Tree Hugger Privacy Policy
Tree Hugger is an iOS app that lets people in New York City discover, name, and engage with the city's street trees and nearby rest stops. We try to collect as little personal information as possible, and what we do collect is used only to make the app work. This policy explains what we collect, why, and what your choices are.
What we collect
- Precise location (via Apple's Core Location, when-in-use only). We use your location to center the map, to confirm you are physically near a tree before letting you name it or count a hug (approximately within 30 meters), and to surface nearby rest stops. Your location is not stored by the app or sent to our servers. It is used in-memory on your device for proximity checks and is not linked to your identity.
- Account information via Sign in with Apple. When you create an account we receive an Apple user identifier and, if you choose to share them, your name and email address. This is the minimum needed to authenticate you and attribute the content you create.
- User-generated content: tree names, comments, likes, hugs, and content reports. Each record is associated with your Firebase user ID so that you can manage your own contributions and so other users can see who named a tree.
- No analytics or tracking. Tree Hugger does not include any analytics SDKs. Firebase Analytics is not enabled. We do not use advertising identifiers and we do not track you across other apps or websites.
How we use what we collect
- To show the map, your location on it, and trees and rest stops near you.
- To enforce proximity rules for naming trees and counting hugs (a small "you must be here" check).
- To attribute names, comments, hugs, and likes to the account that created them.
- To moderate user-generated content when it is reported by other users.
- To send service-related notifications (for example, replies to your comments). We do not send marketing messages.
Third parties
We use the following third-party services. We do not sell your data, and we do not share it with anyone else.
- Google (Firebase). Firebase Authentication holds your account record. Cloud Firestore stores your user-generated content. Cloud Messaging may be used in the future to deliver push notifications you opt into. These services run on Google infrastructure in the United States.
- Apple. Sign in with Apple handles authentication. Apple's privacy practices apply to that step.
- NYC Open Data. Public tree data is read from the NYC Forestry Tree Points dataset. Nothing about you is sent back; this is a one-way read of open public data.
Data retention
We retain your account record and the content you create for as long as your account exists. On request, your account record and the user-generated content attributed to you are deleted from our database. Anonymized aggregate counts (for example, the total hug count on a tree) may persist after individual records are removed.
Your rights and choices
- Sign out from inside the app's settings at any time.
- Delete your account and all your content by emailing us at hughes.khalil@gmail.com. We will process the request within 30 days and confirm by reply.
- Request deletion of specific content you created by emailing us.
- Request a copy of the data associated with your account by emailing us.
- Revoke location permission at any time in the iOS Settings app. The map will still work, but features that require proximity (naming, hugging) will be unavailable.
Moderation, blocking, and reporting
Because Tree Hugger displays user-generated names and comments, the app includes the ability to report individual pieces of content and to block other users. Reports are reviewed and content that violates our community guidelines is removed.
Children's privacy
Tree Hugger is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us and we will delete it.
Security
We rely on Firebase Authentication and Cloud Firestore security rules to restrict access to your data. No method of storage or transmission is perfectly secure, but we follow industry standard practices and keep our dependencies up to date.
Changes to this policy
If we update this policy, the "Last updated" date above will change and the new version will be reflected in-app. Material changes will be communicated more prominently, for example via an in-app notice the next time you open the app.
Contact
Questions, deletion requests, or anything else: hughes.khalil@gmail.com.