Birdr Privacy Policy
Effective date: April 28, 2026 Last updated: May 2, 2026
This Privacy Policy explains how Birdr ("we," "our," or "the app") handles your information. We've tried to keep this short and human-readable. If anything is unclear, email us at the address at the bottom of this page.
1. What we collect
1.1 On-device only (never sent to us)
These items stay on your phone unless you explicitly share them:
- Photos and audio you capture while making a catch.
- Your Life List, Nest collection, sightings history, trips, notes, and catch counts.
- Your home region setting and any region override.
If you don't sign in, all of your data is stored only in local app storage on your device.
1.2 Sent to third-party services we use to identify birds
When you make a photo catch, the captured image is sent to:
- Google Cloud Vision API — for visual identification.
- Hugging Face inference endpoints — for an additional bird-species classification model that cross-checks Vision's result.
When you make an audio catch, the recording is processed entirely on your device by an on-device BirdNET model. The audio clip is never uploaded to a server.
eBird (Cornell Lab of Ornithology) API — receives your approximate city-level coordinates (rounded to ~11 km) to fetch recent observations and species frequency data near you. Your exact location is never sent to eBird.
These services receive only the data needed for that single identification request. They do not receive your name, email, or any other personal identifier from us. Their own privacy policies apply to how they handle that request.
1.3 Account data (only if you sign in)
If you create an account, we store the following on Firebase:
- A randomly generated user ID.
- Your username (chosen during onboarding).
- Your sightings, life list, and profile metadata, so they sync across devices.
We do not collect your real name, email, phone number, or any demographic information. Sign-in is anonymous unless you explicitly choose otherwise.
1.4 Subscription / purchase data
If you upgrade to Birdr Pro, RevenueCat handles the subscription transaction. RevenueCat receives:
- A randomly generated app-user identifier.
- The receipt from the App Store.
We do not see your credit card or full Apple ID. Refer to RevenueCat's privacy policy for their handling.
1.5 Location
Birdr requests "When in Use" location access only. We use it for two purposes:
- City-level region detection (rounded to ~11 km) — used by the eBird API to fetch nearby observations and to localize your tier experience. The rounded coordinates are sent to eBird per request.
- City and region label on each catch — your sighting record includes the reverse-geocoded city/state/country (e.g., "Marietta, GA, US"). This stays on your device unless you sign in, in which case it syncs to your Firebase account so you can see it across devices.
We never collect or store your precise GPS coordinates. We never use location for advertising or share it with anyone other than eBird (and only the rounded version).
1.6 We do not collect
- Your contact list, calendar, health data, or browsing history.
- Tracking identifiers (IDFA), advertising data, analytics events, or crash reports — Birdr ships with no third-party SDKs of that kind in v1.
2. How we use your information
We use the data described above to:
- Identify the bird in your catch.
- Save your catches to your Life List and show your collection.
- Show you what species are nearby and what's worth chasing.
- Fulfill subscription purchases.
- Sync your collection across devices if you've signed in.
We do not use your information for advertising, profiling, or sale to third parties. We do not sell or rent your data. Period.
3. How we share your information
We share data with these parties, and only for the listed purpose:
| Service | What we send | Why |
|---|---|---|
| Google Cloud Vision | A single photo per photo-catch | Bird identification |
| Hugging Face | A single photo per photo-catch | Bird identification (cross-check) |
| eBird (Cornell Lab) | Approximate lat/lng (~11 km) + region code | Recent observation lookups, regional frequency |
| Firebase Authentication | Anonymous user ID | Sign-in (only if you sign in) |
| Firebase Firestore | Your username + your sightings | Cross-device sync (only if you sign in) |
| Apple App Store / RevenueCat | App Store receipt + anonymous user ID | Subscription purchases |
We do not share your data with anyone else. We do not run analytics SDKs. We do not embed advertising networks.
4. Retention
- On-device data: stays until you delete the app, tap Profile → Settings → Delete account, or tap "Reset demo data" in the same place (clears local catches without removing your account).
- Cloud-synced data (signed-in users): stored as long as your account exists. Tap Profile → Settings → Delete account to permanently remove your account, all your catches, and your Nest immediately. You can also email us at the address below and we will delete your account and all associated data within 30 days.
- Subscription history: retained by RevenueCat per their policy.
- Identification requests: Google Vision, Hugging Face, and eBird may log inbound API requests per their own retention policies. We do not have control over their internal retention.
5. Children
Birdr is not directed at children under 13. We do not knowingly collect data from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, contact us and we will delete it.
6. Your rights
You can:
- View your data: it's all displayed in the app's Profile and Nest tabs.
- Delete your data: tap Profile → Settings → Delete account for an immediate permanent wipe of both your account and all cloud data; or uninstall the app to remove on-device data; or email us if you prefer manual handling.
- Disable location: turn off Location for Birdr in iOS Settings. The eBird-driven features will still work with your manually selected home region.
- Disable microphone/camera: turn off in iOS Settings. Audio mode and photo mode become unavailable but the rest of the app works.
EU/UK/California residents: you have rights under GDPR / CCPA to access, correct, delete, port, or restrict the processing of your personal data. Email us to exercise any of these rights.
7. Security
We use Apple's standard secure storage (Keychain / encrypted AsyncStorage) for tokens and Firebase's standard security rules for cloud data. No system is perfectly secure, but we don't store the high-value data — there's no payment info, no real name, no email — so the blast radius of any breach is limited.
8. Changes to this policy
When we change this policy, we'll update the "Last updated" date above and notify users via an in-app notice for material changes.
9. Contact
If you have any privacy question, want to exercise your rights, or want your data deleted:
📧 privacy@birdr.app
We respond within 7 business days.