1. Data Controller and Contact Information
This Service is operated by PURR ENTERPRISES LIMITED, a company incorporated in Cyprus with its registered office at Neofytou Nikolaidi, 61 YIANNIS COURT, 2nd floor flat/office 201, 8011, Paphos, Cyprus (“we”, “us”, or “our”).
PURR ENTERPRISES LIMITED is the data controller for personal information collected through the Spot: GPS Phone Locator website, mobile application, and downloadable software, and determines the purposes and means of processing personal data when you use the Service.
For privacy-related inquiries, please contact us at contact@purrenterpriseslimited.com. Postal address: Neofytou Nikolaidi, 61 YIANNIS COURT, 2nd floor flat/office 201, 8011, Paphos, Cyprus.
2. Personal Information We Collect
Personal information means information that can be used to identify, locate, or contact an individual. This includes information directly linked to a person, such as a name or email address, as well as indirect identifiers such as IP address, device identifiers, or location information when combined with other details. It does not include anonymized or aggregated data.
When you use the Service, we may collect and process personal information in the following ways:
2.1 Information you provide
Registration and profile. When you create an account, we may collect information such as your name, email address, username, and optional profile photo.
Web funnel and onboarding data. Before downloading the app, you may complete an onboarding flow on our website. We may collect answers you provide in that flow, such as preferences, goals, or other details you choose to share, to personalize your experience and link a premium subscription to your account after the app is installed.
Purchase and subscription information. If you subscribe through our website, we may collect limited billing-related information, such as the last four digits of a payment card, card brand, billing country, and transaction receipt details, including package name and purchase time, to verify your subscription status. We do not store or process full payment card details. Full payment information is handled directly by the relevant payment processor, such as Stripe, under its own privacy and security policies. We keep only the minimum data needed to confirm payment status and respond to support requests.
Contact and support requests. If you contact our support team by email or through a web form, we process the content of your message, any files or attachments you submit, and your contact details such as name, email address, or other identifiers you provide.
Newsletter. With your consent, we may use your email address to send newsletters, product updates, special offers, and promotional content about the Service. You can unsubscribe at any time by using the unsubscribe link in the email or by contacting contact@purrenterpriseslimited.com.
Feedback and reviews. After using the Service, we may ask you by email to review your experience. You may opt out of review requests at any time.
2.2 Information collected automatically
When you use the Service, we and our partners may use cookies, web beacons, log files, device sensors, and similar technologies to collect data about your device and usage, including:
Technical device details: IP address, device model and brand, device identifiers such as IDFA or GAID where permitted, browser type, operating system and version, time zone, language settings, screen resolution, network settings, battery level, charging status, and approximate location such as city-level location.
Usage data: referring and exit pages and URLs, clickstream behavior, feature usage, session timestamps, app crashes, error logs, landing pages, page views, and interactions with content, links, or buttons.
Cookie identifiers and analytics: unique browser or device IDs stored in cookies or local storage to remember preferences, analyze behavior, or provide personalized content.
Advertising data. We may work with advertising networks, analytics providers, social media platforms, and other service providers to deliver personalized content and measure advertising effectiveness. These third parties may collect advertising identifiers such as IDFA or GAID, cookie IDs or local storage keys, hashed email addresses where permitted, clickstream and browsing behavior, and device or usage details across websites, apps, and devices over time.
2.3 Location and sensor data
To provide the core features of the Service, we need access to your precise location and movement history. Without this access, the app cannot provide its main functionality. We process location data based on your consent. You may withdraw consent at any time, but the app may no longer function as intended.
With your permission, we may collect precise location data through GPS, Wi-Fi, cellular tower data, and motion sensor data to support features such as:
- real-time location sharing with family members or groups;
- location history and visited places;
- geofence-based alerts.
We collect location data only when you are logged in and have granted the relevant permissions. We do not use precise location data for independent marketing purposes or disclose it to third parties for their independent marketing purposes.
2.4 Information from third parties
If you choose to register or log in using a third-party account such as Facebook, Google, or Apple, we may receive certain personal information from that platform, such as your name, email address, profile picture, and the user ID associated with your account, to simplify account setup. The exact information received depends on your privacy settings on that platform and the permissions you grant. We do not store your login credentials for those third-party services. Your data from those accounts is subject to the privacy policies of the relevant providers.
