ProfitMetrics.io iOS App — Privacy Policy

Effective date: November 3, 2025
Applies to: Users of the ProfitMetrics.io iOS mobile application operated by Profitmetrics ApS.
Note: This policy supplements our general Privacy Policy at https://profitmetrics.io/legal/privacy-policy and is specific to the iOS mobile application.

ProfitMetrics.io is a privacy-first business analytics application. We collect only what we need to authenticate you and run the app, and we place you in control of analytics and crash reporting through explicit opt-in consent.

‍

Information We Collect

A. Information You Provide to Us

Email address (required): used for authentication and account identification.
Storage: backend database and a cached copy in the iOS Keychain.

Password (required at login): used for authentication.
Storage: backend only; never stored locally.

Name (optional): used for profile/personalization.
Storage: backend database and a cached copy in the iOS Keychain.

Generated by our systems:
User ID: a unique identifier created by our backend for account and API authentication.
Storage: backend database and iOS Keychain.

B. Information We Collect Automatically (on device)

Collected to ensure compatibility, localization, and theming:

• Device type
• iOS version
• App version
• Locale settings (language/currency)
• Color scheme (light/dark/system)

These values are accessed via system APIs to make the app function well for your device and language. They are not sent to analytics or crash reporting unless you opt in (see “Consent-Based Analytics & Diagnostics” below).

C. Consent-Based Analytics & Diagnostics (opt-in only)

If—and only if—you grant tracking consent in the app, we send the following to our analytics and crash-reporting providers (Amplitude and Sentry):

• Device type and iOS version (segmentation and debugging)
• App version/build numbers (release quality and crash correlation)
• Screen views and navigation patterns
• Session context (theme preference, locale)
• Error messages, stack traces, and user action breadcrumbs when crashes or errors occur
• Sentry-specific: IP address (automatically collected by Sentry) and session replays (sampled at ~10% of sessions and 100% of sessions with errors)

Default: Disabled.
Control: You can grant or revoke consent anytime in Settings. When revoked, these tools stop sending new data.

D. Information We Do Not Collect

• No location data (no GPS, no background location; no location permission in app config)
• No camera or photo library access
• No contacts
• No microphone or calendar access
• No biometric data (we do not collect Face ID/Touch ID data)
• No advertising identifiers (IDFA) and no cross-app tracking (no ATT prompt required)
• No social profile data, phone numbers, or physical addresses

‍

How We Use Your Information

We use the information above for the purposes below—nothing more:

Provide and secure the app

• Authenticate your account and manage sessions
• Make secure API calls and synchronize dashboard metrics/orders/website data
• Store credentials securely in the iOS Keychain; transmit data over HTTPS only

Customize your experience

• Apply your language, currency, and theme preferences (stored locally as non-sensitive settings)

Product analytics (only with your consent)

• Understand feature usage and improve usability (Amplitude)

Diagnostics and stability (only with your consent)

• Detect and investigate crashes or errors to improve reliability (Sentry)

Account and support

• Address privacy or account requests you send to us

‍

How We Share Your Information

We do not sell your personal information. We share data only as described below and only to operate the app:

A. First-Party Backend (ProfitMetrics Backend API)

What's transmitted: email and password during authentication, authentication tokens for session management, user ID in API headers, and your business analytics requests/responses (e.g., orders, profits, website data).
Purpose: core app functionality and data synchronization.
Security: HTTPS-only; token-based auth with automatic refresh; tokens stored in iOS Keychain.

B. Amplitude — Product Analytics (Consent Required)

Data shared: user ID, email, organization ID and customer site IDs; currency & language preferences; device type and app version; screen views, navigation events; login/logout events.
Purpose: product improvement and experience optimization.
Controls: disabled by default; initialized only after your explicit consent; you can disable anytime and data collection stops. EU or US data center can be configured.
More info: https://amplitude.com/privacy

C. Sentry — Error & Crash Reporting (Consent Required)

Data shared: error messages, stack traces, device type, iOS/app version, breadcrumbs of actions leading to errors, IP address (automatically by Sentry), and session replays (approx. 10% of sessions and all error sessions).
Privacy protections: Configured to minimize collection of personal information.
Controls: initialized only after your consent. It cannot be technically “uninitialized” for the running session, but once you revoke consent it stops sending new data.
More info: https://sentry.io/privacy/

‍

Data Storage and Security

On Your Device

• iOS Keychain (encrypted): access/refresh tokens; expiration times; cached user profile (ID, email, name); agency context (for multi-account users).
• AsyncStorage (standard, non-encrypted): language, currency, color scheme, notification preferences, and tracking consent status (null/true/false).

On Our Backend

• What we store: user accounts and authentication credentials; business analytics data (orders, profits, website info).
• In transit: all network requests use HTTPS-only.

Additional Protections

• Token expiration and automatic refresh
• Session validation on app focus
• No sensitive logging (passwords/tokens excluded from logs)
• Development safeguards (test credentials limited to development builds)

‍

Your Rights and Choices

Tracking Consent (Analytics & Diagnostics)

• Default: All tracking is disabled until you opt in.
• Manage: Grant or revoke consent anytime in Settings.
• Effect of revocation: Amplitude and Sentry stop sending new data. Previously collected data may remain with those providers per their policies; you can contact us to request deletion at those providers.

Access, Correction, Deletion, Portability

• Access & Portability: Your account data is accessible via your dashboard (web interface).
• Deletion: You may request account deletion. (Note: implementing in-app deletion requires backend API support; until then, use the contact method below.)
• Preferences: You can change language, currency, notifications, and consent in Settings.
• Logout: Clears all locally stored authentication data (Keychain cache and tokens).

We will respond to requests consistent with applicable law and our technical capabilities.

Region-Specific Disclosures

• EU/EEA (GDPR): We rely on your explicit opt-in consent for analytics and crash reporting; you may withdraw consent at any time. We practice data minimization and secure storage (iOS Keychain; HTTPS). Amplitude supports an EU server zone.
• California (CCPA/CPRA): We disclose the categories we collect (email, user ID; usage/diagnostics only with consent). We do not sell personal information.

‍

International Data Transfers

• Amplitude: Data may be processed in the EU or US depending on our configured server zone.
• Sentry: Crash data may involve international transfers in accordance with Sentry’s data processing terms.

We will use the available provider controls (e.g., EU server zones) consistent with our deployment and legal requirements.

‍

Data Retention

• Authentication tokens (device): retained until expiration or logout.
• Cached user data (device): retained until logout.
• App preferences (device): retained until you uninstall the app.
• Amplitude analytics (if enabled): retained per Amplitude policy (typically 2–7 years).
• Sentry crash reports (if enabled): retained per Sentry policy (typically 30–90 days).
• Backend account data: retained until your account is deleted.

To request deletion of analytics or crash data held by Amplitude or Sentry, please contact us (see “Contact Us”).

‍

Children's Privacy

This app targets business professionals (adults) and is not directed to children under 13. Please do not use the app if you are under 13. We recommend including a 13+ age acknowledgment in the Terms of Service.

‍

App Tracking Transparency (ATT)

We do not use IDFA and do not conduct cross-app tracking.

‍

Contact Us

For privacy questions or to exercise your rights, contact us at:
Email: [email protected]
Postal address: Profitmetrics ApS, Diplomvej 381, 2800 Kongens Lyngby, Denmark

We may update this policy. This page will always reflect the current version with the updated effective date.