Privacy Policy

Privacy Policy

Last Updated: February 5, 2025

Welcome to SOS Ping, owned and operated by NV Projects (“we,” “us,” or “our”). We value your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and share your information when you use the SOS Ping mobile application (“App”).

By using our App, you agree to the collection and use of information in accordance with this Privacy Policy.

1. Introduction

1.1 Scope

• This policy applies to all users of the SOS Ping App worldwide.
• Our services are primarily operated from Denmark, but we comply with:
  • EU General Data Protection Regulation (GDPR)
  • Danish Data Protection Act
  • Other applicable international privacy laws where feasible

1.2 Controller Information

• Data Controller: NV Projects
• Address: Oesterbrogade 226 st 1, Suite #67, Copenhagen, 2100, Denmark
• Contact Email: info@nmxcommerce.com
• Data Protection Officer (DPO): info@nmxcommerce.com (if applicable)

2. Information We Collect

2.1 Personal Information

• Account Details:
  • Name, email, phone number
  • Emergency contact details
• Device Identifiers:
  • Device model, operating system
  • Unique device identifiers
• Credentials:
  • Account username/password
  • Token-based authentication

2.2 Location Data

• Real-time GPS Coordinates: For emergency tracking
• Location History: Past routes or positions
• Background Location: If enabled, location data may be collected even when App is closed

2.3 Usage Data

• Interaction Data:
  • Screens and features you use
  • In-app actions
• Analytics & Crash Reports:
  • Error logs
  • Performance metrics
• Preference Settings:
  • Notification toggles
  • Theme selection
  • Language preferences

2.4 Emergency Contacts

• Contact Details:
  • Names and phone numbers
  • Relationship to user
• Usage: Communication logs in emergency scenarios

2.5 Optional Data

• Payment Information (if you subscribe to premium tiers)
• Marketing Preferences (if you opt in to marketing messages)

3. How We Use Your Information

3.1 Core Functionality

• Emergency Alerts: Notify your designated contacts with your location
• Location Sharing: Real-time tracking for emergency scenarios
• Authentication: Validate your credentials and secure your account

3.2 Service Improvement

• App Optimization:
  • Debugging errors
  • Improving performance
• Feature Development:
  • Analyzing usage patterns
  • Creating new functionalities
• Analytics: Understanding user behavior to refine UX

3.3 Communication

• Emergency Notifications:
  • SMS alerts
  • Push notifications
• Service Announcements:
  • New features
  • Version updates
  • Policy changes
• Support:
  • Responding to inquiries
  • Troubleshooting issues

3.4 Legal & Compliance

• Lawful Requests: Complying with court orders and legal processes
• Fraud Detection: Identifying and preventing misuse
• Enforcing Terms: Ensuring compliance with our Terms of Service

4. Legal Basis for Processing

4.1 Consent

• Location Tracking: You grant permission via device settings and in-app prompts
• Marketing Communications: If you opt in to receive promotional messages
• Emergency Contacts: You explicitly add their details in the App

4.2 Contract Performance

• Account Creation: Necessary for providing the App’s core services
• Subscription Services: Payment processing and account management

4.3 Legal Obligations

• Regulatory Compliance:
  • Tax requirements
  • Bookkeeping
  • Law enforcement requests

4.4 Legitimate Interests

• Analytics & Security:
  • Improving the App
  • Preventing fraud
• Service Continuity: Maintaining reliable emergency features

5. Data Processing & Storage

5.1 Storage Locations

• Primary Data Storage: East USA (Supabase servers)
• SMS Processing: United States (Twilio)
• Application Management: Denmark (EU)

5.2 Data Transfer Safeguards

• EU Standard Contractual Clauses (SCCs) for data transfers outside the EEA
• Encryption: In transit and at rest, where feasible
• Access Controls: Strict authentication for employees and contractors

5.3 Retention Periods

• Account Data: Account duration + 30 days after deletion
• Location History: 90-day rolling period unless deletion requested
• Emergency Event Data: Up to 1 year for review or legal compliance
• Analytics: Up to 2 years, often anonymized or pseudonymized

6. Your Privacy Rights

6.1 GDPR Rights (EU/EEA Residents)

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate or incomplete data
• Erasure: Ask us to delete your data (“right to be forgotten”)
• Restriction: Limit how we process your data
• Portability: Obtain your data in a structured format
• Objection: Object to processing for direct marketing
• Withdraw Consent: At any time, if processing is based on consent

6.2 Other International Rights

• Users outside the EU may have additional rights under local laws
• California residents have specific rights under CCPA
• Contact us for questions about your region’s rights

6.3 Exercising Your Rights

• Email info@nmxcommerce.com with your request
• We may require identity verification
• We aim to respond within 30 days

7. Data Security

7.1 Technical Measures

• Encryption:
  • SSL/TLS for data in transit
  • End-to-end for sensitive data
• Two-Factor Authentication for administrative access
• Security Audits: Periodic system testing
• Automated Threat Detection: Anomaly monitoring

7.2 Organizational Measures

• Employee Access Controls: Role-based data access
• Security Training: Regular data protection training
• Incident Response Plans: Data breach procedures

7.3 Third-Party Security

• Vendor Due Diligence: Security audits for suppliers
• Data Processing Agreements: Privacy standard compliance
• Breach Notification: User and regulator notifications

8. Third-Party Services

8.1 Service Providers

• Supabase (cloud infrastructure)
• Twilio (SMS messaging)
• Analytics Providers (e.g., Google Analytics, Amplitude)
• Crash Reporting (e.g., Sentry, Bugsnag)
• Payment Processors (for subscriptions)

8.2 Data Sharing

• Consent: Only share data with opt-in
• Service Provision: Location/contact data for core features
• Legal Obligations: Government or court orders
• Corporate Transactions: Mergers or acquisitions

9. Children’s Privacy

9.1 No Under-18 Use

• The App is not intended for users under 18
• We do not knowingly collect data from minors
• Contact us if you believe a minor has used our App

9.2 Parental Supervision

• Parents should monitor any permitted minor usage
• We will remove minor-related data upon request

10. International Data Transfers

10.1 Transfers

• We may transfer data outside your country (e.g., to the USA)
• Transfers are subject to appropriate safeguards like SCCs

10.2 Safeguards

• Encryption and Access Controls
• Compliance Audits
• Risk Assessments
• GDPR principles for EEA transfers
• Local data protection law compliance

11. Changes to This Policy

We may update this Privacy Policy to reflect:

• New Features or service changes
• Legal Requirements or regulatory guidance
• Security & Privacy Best Practices
• User Feedback

If changes are material, we will notify you via:

• In-App Notifications
• Email
• Prominent posting in the App

12. Contact Information

If you have questions about this Privacy Policy or your data:

• Email: info@nmxcommerce.com

• Address:
  NV Projects
  Oesterbrogade 226 st 1, Suite #67
  Copenhagen, 2100
  Denmark

• Data Protection Officer: info@nmxcommerce.com

13. Cookie & Tracker Policy

13.1 Mobile App Trackers

• Analytics Trackers: Usage stats and feature popularity
• Crash Reporters: Error data for diagnostics
• Performance Monitors: Speed and latency tracking

13.2 Your Choices

• Device Settings: Control app-level tracking
• Opt-Out: Withdraw analytics consent
• Limitations: Feature restrictions if tracking disabled

14. Data Protection Impact Assessments

We periodically perform Data Protection Impact Assessments (DPIAs) to:

• Identify & Minimize Risks
• Ensure GDPR Compliance
• Protect User Rights
• Maintain Data Security