2.5 Groups and members
If you add someone to your group or join a group, we process information about the groups to which you belong. Certain information, such as account details, device battery status, location, and movement history, may be shared with other group members. You can review members of your group and manage your participation directly in the app.
We do not intentionally collect personal information for new purposes without notifying you and obtaining any required consent. We do not sell your personal information for third parties’ own marketing purposes.
3. How We Use Personal Information
We use personal information for the following purposes:
To provide and maintain the Service. We process data to create your account, enable core functionality such as location sharing, and maintain the functionality and security of the Service. This includes using device and usage data to ensure service reliability and prevent fraud.
To fulfill transactions. We collect the information necessary to process your subscription payments and ensure seamless access to features purchased through our website or in-app purchases.
To communicate with you. We use email to send service-related notices, such as account verification, important updates, and security alerts, to respond to your inquiries, and to request feedback after a transaction or use of the Service.
To improve and develop the Service. We analyze usage and feedback, including reviews you provide, to understand how users interact with the Service and to improve our offering. Crash reports and usage logs help us fix bugs and optimize the user experience.
For safety and legal compliance. We process personal data when required by law or to enforce our Terms of Use.
4. Location Data Usage
Certain features of the Service may require access to precise or approximate device location data.
Location information may be used to:
- provide location-based functionality;
- improve app performance and user experience;
- support safety, fraud prevention, or account security measures;
- customize content, recommendations, or relevant features;
- analyze usage patterns and service performance.
Location access is requested only after obtaining user permission through the device operating system or in-app consent mechanisms.
Users may disable location permissions at any time through their device settings. Disabling location access may limit the availability or functionality of certain features within the Service. We do not sell precise location information to third parties unless explicitly disclosed and permitted under applicable law.
5. Legal Bases for Processing (EEA/UK and Similar Jurisdictions)
If you are located in a jurisdiction that requires a legal basis for personal data processing, such as the European Economic Area or the United Kingdom, we rely on the following grounds:
Performance of a contract (GDPR Article 6(1)(b)). Most data processing is necessary to provide the Service you requested under our Terms of Use, such as maintaining your account and processing subscriptions.
Consent (GDPR Article 6(1)(a)). We rely on your consent where specifically requested, such as enabling precise location tracking, processing motion-related data, sending newsletters or promotional emails, or using certain cookies or advertising identifiers. You may withdraw consent at any time.
Legitimate interests (GDPR Article 6(1)(f)). We process certain data based on our legitimate interests in improving the Service, securing our platform, preventing fraud, and asking customers to review the Service, where those interests are not overridden by your privacy rights.
Legal obligation (GDPR Article 6(1)(c)). In some cases, we must process data to comply with applicable laws, such as retaining transaction records for tax or audit purposes or responding to valid legal requests.
6. Sharing of Personal Information
We do not sell your personal information. We share it only as described in this Policy and always with appropriate safeguards.
6.1 Sharing within circles
When you join or create a circle, family, or group, certain information, such as your name, profile information, real-time location, driving alerts, and messages sent within the circle, may be shared with other members of that circle. This is a core feature of the app. You can control circle members and leave a circle at any time.
6.2 Service providers and processors
We use trusted third-party companies to operate and improve the Service on our behalf. These service providers process your data only according to our instructions and only for the purposes described in this Policy. Where required by law, we enter into data processing agreements with these companies. Key service providers may include:
| Provider | Service Provided | Privacy Policy |
|---|
| Google (Firebase, Analytics, Crashlytics) | Authentication, analytics, crash reporting, push notifications | https://policies.google.com/privacy |
| Adjust | Mobile attribution and marketing analytics | https://www.adjust.com/terms/privacy-policy |
| Amplitude | Product analytics and user behavior tracking | https://amplitude.com/privacy |
| Facebook (Meta) | Analytics and advertising management | https://www.facebook.com/privacy/policy/ |
| Stripe | Payment processing for web purchases | https://stripe.com/privacy |
| Apple App Store | Payment processing for iOS purchases | https://www.apple.com/legal/privacy/ |
| Postmark (ActiveCampaign) | Transactional email delivery | https://postmarkapp.com/privacy-policy |
These third parties are contractually required to protect your information, use it only for the services they provide to us, and comply with applicable data protection laws.
