Legal
Privacy Policy
This Privacy Policy explains how The Cloud Labs (“we”, “us”, “our”) collects, uses, stores, and shares personal data when you use the MySafeMeet iOS application (“the app”). Please read it carefully before using the app.
We are committed to protecting your privacy and processing your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Who We Are
Data Controller:
The Cloud Labs
United Kingdom
Contact: hello@mysafemeet.com
If you have questions or concerns about how we handle your personal data, please contact us at the address above.
2. What Data We Collect and Why
2.1 Account and Contact Information
When you register and use the app, we collect:
| Data | How collected | Why we use it |
|---|---|---|
| Name | You provide it at sign-up | To identify you within the app and in messages sent to your safe contacts (consent requests, check-in alerts) |
| Email address | You provide it at sign-up | To authenticate your account via AWS Cognito; we do not use your email for marketing unless you separately consent |
| Phone number | You provide it in your profile | To send SMS alert messages on your behalf when a check-in is missed, and to identify your account |
Legal basis: Performance of a contract (providing the safety-monitoring service you have requested) and, where applicable, your consent.
2.2 Safe Contacts (Your In-App Contact Book)
You can manually add people (“safe contacts”) to your in-app contact book. For each contact you add, we store:
- Name
- Phone number
- Email address (optional)
- Consent status (whether the contact has agreed to receive notifications)
Important: The app does not read your device’s address book or contacts library. Every contact in the app is entered manually by you.
How this data is used: Safe contacts’ details are used solely to send them notifications (push and/or SMS) on your behalf when the app detects a missed check-in or you manually trigger an alert. Contacts receive a consent request before being enrolled; they can withdraw consent at any time.
Legal basis: Your explicit consent and legitimate interest in enabling the safety-monitoring features you have activated.
2.3 Precise Location (Background)
During an active meeting, the app collects your device’s precise GPS location in the background to:
- Detect when you arrive at the meeting location using a circular geofence.
- Record your last known location in the event of a missed check-in, so that location can be included in the alert sent to your safe contacts.
Background location is only active while a meeting is running. It is not collected at any other time. Location data is stored in our AWS backend (eu-west-2) against your user account.
Legal basis: Your explicit consent (you grant the “Always” location permission when prompted) and performance of contract.
2.4 Emergency Contact Information
The app includes optional fields where you can record an emergency contact — a name and phone number for someone your safe contacts can call if you miss a check-in. This is contact information, not health or medical data.
- You choose whether to complete these fields. They are entirely optional.
- Your emergency contact details are transmitted to your safe contacts only if (a) you have enabled the “share emergency contact” setting for a specific meeting, and (b) a check-in is missed on that meeting.
- Emergency contact data is stored encrypted in our AWS backend (eu-west-2).
Legal basis: Your explicit consent.
2.5 Purchase History
When you subscribe to MySafeMeet Premium (monthly or annual), we receive confirmation of your subscription status from Apple via the App Store receipt-validation API. We store your subscription tier and expiry date in our backend to determine which features you can access. We do not receive your full payment details — billing is handled entirely by Apple.
Legal basis: Performance of contract.
2.6 Device Identifier and Push Token
We generate and store a persistent UUID for your device (“device ID”) to register it with our push-notification infrastructure (AWS SNS). This identifier is stored locally on your device and in our backend. It is used only to deliver push notifications to your specific device.
Legal basis: Performance of contract and legitimate interest (delivering notifications you have enabled).
2.7 Data We Do Not Collect
We do not collect:
- Data from your device’s address book or contacts library.
- Crash reports or usage analytics (no third-party analytics SDK is integrated).
- Advertising identifiers or data used for cross-app tracking.
3. How We Share Your Data
We do not sell your personal data. We do not share it with advertisers or use it for cross-app tracking.
We share data only in the following circumstances:
3.1 With Your Safe Contacts (at Your Direction)
When a missed check-in is detected, the app sends a notification on your behalf to the safe contacts you have selected for that meeting. This notification may include:
- Your name.
- Your last known location (a map link or coordinates).
