consented.
- To respond to your support requests and, where relevant, to meet our legal obligations.
Legal bases (UK GDPR)
- Contract — to provide the service you sign up for, including your account, contributions, and group features.
- Consent — analytics, and optional features you switch on (such as a public profile or live location). You can withdraw consent at any time.
- Legitimate interests — keeping the service secure, moderating content, and improving the app, balanced against your rights.
- Legal obligation — where we need to keep or disclose information to comply with the law.
Sharing and service providers
We do not sell your personal data. We share it only as needed to run RiverLaunch:
- Google Firebase — authentication, database, file storage, and hosting for the app and website.
- Google Analytics — anonymous usage analytics, only where you have consented.
- Map data — maps use OpenStreetMap tiles; loading map tiles shares your IP address with the tile provider, as is normal for web maps.
These providers act as our processors and may only use your data on our instructions. Content you choose to make public — such as approved contributions, a public paddler profile, or photos — is visible to others. We may also disclose data where the law requires it.
International data transfers
Our providers, including Google, may process data on servers outside the UK. Where that happens, the transfer is protected by appropriate safeguards — such as UK "adequacy" regulations, standard contractual clauses, or the UK International Data Transfer Addendum.
How we keep your data secure
We use reputable infrastructure and sensible safeguards: encrypted connections (HTTPS/TLS), access controls, and database security rules that limit who can read or change data. No online service can be guaranteed completely secure, but we take reasonable steps to protect your information.
How long we keep your data
We keep your account and contributions while your account is active. If you close your account, we delete or anonymise your personal data within a reasonable period, except where we need to keep some information to meet legal obligations or resolve disputes. Approved community contributions may remain part of the shared dataset, separated from your personal identity where practical. Analytics data is retained only for a limited period.
Your rights
Under UK GDPR you have the right to:
- access a copy of your personal data;
- correct data that is wrong or incomplete;
- ask us to delete your data;
- restrict or object to certain processing;
- receive your data in a portable format; and
- withdraw consent (such as analytics) at any time.
To exercise any of these, email support@riverlaunch.app and we will respond within one month. You also have the right to complain to the UK Information Commissioner's Office (ico.org.uk).
Children
RiverLaunch is not directed at children under 13, and we do not knowingly collect their personal data. If you believe a child has given us personal data, contact us and we will remove it.
Changes to this statement
We may update this statement; the "last updated" date above shows when. We will highlight significant changes in the app.
Contact
Questions or requests about your privacy? Email support@riverlaunch.app.
See also our Terms of Use.