Privacy Policy

Effective: January 1, 2026 · Last updated: January 1, 2026

1. Who we are

CopDefender ("we," "us," "our") is a mobile application and website operated by TransparencyNow that provides civil rights information and police-encounter recording tools. This Privacy Policy explains what personal information we collect, how we use it, and the choices you have. By using our services you agree to this policy.

2. Information we collect

Information you provide directly

• Account information: email address, password (stored as a salted bcrypt hash — we never store plaintext passwords), display name (optional).
• Payment information: processed entirely by Stripe. We never see or store your card numbers, CVV, or bank details. We only store your Stripe customer ID and subscription status.
• Emergency contacts: phone numbers you choose to add for the SMS alert feature. Stored locally on your device by default.
• Video recordings: only if you enable cloud backup (paid tiers).

Information collected automatically

• Device information: device model, OS version, app version, IP address, crash logs.
• Usage analytics: screens viewed, features used, session duration. Aggregated and anonymized.
• Approximate location: only when you launch a recording session, to determine which state's laws to display. We do not track you in the background.

3. How we use your information

• To operate the app and website (authentication, subscription management, recording playback)
• To deliver state-specific legal information based on your jurisdiction
• To send transactional emails (receipts, password resets, security alerts)
• To send optional product updates and educational newsletters (you can unsubscribe at any time)
• To detect fraud, abuse, and violations of our Terms of Service
• To improve the product through aggregated, anonymized analytics
• To comply with legal obligations and respond to lawful requests

4. Video recordings & cloud storage

If you enable cloud backup (Shield or Shield+ plans), your video segments are uploaded to Supabase Storage (AWS-backed, encrypted at rest with AES-256 and in transit with TLS 1.2+). Each segment is identified by a session UUID generated on your device.

• Free tier: no cloud storage. Video stays on your device.
• Shield: rolling 30-day retention, 5 GB cap. Older segments are automatically deleted.
• Shield+: 1-year retention, unlimited storage (subject to fair-use limits).
• You own your videos. You can download, export, or delete them at any time. Deletion is permanent within 30 days (legal hold may apply if a subpoena is served — see Section 7).

5. Location data

We use the location permission to determine which state's recording-consent and rights laws apply to your situation. Specifically:

• Location is queried only when you open the app or start a recording — never in the background.
• Coordinates are cached on your device for 30 minutes to avoid repeated permission prompts.
• If you grant precise location and start a recording, the GPS coordinates are saved with that session so your evidence has a verifiable location stamp.
• You can use the app without granting location — you'll be asked to manually pick your state.

6. SMS / emergency alerts

The "Alert My Contacts" feature sends an SMS with your GPS coordinates to phone numbers you have explicitly added. Messages are sent through a regulated SMS gateway (A2P 10DLC compliant in the US). We do not market to your contacts and do not retain their phone numbers beyond what is needed to deliver the alert. SMS rates from your carrier may apply.

7. Sharing & third parties

We do not sell your personal information. We share data only with:

• Service providers who run our infrastructure: Supabase (storage + database), Stripe (payments), email delivery (transactional only), SMS gateway (alert feature). Each is bound by a data-processing agreement.
• Law enforcement or courts when we receive a valid subpoena, court order, or warrant. We will notify you unless legally prohibited. We push back on overbroad requests.
• Acquirers in the event of a merger, acquisition, or sale of assets (you'll be notified).

8. Cookies & tracking

The website uses a single session cookie to keep you logged in. We do not use third-party advertising or tracking cookies. We use first-party, privacy-respecting analytics to count anonymized page views.

9. Your rights

If you live in California (CCPA / CPRA)

You have the right to know what personal information we collect, request deletion, request correction, opt out of any sale or sharing (we do neither), and not be discriminated against for exercising these rights. Submit a request via privacy@copdefender.app.

If you live in the EU / UK (GDPR / UK GDPR)

You have the right to access, rectify, erase, restrict, port, and object to processing of your personal data. Our lawful bases are: contract (to provide the service), consent (for marketing emails), and legitimate interests (analytics, fraud prevention). You may lodge a complaint with your supervisory authority.

10. Data retention

• Account data: kept while your account is active. Deleted within 30 days of account deletion.
• Video recordings: per the retention windows in Section 4.
• Payment records: retained 7 years for tax/accounting compliance.
• Server logs: 90 days.

11. Security

We use industry-standard safeguards: TLS in transit, AES-256 at rest, bcrypt password hashing, scoped service-role keys, regular dependency audits, and least-privilege access controls. No system is 100% secure. If a breach affects your data we will notify you without undue delay and as required by applicable law.

12. Children's privacy

CopDefender is not directed to children under 13 (or under 16 in the EU). We do not knowingly collect personal information from children. If you believe a child has provided us data, contact us and we will delete it.

13. Changes to this policy

We may update this policy. Material changes will be communicated by email and an in-app notice at least 14 days before they take effect. Continued use of the service after the effective date constitutes acceptance.

14. Contact

Questions or requests? Email privacy@copdefender.app or write to: TransparencyNow / CopDefender, c/o Privacy Officer (postal address available on request).