- Your emergency contact details (name and phone number), if you have enabled sharing for that meeting.
This sharing is entirely under your control. You choose which contacts to add and which meetings they are associated with.
3.2 With Our Service Providers (Data Processors)
We use third-party services to operate the app. These providers act as data processors under UK GDPR and are bound by data-processing agreements:
| Provider | Role | Location |
|---|---|---|
| Amazon Web Services (AWS) | Backend infrastructure — API, database (DynamoDB), push notification delivery (SNS), and authentication (Cognito) | Our backend is deployed in eu-west-2 (London). AWS infrastructure operates under AWS’s standard data-processor commitments. |
| Apple | App distribution, in-app subscription billing, push notification delivery (APNs) | United States (see Section 7 on international transfers) |
We do not use any other analytics, advertising, or data-broker services.
4. How Long We Keep Your Data
| Data | Retention period |
|---|---|
| Account data (name, email, phone) | Retained while your account is active. Deleted within 30 days of account deletion. |
| Safe contacts | Deleted with your account or immediately if you remove them in the app. |
| Location data (meeting events and geofence logs) | Retained for up to 12 months to support meeting history, then deleted. |
| Emergency contact information | Retained while your account is active. Deleted with your account. |
| Subscription records | Retained for up to 7 years for financial/accounting compliance, then deleted. |
| Device tokens | Deleted when you deregister the device or delete your account. |
5. Your Rights Under UK GDPR
As a UK data subject you have the following rights:
- Right of access — you can request a copy of the personal data we hold about you.
- Right to rectification — you can correct inaccurate data directly in the app (profile settings) or by contacting us.
- Right to erasure — you can delete your account from the app (Profile → Delete Account), which triggers deletion of your personal data as described in Section 4. You may also contact us to request erasure.
- Right to restrict processing — in certain circumstances you can ask us to pause processing your data.
- Right to data portability — you can request a machine-readable copy of data you have provided to us.
- Right to object — you can object to processing based on legitimate interest.
- Rights related to automated decision-making — we do not make automated decisions that produce legal or similarly significant effects.
In-app account deletion: the app includes a “Delete Account” feature in the Profile section. Using it will permanently delete your account and associated personal data from our systems within 30 days.
To exercise any right, contact us at hello@mysafemeet.com. We will respond within one month.
You also have the right to lodge a complaint with the UK supervisory authority:
Information Commissioner’s Office (ICO)
https://ico.org.uk
0303 123 1113
6. Data Security
We take appropriate technical and organisational measures to protect your personal data, including:
- Data in transit is protected by TLS/HTTPS.
- Data at rest is stored in AWS services configured with encryption (AES-256 at rest for DynamoDB).
- Authentication is handled by AWS Cognito with multi-factor authentication available.
- Access to backend systems is restricted to authorised personnel only.
No method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.
7. International Data Transfers
Our backend is deployed in eu-west-2 (London, UK) and your data is stored there. However, the following processors may involve transfers outside the UK:
- Apple (push notification delivery via APNs, App Store subscription billing): Apple Inc. is based in the United States. These transfers are made under appropriate safeguards, including Apple’s standard contractual mechanisms and its adequacy status for transfers from UK to US under the UK-US data bridge or standard contractual clauses.
We do not make any other international transfers of personal data.
8. Children’s Privacy
MySafeMeet is not directed at children under 13 (or under 16 in jurisdictions where that age applies). The app is rated 4+ on the App Store solely because it contains no objectionable content; the service itself is intended for adults and older teenagers who can independently manage their own safety meetings.
We do not knowingly collect personal data from children under 13. If you believe we have inadvertently collected data about a child under 13, please contact us immediately at hello@mysafemeet.com and we will delete it.
9. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will update the “Last updated” date at the top. For material changes, we will notify you in the app or by email. Continued use of the app after changes take effect constitutes acceptance of the revised policy.
10. Contact Us
If you have questions about this Privacy Policy or how we handle your personal data:
The Cloud Labs
Email: hello@mysafemeet.com