Privacy Policy

Last updated: April 24, 2026

      Short version: WilderGuard is an offline-first survival field manual.
      We do not sell or share your personal data. Your guides, notes, bookmarks, and map markers
      stay on your device. The only data we collect is anonymous crash reports and, if you allow it,
      your FCM push notification token so we can send you emergency alerts.
    

1. Who We Are

WilderGuard ("the App") is developed and maintained by KheniTech. Questions about this policy can be sent to contact@khenitech.com.

2. Data Stored Locally on Your Device

The following data is stored exclusively on your device and never transmitted to our servers:

Bookmarks & Progress — which protocols you have saved or completed
Field Notes — text notes attached to individual protocols
User-Created Content — custom categories, guides, and steps you create
Media — photos and videos attached to user-created guides (stored via Capacitor Filesystem)
Map Markers — custom pins you drop on the offline map
Trusted Contact — a phone number you save in Settings for Quick Contact; it never leaves your device
Downloaded Map Packs — regional PMTiles files saved to device storage for offline navigation
Theme & Preferences — display settings stored in localStorage

All of the above is stored in localStorage or Capacitor Filesystem. Uninstalling the App removes this data entirely.

3. Data We Collect

Push Notification Token Opt-in

If you grant notification permission, the App registers a Firebase Cloud Messaging (FCM) token and stores it in our Firestore database. This token is used solely to deliver emergency alerts and app updates to your device. It is not linked to your identity, name, or email address. You can revoke this at any time by disabling notifications in your device Settings.

Crash Reports Automatic

Firebase Crashlytics automatically captures crash logs if the App encounters an unrecoverable error. Crash reports contain: device model, OS version, app version, and a stack trace. No personally identifiable information is included. You can opt out by uninstalling the App.

Anonymous Analytics Automatic

Firebase Analytics collects anonymous, aggregated usage data — screen views, feature interactions, and session length. This data cannot identify you personally and is used solely to improve the App. No advertising IDs or personal identifiers are collected.

4. Data We Do Not Collect

No name, email address, or account information (no sign-up required)
No precise or continuous location tracking
No advertising IDs or device fingerprints
No contacts, calendar, or microphone data
No photos or camera data beyond what you explicitly add to your own user-created guides

5. Location Data

Location is used in two specific, user-initiated scenarios only:

Global Alerts proximity — if you grant location permission, the Alerts screen uses your coordinates to rank nearby earthquake and disaster alerts. Your location is processed on-device and is never sent to our servers.
Quick Contact share — when you tap "Share Location (WhatsApp)" in the Quick Contact sheet, the App requests your GPS coordinates and composes a WhatsApp message sent by you. We do not store or transmit your coordinates; the message is sent entirely by your device. If GPS is unavailable, the App uses an IP-based location service (ipapi.co) as a fallback to obtain an approximate location. Only your IP address is shared with this service and is not stored by WilderGuard.

6. Network Requests

The App makes the following outbound requests. None include personal data unless noted:

Firestore (Google) Guide content (categories, protocols) is fetched from Cloud Firestore on startup. Only read requests are made; no user data is written except FCM tokens (see Section 3).
Firebase Storage (Google) Guide images, category images, and regional map packs are served from Firebase Storage. Only anonymous download requests are made.
USGS Earthquake Feed The Alerts screen fetches public earthquake data from earthquake.usgs.gov. No personal data is sent.
ReliefWeb / GDACS The Alerts screen fetches public humanitarian and disaster data from api.reliefweb.int and gdacs.org. No personal data is sent.
Nominatim (OpenStreetMap) If you grant location permission, the Alerts screen performs a one-time reverse geocode via nominatim.openstreetmap.org to show a human-readable location label (e.g. "Mumbai, India"). Your coordinates are sent to this service for this purpose.
Protomaps / OpenStreetMap CDN Online map tiles and font glyphs are streamed from public CDN endpoints. No personal data is transmitted.

7. Firebase Services Summary

Firestore Active — Guide content delivery and FCM token storage.
Firebase Storage Active — Hosting guide images and offline map packs.
Firebase Analytics Active — Anonymous usage analytics.
Firebase Crashlytics Active — Anonymous crash reporting.
Firebase Cloud Messaging Active — Push notifications (opt-in).

Firebase is operated by Google LLC. See Google's Privacy Policy for details on how Google handles data.

8. Data Sharing

We do not sell, trade, rent, or share your personal data with any third parties. The only external data flows are the anonymous service requests described above.

If you use the Share feature to export notes, progress reports, or protocol text, that content is sent via your device's native share sheet to the destination of your choice. We have no visibility into or control over that transfer.

9. Children's Privacy

The App does not knowingly collect personal information from children under 13. Because no personal data is collected from any user (beyond the anonymous data described above), the App is compliant with COPPA and equivalent regulations by design.

10. Your Rights & Data Deletion

All locally stored data (bookmarks, progress, notes, maps) can be erased at any time via Settings → Clear All Data or by uninstalling the App. To request deletion of your FCM push token from our Firestore database, contact us at contact@khenitech.com.

11. Security

All data stored locally is protected by your device's own security (screen lock, encryption). All communications with Firebase services are encrypted in transit using TLS. FCM tokens stored in Firestore are write-only from devices; only the admin account can read them.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted at wilderguard.com/privacy with an updated "Last updated" date. Continued use of the App after changes are posted constitutes acceptance of the updated policy.

13. Contact

Developer: KheniTech
Email: contact@khenitech.com