6.3 Business transfers
If we are involved in a merger, acquisition, bankruptcy, or sale of all or part of our assets, your information may be transferred as part of that transaction. We will seek to ensure that the acquiring organization respects the commitments in this Privacy Policy or provides notice and choice before changing how your data is handled.
6.4 Legal disclosures
We may disclose your information if required by law or in response to a valid request from public authorities, such as a court order, subpoena, or government request. We may also disclose information when we believe in good faith that it is necessary to:
- comply with a legal obligation;
- prevent or address fraud, abuse, or unauthorized activity;
- protect the rights, privacy, safety, or property of us, our users, or others;
- respond to an emergency, including preventing death or serious physical injury.
6.5 Sharing with your consent
If you consent to sharing information with a third party for a specific purpose not otherwise covered above, we will share it according to your instructions.
7. International Data Transfers
Your personal information may be transferred to and stored on servers located outside your country of residence, including in the European Union, the United Kingdom, the United States, or other jurisdictions where we or our service providers operate. These countries may not have the same data protection laws as your country of residence.
When we transfer data internationally, we use appropriate safeguards designed to ensure that such transfers comply with applicable data protection laws:
- For transfers from the EEA, we rely on the European Commission’s Standard Contractual Clauses (SCCs).
- For transfers from the United Kingdom, we rely on the UK International Data Transfer Addendum or the International Data Transfer Agreement (IDTA).
- We seek to ensure that our service providers maintain appropriate data protection standards, such as ISO 27001 or SOC 2 certifications, where applicable.
- Where no adequacy decision is available, we apply additional safeguards such as encryption, strict access controls, and security audits.
You may request further information about our international data transfers and the safeguards used by contacting contact@purrenterpriseslimited.com.
8. Data Retention
We retain personal information only for as long as reasonably necessary to:
- provide and maintain the Service;
- comply with legal, regulatory, tax, accounting, or security obligations;
- resolve disputes;
- enforce agreements;
- prevent fraud or abuse.
Retention periods may vary depending on the type of data collected, the nature of the user’s interaction with the Service, applicable legal requirements, and payment or subscription activity.
Active accounts. While you maintain an account, we retain your information to provide the Service. By default, if you stop using Spot: GPS Phone Locator, we may retain account data for up to 3 years from your last interaction with the Service. After that period of inactivity, we delete or anonymize your information unless a longer retention period is required by law.
Account deletion. If you deactivate or delete your account, we do not retain your personal data for more than 2 months unless retention is required for legal, regulatory, contractual, security, or dispute-resolution reasons.
Location data. We retain movement history for a relatively short period, such as the last 2 weeks of location traces. Older location data may be aggregated or deleted to minimize the amount of information we hold.
Cookie and analytics data. Data collected through cookies is retained according to the period described in our Cookie policy or the relevant service provider settings.
Legal exceptions. If we are required by law to keep certain information beyond the normal retention period, such as for regulatory compliance, legal claims, or audits, we store the relevant data securely as needed.
Location-related data, usage analytics, billing records, and customer support communications may be retained for a limited period necessary to support operational, legal, security, or compliance purposes. When personal information is no longer required, we may delete, anonymize, or securely aggregate such information in accordance with applicable laws and internal retention practices.
9. Third-Party Payment Providers
Subscription payments and certain billing-related services may be processed by third-party payment providers, app marketplaces, financial institutions, or payment processing partners.
Such providers may include:
- Apple App Store;
- payment gateways;
- subscription management platforms;
- fraud prevention and billing service providers.
These third parties may independently collect, process, store, or verify payment-related information in accordance with their own privacy policies, terms, and regulatory obligations. We do not control the privacy or security practices of third-party payment providers and encourage users to review the applicable policies of such providers before completing transactions. Depending on the payment method used, certain billing disputes, refunds, cancellations, or chargeback requests may need to be handled directly through the applicable payment provider or app marketplace.
10. Subscription Cancellation
Users may cancel active subscriptions at any time before the next scheduled renewal date.
