Birdr

Birdr Privacy Policy

Effective date: April 28, 2026 Last updated: May 2, 2026

This Privacy Policy explains how Birdr ("we," "our," or "the app") handles your information. We've tried to keep this short and human-readable. If anything is unclear, email us at the address at the bottom of this page.


1. What we collect

1.1 On-device only (never sent to us)

These items stay on your phone unless you explicitly share them:

If you don't sign in, all of your data is stored only in local app storage on your device.

1.2 Sent to third-party services we use to identify birds

When you make a photo catch, the captured image is sent to:

When you make an audio catch, the recording is processed entirely on your device by an on-device BirdNET model. The audio clip is never uploaded to a server.

eBird (Cornell Lab of Ornithology) API — receives your approximate city-level coordinates (rounded to ~11 km) to fetch recent observations and species frequency data near you. Your exact location is never sent to eBird.

These services receive only the data needed for that single identification request. They do not receive your name, email, or any other personal identifier from us. Their own privacy policies apply to how they handle that request.

1.3 Account data (only if you sign in)

If you create an account, we store the following on Firebase:

We do not collect your real name, email, phone number, or any demographic information. Sign-in is anonymous unless you explicitly choose otherwise.

1.4 Subscription / purchase data

If you upgrade to Birdr Pro, RevenueCat handles the subscription transaction. RevenueCat receives:

We do not see your credit card or full Apple ID. Refer to RevenueCat's privacy policy for their handling.

1.5 Location

Birdr requests "When in Use" location access only. We use it for two purposes:

  1. City-level region detection (rounded to ~11 km) — used by the eBird API to fetch nearby observations and to localize your tier experience. The rounded coordinates are sent to eBird per request.
  2. City and region label on each catch — your sighting record includes the reverse-geocoded city/state/country (e.g., "Marietta, GA, US"). This stays on your device unless you sign in, in which case it syncs to your Firebase account so you can see it across devices.

We never collect or store your precise GPS coordinates. We never use location for advertising or share it with anyone other than eBird (and only the rounded version).

1.6 We do not collect


2. How we use your information

We use the data described above to:

We do not use your information for advertising, profiling, or sale to third parties. We do not sell or rent your data. Period.


3. How we share your information

We share data with these parties, and only for the listed purpose:

Service What we send Why
Google Cloud Vision A single photo per photo-catch Bird identification
Hugging Face A single photo per photo-catch Bird identification (cross-check)
eBird (Cornell Lab) Approximate lat/lng (~11 km) + region code Recent observation lookups, regional frequency
Firebase Authentication Anonymous user ID Sign-in (only if you sign in)
Firebase Firestore Your username + your sightings Cross-device sync (only if you sign in)
Apple App Store / RevenueCat App Store receipt + anonymous user ID Subscription purchases

We do not share your data with anyone else. We do not run analytics SDKs. We do not embed advertising networks.


4. Retention


5. Children

Birdr is not directed at children under 13. We do not knowingly collect data from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, contact us and we will delete it.


6. Your rights

You can:

EU/UK/California residents: you have rights under GDPR / CCPA to access, correct, delete, port, or restrict the processing of your personal data. Email us to exercise any of these rights.


7. Security

We use Apple's standard secure storage (Keychain / encrypted AsyncStorage) for tokens and Firebase's standard security rules for cloud data. No system is perfectly secure, but we don't store the high-value data — there's no payment info, no real name, no email — so the blast radius of any breach is limited.


8. Changes to this policy

When we change this policy, we'll update the "Last updated" date above and notify users via an in-app notice for material changes.


9. Contact

If you have any privacy question, want to exercise your rights, or want your data deleted:

📧 privacy@birdr.app

We respond within 7 business days.