The SOS App ("the App") is a personal safety application operated by The Drone Wave LLC, doing business as Scintilla Dev ("we," "us," or "our"). This Privacy Policy explains how we collect, use, store, and protect your information when you use the App.
Your safety is our priority — and so is your privacy. We collect only what is necessary to deliver the core safety features you rely on.
Why we built this
Most family safety apps have a business model problem: your family's location data is the product. Life360 — one of the most downloaded family safety apps in the world — was found to be selling precise, real-time location data on tens of millions of users to data brokers, including companies linked to US military intelligence contractors (The Markup, 2021). One of those brokers, X-Mode (now Outlogic), became the subject of widespread scrutiny after its ties to location data sales were exposed. Reports indicate that Life360 continued brokering user datasets through intermediaries like LiveRamp after the initial scandal (The Capitol Forum).
In January 2025, the FTC took formal action, requiring companies to stop selling sensitive location data to brokers — a direct consequence of years of practices like these (Mayer Brown, Feb 2025). Independent researchers have documented similar patterns across many popular children's and family apps (SafetyDetectives, NowSecure, 2025).
That's why TheSoSapp doesn't sell, share, or broker your data — ever.
1. Information We Collect
1.1 Account Information
We collect the following information when you create or update your account:
- Email address
- Full name
- Phone number (optional)
- Profile picture (optional)
- Locale, timezone, and language preference
- Subscription plan (if applicable)
Users may update their name, phone number, and profile information at any time inside the App.
1.2 Location Data
We collect:
- Precise GPS location — only when SOS tracking or family live‑location sharing is active
- Approximate location — used as fallback when GPS is unavailable (IP‑based geolocation)
Your location is only shared with contacts YOU choose, such as emergency contacts or mutually approved family members.
1.3 Device Information
We collect limited device information to ensure the App functions properly:
- Firebase Cloud Messaging token (for push notifications)
- Device model and OS version
- App version
- Crash logs and diagnostics (testing builds only; not collected in production)
We do not collect advertising identifiers.
1.4 Usage Information
We collect anonymized data about how you use the App to improve reliability and performance. This includes:
- Screen views and time spent per screen
- Feature usage (e.g. SOS triggered, contacts added, paywall viewed)
- App session start and end events
- App version and platform (iOS or Android)
This data is collected via Firebase Analytics (Google) and stored in our own database. It is never linked to your name, email, phone number, or GPS coordinates. No advertising identifiers are collected.
2. How We Use Your Information
We use your information to:
- Send SOS alerts to your chosen contacts
- Share your live GPS location during emergencies
- Enable family location sharing with mutual consent
- Deliver push notifications (SOS alerts, check‑ins, family requests)
- Authenticate and manage your account
- Improve App performance and safety features
- Prevent fraud or misuse
We do not sell, trade, or rent your personal information.
3. How We Share Your Information
We only share your data with:
3.1 Your Emergency Contacts
When SOS is triggered, your real‑time location and alert information are shared with the contacts you designate.
3.2 Family Members (Mutual Consent Required)
Both parties must approve the connection before any location data is shared. Either party can remove the connection at any time.
3.3 Service Providers
We use trusted third‑party services to power core functionality:
These providers process data on our behalf and do not use it for advertising.
3.4 Legal Requirements
We may disclose information if required by law, court order, or to protect safety.
4. Family Consent System
- Adding someone as a family member requires their explicit consent
- Both parties must accept the connection before any data is shared
- Removing a connection immediately stops all location sharing
5. Data Storage & Security
We take security seriously:
- All data is stored on Supabase (PostgreSQL) with encrypted connections (TLS/SSL)
- Security PINs are stored as SHA‑256 hashes
- Row‑Level Security (RLS) ensures users can only access their own data
- All API communication uses HTTPS encryption
No system is 100% secure, but we use industry‑standard protections.
6. Data Retention
We retain personal data only as long as necessary to provide App functionality, comply with legal obligations, and maintain accurate safety records.
6.1 Location Data
| Data Type | Retention | Cleanup Method |
|---|---|---|
| Family GPS tracking (gps_data) | 7 days | Daily cleanup (04:00 UTC) |
| SOS alerts (sos_alerts) | 1 year | Daily cleanup |
| SOS trails (sos_trails) | 5 years (coordinates removed after retention period) | Daily cleanup |
| Live locations (live_locations) | Overwritten continuously | Single row per user |
| Daily summaries | 1 year | Daily cleanup |
6.2 User Account Data
| Data Type | Retention | Notes |
|---|---|---|
| Profile | Until account deletion | Users may update anytime |
| Auth credentials | Until account deletion | Managed by Supabase Auth |
| Emergency contacts | Until account deletion | Stored securely |
| Family connections | Until account deletion | Removed immediately when disconnected |
| Push tokens | Until logout or deletion | FCM tokens |
| Security PIN | Until account deletion | SHA‑256 hash |
6.3 Notification & Activity Logs
| Data Type | Retention | Notes |
|---|---|---|
| Notification logs | Indefinite (anonymized on deletion) | Delivery records |
| Check‑in responses | 1 year | Family acknowledgments |
| Tracking debug logs | 7 days | Not collected in production |
Production builds do not store GPS debug logs or developer diagnostic logs.
6.4 On‑Device Storage (AsyncStorage)
| Key | Purpose | Cleared on Logout |
|---|---|---|
@unified_gps_state | GPS config, pending sync, auth tokens | Yes |
@permissions_requested | Onboarding flag | Yes |
@disclaimer_accepted | Acceptance timestamp | Yes |
@coach_marks_* | Tutorial flags | Yes |
@security_pin | Local PIN cache | Yes |
@app_language | Language preference | No |
6.5 Third‑Party Data Sharing
See Section 3.3.
6.6 Account Deletion
When you delete your account:
- All personal data, GPS history, SOS trails, contacts, family connections, and profile information are permanently deleted
- Notification logs are anonymized
- On‑device storage is cleared (except language preference)
Supabase Auth may retain an orphaned authentication record; this is a known limitation of Supabase.
6.7 Consent Records (Retained Indefinitely)
To comply with legal, audit, and safety requirements, we retain proof of user consent indefinitely. This includes:
- user_id
- email address
- policy version
- timestamp of acceptance
These records are never deleted, even if the user deletes their account. They are used only to verify that the user agreed to the Terms and Privacy Policy. We do not use consent records for analytics, marketing, or profiling.
7. Your Rights
Depending on your region, you may have the right to:
- Access your data
- Correct inaccurate data
- Delete your data
- Stop location sharing
- Remove contacts or family connections
- Withdraw consent
- Request a copy of your data
To exercise these rights, contact us at contact@scintilladev.com.
8. Children's Privacy
The SOS App is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided personal data, contact us so we can delete it.
9. International Data Transfers
Your data may be stored or processed in countries outside your own. We take steps to ensure your information remains protected regardless of location.
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. Your continued use of the App after changes means you accept the updated Policy.
11. Contact Us
If you have questions about this Privacy Policy or wish to exercise your privacy rights, contact us at:
The Drone Wave LLC (dba Scintilla Dev)
Email: contact@scintilladev.com
Or via our contact page: scintilladev.com/index.html#support
Need a plain text version of this policy?
↗ View Full Policy (.txt)Questions About This Policy?
If you have any questions about this privacy policy or how we handle your data, we're happy to help.
Contact Us