Cancellation methods may vary depending on the platform or payment provider used during the original purchase process.
For subscriptions purchased through:
- Apple App Store: cancellations must be managed through the user’s Apple account settings;
- third-party payment providers: cancellations may be managed through the applicable billing portal or by contacting customer support.
Canceling a subscription prevents future renewal charges but does not automatically generate refunds for previously processed billing periods unless otherwise required by applicable law or platform policies. Access to premium features may remain available until the end of the active billing period.
11. Refunds and Cancellations
Users who believe they were charged incorrectly, experienced unauthorized billing, or wish to request a refund may contact our support team at contact@purrenterpriseslimited.com.
Refund requests are reviewed on a case-by-case basis and may be subject to eligibility requirements, applicable platform rules, payment processor policies, and local consumer protection laws.
To submit a refund request, users should provide:
- the email address associated with the account;
- transaction date;
- subscription type;
- payment confirmation or receipt;
- a description of the issue.
We recommend submitting refund requests within 60 calendar days of the relevant charge so that the request can be reviewed while transaction records remain readily available.
We aim to review billing-related inquiries within 10 business days. Resolution timelines may vary depending on the payment provider, app marketplace, financial institution, or dispute complexity.
For subscriptions purchased through third-party platforms such as Apple App Store, refund requests and payment disputes need to be handled directly through the applicable platform provider in accordance with its policies.
12. Recurring Payment Consent
By purchasing a subscription, users acknowledge and expressly consent to recurring billing for the selected subscription plan. Unless canceled prior to the renewal date, the subscription will automatically renew at the applicable recurring interval and the corresponding payment method may be charged automatically.
The recurring billing authorization remains active until:
- the subscription is canceled by the user;
- the payment method becomes invalid;
- the subscription is terminated in accordance with applicable terms.
Subscription payments are processed by third-party payment processors, app marketplaces, or billing partners. We do not directly store full payment card information.
Users are responsible for managing or canceling active subscriptions through the applicable platform or payment provider account settings.
13. Security of Your Information
We take the security of your personal information seriously and implement organizational and technical measures designed to protect your data from unauthorized access, alteration, disclosure, or destruction.
Organizational measures:
- access control policies so only authorized personnel with a legitimate need can access sensitive data;
- multi-factor authentication and strong password policies;
- staff training on data privacy and security best practices;
- internal policies for safely handling personal data and responding to security incidents.
Technical measures:
- encryption in transit for data exchanges using HTTPS/TLS and encryption at rest for sensitive data where applicable;
- secure networks, firewalls, and intrusion detection systems;
- regular security audits, penetration testing, and vulnerability scans;
- secure backup and disaster recovery mechanisms;
- anonymization or pseudonymization of data where possible.
Despite these measures, no service is 100% secure. If a security breach affecting your personal information occurs, we will notify you and the appropriate authorities without undue delay where required by law, such as notification to the relevant supervisory authority within 72 hours under the GDPR where applicable.
Users are also responsible for maintaining their own account security, including protecting login credentials, choosing strong passwords, and keeping their devices secure.
14. Your Rights and Choices
Depending on your location and applicable law, you may have the following rights regarding your personal information:
Right of access. You may request a copy of the personal data we hold about you and information about how we use and share it.
Right to correction. If any of your information is inaccurate or incomplete, you may request correction.
Right to deletion. Subject to certain legal exceptions, you may request deletion of your personal data.
Right to restriction. In certain circumstances, you may request that we restrict the processing of your personal data.
Right to data portability. Where applicable, you may request a copy of certain data in a structured, commonly used, machine-readable format or request transfer to another provider where technically feasible.
Right to object. You may object to the processing of personal data, especially where processing is based on legitimate interests or used for direct marketing.
Right to withdraw consent. Where we rely on consent, you may withdraw it at any time. Withdrawal does not affect the lawfulness of earlier processing.
Right to lodge a complaint. You may lodge a complaint with your local data protection authority. EU residents can identify the relevant supervisory authority through the European Data Protection Board website. UK residents can contact the UK Information Commissioner’s Office.
Exercising your rights
To exercise any of these rights, contact contact@purrenterpriseslimited.com. To protect your privacy, we may need to verify your identity before fulfilling a request. We aim to respond to valid requests within 30 days, or within 45 days for CCPA requests. If your request is particularly complex, this period may be extended by up to two additional months, and we will notify you of the extension.
We will not discriminate against you for exercising your privacy rights.
15. Account Deletion
You may request deletion of your personal data by contacting contact@purrenterpriseslimited.com.
If you purchased a subscription through the App Store, deleting your account does not automatically cancel the subscription. You must separately manage or cancel any active subscription through your Apple account settings or the applicable payment provider.
After receiving and verifying a deletion request, we will delete or anonymize personal information associated with your account unless we are required or permitted to retain certain information for legal, tax, accounting, security, fraud-prevention, dispute-resolution, or compliance purposes.
16. Children’s Privacy
The Service is not intended for children under 13 years of age, or under the minimum age required in the user’s jurisdiction without appropriate parental or guardian consent. We do not knowingly collect personal information from children under 13 without required consent.
If we learn that we have collected personal information from a child in a way that does not comply with applicable law, we will take reasonable steps to delete that information.
Where the Service is used in a family or child-related context, the adult account holder is responsible for ensuring that the use complies with applicable consent, privacy, child-protection, and platform requirements.
17. California Privacy Notice
This section applies to California residents and supplements the rest of this Privacy Policy. It is intended to provide information required under the California Consumer Privacy Act, as amended by the California Privacy Rights Act.
In the past 12 months, depending on how you used the Service, we may have collected the following categories of personal information:
| Category | Examples | Purpose |
|---|
| Identifiers | Name, email address, account ID, device identifiers | Account creation, authentication, support, subscription access |
| Commercial information | Subscription status, transaction records, receipt metadata | Payment verification, fraud prevention, customer support |
| Internet or network activity | App events, diagnostics, usage data, IP address | Analytics, security, performance, troubleshooting |
| Geolocation data | Precise location, route history, geofence events | Core location-sharing and safety features |
| Inferences | Service preferences or settings derived from app use | Service customization and product improvement |
We do not sell personal information as the term is commonly understood. We do not knowingly sell or share personal information of children under 16. Where applicable law treats certain analytics or advertising activities as “sharing,” you may use available device settings or contact us to exercise your rights.
California residents may request access, deletion, correction, portability, and opt-out of certain sharing or sale-like processing where applicable. To submit a request, contact contact@purrenterpriseslimited.com.
18. Privacy Notice for Residents of Other U.S. States
Residents of states such as Colorado, Connecticut, Virginia, Utah, and other jurisdictions with comprehensive privacy laws may have rights to access, correct, delete, obtain a copy of, or opt out of certain processing of personal data, including targeted advertising, sale of personal data, or profiling with significant legal effects, where applicable.
To exercise these rights, contact contact@purrenterpriseslimited.com. If we deny your request, you may have the right to appeal our decision by replying to our response and stating that you wish to appeal.
19. Privacy Rights in Other Jurisdictions
Users in other jurisdictions, including Japan, Canada, Brazil, Australia, and similar regions, may have additional privacy rights under local law. These rights may include access, correction, deletion, consent withdrawal, objection, or the ability to contact a local authority.
We will process privacy requests in accordance with applicable law and may ask for information necessary to verify your identity and locate your account.
20. Cookies and Tracking Technologies
We may use cookies, local storage, SDKs, pixels, and similar technologies on our website and within the app to operate the Service, remember preferences, analyze usage, measure performance, support attribution, and improve product quality.
Some cookies or identifiers are necessary for the Service to work. Others may be used for analytics, measurement, or optional marketing activities where permitted by law and platform rules. You can usually manage cookies through your browser settings and manage mobile tracking permissions through your device settings.
Disabling cookies or identifiers may affect the availability or functionality of certain features.
21. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in the Service, legal requirements, product design, service providers, or data practices. When we make changes, we may update the effective date and post the revised version on the relevant page.
If changes are material, we may provide additional notice through the app, by email, or through other appropriate means. Your continued use of the Service after the effective date means that you acknowledge the updated Policy.
22. Contact Us
If you have any questions, requests, or complaints about this Privacy Policy or how your personal information is handled, please contact us at: