Privacy Policy — Sea Maps & AR
Effective date: 23 May 2026 · Last updated: 23 May 2026
This Privacy Policy describes how the iOS application Sea Maps & AR (the “App”) processes personal data within the meaning of Regulation (EU) 2016/679 (“GDPR”) and applicable U.S. state privacy laws, including the California Consumer Privacy Act as amended by the CPRA (collectively “CCPA/CPRA”). The App is published by an independent developer, has no proprietary back-end, requires no account, and never creates a server-side user profile.
1. Data controller
Pursuant to Art. 4(7) GDPR the data controller is:
- Andrea Piani — independent iOS developer, Italy.
- Contact: andreapiani.dev@gmail.com.
Because the project is run by a single natural person acting as a sole developer, no Data Protection Officer (DPO) is appointed under Art. 37 GDPR; the controller acts as the sole point of contact for all privacy-related requests.
2. Scope of this policy
This policy applies exclusively to the Sea Maps & AR iOS app distributed through the Apple App Store, including its Apple Watch companion. It does not cover third-party services that you may reach through the App (for example tile servers, marine data providers, the Google ad network or the Apple App Store itself), each of which is governed by its own privacy policy. Where this document references such third parties, links are provided for transparency.
3. Summary at a glance
- GPS location: processed on-device for chart positioning, route guidance, anchor watch and AR alignment. Never transmitted to any developer-controlled server. Used in background only after you start a live navigation session.
- Routes, waypoints, POIs and settings: stored in the app sandbox and optionally synchronized to your private iCloud database (CloudKit). They never reach the developer.
- Camera and motion sensors (AR view): used live, on-device, only while the AR scene is open.
- Google AdMob advertising: the App shows ads (App Open, Rewarded Interstitial, Native). When App Tracking Transparency (ATT) is denied or unavailable, ads are non-personalized (NPA). When ATT is granted, ads may be personalized using the IDFA.
- In-app purchases — Pro: monthly, yearly and lifetime tiers handled entirely by Apple StoreKit. Active Pro users see no ads and the ad SDK is not initialized.
- App Tracking Transparency (ATT) prompt on iOS, plus Google UMP consent module in the EU/EEA/UK for IAB TCF v2.
- Crash & diagnostics: only Apple’s system telemetry, opt-out from iOS Settings. No third-party analytics SDK.
- Apple Watch companion: receives the active route, distance, anchor watch and MOB events from the iPhone via Apple WatchConnectivity. No developer server is involved.
- Children: not directed at users under 13; App Store age rating 4+.
4. Categories of data the App processes
4.1 Precise location (GPS) — Core Location
The App uses Apple’s Core Location framework with two authorization modes:
- While Using the App: to center the marine chart on your position, compute distances to POIs, query local weather and orient the AR waypoint scene.
- Always / Background: requested only after you explicitly start a live navigation session, in order to keep tracking active when the screen is locked. This powers the anchor-drag alarm, off-route notifications and waypoint proximity alerts.
Location data is processed on the device. It is never transmitted to a developer-controlled server. When the App contacts third-party data sources (tiles, weather, tides), only anonymous geographic coordinates or a bounding box are included — no identifiers, no IDFA, no cookies. Legal bases: Art. 6(1)(b) GDPR (performance of the requested navigation service) and, where applicable, Art. 6(1)(a) GDPR (your iOS authorization).
4.2 Camera and motion sensors (AR) — ARKit
The AR view uses Apple’s ARKit framework, the rear camera and the device motion/IMU sensors to overlay waypoints, distance labels and a luminous beacon on the live camera feed. The camera stream is processed entirely on the device, in real time, and is never recorded, stored or transmitted. Legal basis: Art. 6(1)(a) GDPR (your iOS authorization). You can revoke this permission at any time from iOS Settings.
4.3 Routes, waypoints, POIs, and settings — sandbox + private CloudKit
Routes you create, waypoints, saved POIs, weather preferences and unit settings are stored locally inside the app sandbox. If you have enabled iCloud, this data is also synchronized to your private CloudKit database under your own Apple ID. The developer cannot read or access that database; Apple acts as the data processor and applies its own protections, including end-to-end encryption for the private CloudKit database where supported. No copy is ever sent to a developer-controlled server. Legal basis: Art. 6(1)(b) GDPR.
4.4 Network connections (third-party data sources)
The App connects directly from your device to third-party endpoints to fetch map tiles, POI metadata, weather, tides, currents and bathymetry. Those endpoints inevitably observe your public IP address and the geographic bounding box you are viewing. No user identifier, IDFA or cookie is attached. See section 8 for the full list and their privacy policies. Legal bases: Art. 6(1)(b) GDPR (performance of the service you requested) and Art. 6(1)(f) GDPR (legitimate interest in delivering the chart you opened).
4.5 Local notifications (UserNotifications, no remote push)
The App schedules local notifications through Apple’s UserNotifications framework for anchor-drag alarms, off-route warnings, weather alerts and waypoint proximity. The App does not use Apple Push Notification service (APNs) for remote push and the developer has no notification server. No device token is collected and no message content leaves your device.
4.6 Diagnostics and crash reports (Apple system, no third-party SDKs)
If you have enabled “Share With App Developers” in iOS Settings, Apple may forward anonymized diagnostic and crash data to the developer through Apple’s system tooling. No third-party crash or analytics SDK (no Firebase Crashlytics, no Sentry, no Mixpanel, no Facebook SDK, no AppsFlyer, no Adjust) is integrated. You can opt out at any time in iOS Settings › Privacy & Security › Analytics & Improvements.
4.7 Apple Watch companion — route, distance, anchor watch, MOB
The optional Apple Watch app mirrors the active route, distance to the next waypoint, anchor watch status and Man Overboard (MOB) events on your wrist. The watch communicates with the iPhone exclusively through Apple’s WatchConnectivity framework on a paired-device basis. No data is sent from the watch to a developer-controlled server. Watch location, when used, follows the same Core Location rules described in section 4.1.
5. App Tracking Transparency (ATT)
On iOS, before any tracking identifier may be shared with third parties, the App shows the standard App Tracking Transparency prompt required by Apple. The prompt explains that allowing tracking lets the App share the IDFA with Google AdMob for personalized advertising.
- If you allow tracking: the IDFA may be shared with Google AdMob for personalized ads, and consent under Art. 6(1)(a) GDPR is recorded for this specific purpose.
- If you ask the App not to track: no IDFA is shared. AdMob is initialized in non-personalized mode (NPA flag). You will still see ads, but they will not be personalized using cross-app identifiers.
- Consequence of refusal: the App remains fully functional; you will simply see contextual (non-personalized) ads instead of personalized ones.
You can change your decision at any time in iOS Settings › Privacy & Security › Tracking › Sea Maps & AR.
6. Advertising — Google AdMob
The App integrates the Google Mobile Ads SDK (Google AdMob) to display advertising. The following formats are used:
- App Open — full-screen ad shown when the App is brought to the foreground.
- Rewarded Interstitial — opt-in full-screen ad that can grant a temporary in-app reward.
- Native — in-context placements that match the App’s visual style.
Consent and ad personalization:
- If ATT is denied or unavailable, or if you refuse personalized advertising via the EU consent module, ads are non-personalized (NPA flag passed to the SDK). Legal basis: Art. 6(1)(f) GDPR — legitimate interest in funding the App through contextual advertising.
- If ATT is granted and (in the EU/EEA/UK) consent is given through the Google UMP module, ads may be personalized using the IDFA. Legal basis: Art. 6(1)(a) GDPR — your explicit consent.
- If you are an active Pro user, the Mobile Ads SDK is not initialized at all and no ads are served.
Categories of data that Google AdMob may receive (as declared by Google for the Mobile Ads SDK): IDFA (only if ATT is granted), Advertising Data, Coarse Location derived from the IP address, Product Interaction events, Crash Data and diagnostic information needed to render and measure the ad.
In the European Union, the European Economic Area, the United Kingdom and Switzerland the App also displays the Google User Messaging Platform (UMP) consent form to collect your choices under the IAB Transparency & Consent Framework v2 (TCF v2). Vendors covered include Google’s ad network and Google’s IAB TCF partners; the full, current list of purposes and vendors is presented inside the UMP form itself, which you can reopen at any time from the in-app Settings sheet (“Manage ad preferences”).
For more information on how Google processes ad-related data, see the Google Privacy Policy and the Google Advertising pages.
7. In-app purchases — Apple StoreKit
The App offers an optional Pro subscription with three tiers: monthly, yearly and a lifetime one-time purchase. Pricing, billing, taxation, refunds and family sharing are managed by Apple under your Apple ID. The transaction flow uses Apple’s StoreKit 2 framework.
- The App only receives an entitlement state (“Pro active” or “Pro not active”) and a transaction identifier scoped to your Apple ID.
- The developer never sees your payment card, billing address, Apple ID email or any other purchase-related personal data.
- Active Pro users do not see ads and the ad SDK is not initialized for them.
Legal basis: Art. 6(1)(b) GDPR (performance of the purchase you requested).
8. Third-party data sources
The App fetches charts, environmental data and points of interest directly from public, anonymous HTTP endpoints. No user identifier, IDFA or cookie is attached. Each provider has its own privacy policy:
- OpenStreetMap base tiles — OSMF Privacy Policy.
- OpenSeaMap nautical overlay — openseamap.org.
- Overpass API for OSM POI metadata — overpass-api.de.
- Open-Meteo and Open-Meteo Marine for weather and marine forecast — open-meteo.com/en/terms.
- NOAA CO-OPS for tides and currents — tidesandcurrents.noaa.gov.
- ISPRA RMN (Italian National Mareographic Network) for Italian tides — mareografico.it.
- EMODnet, GEBCO and NOAA ENC for bathymetry and electronic nautical charts.
These services may log your public IP address and the requested area as part of their normal HTTP operation. The developer has no agreement to receive that data back.
9. Apple platform services
Distribution and operation of the App rely on Apple platform services, each governed by Apple’s privacy policy:
- App Store — distribution, age rating, App Privacy report.
- StoreKit — in-app purchases and entitlements.
- CloudKit — your private routes/POIs database under your Apple ID.
- MapKit and Core Location — positioning and Apple base-map components where used.
- ARKit — camera/motion fusion for the AR scene.
- UserNotifications — local notifications only.
- StoreKit 2 — subscription state and transactions.
- WatchKit and WatchConnectivity — Apple Watch companion.
Apple acts as an independent controller for the platform-level processing it performs and as a processor where it stores your private CloudKit data on your behalf. See the Apple Privacy Policy.
10. Where data is processed and international transfers
Personal data handled on-device stays on your device or in your private iCloud. Where third-party services are contacted (section 8) or where advertising data is shared with Google AdMob (section 6), processing may occur outside the European Economic Area, including in the United States. Such transfers are covered by the Standard Contractual Clauses adopted by the European Commission and, for Google, by the EU–U.S. Data Privacy Framework, in accordance with Chapter V GDPR. Apple platform transfers are governed by Apple’s own transfer mechanisms and supplementary measures.
11. Data retention
- Developer servers: none, therefore zero retention by the developer.
- On-device data (routes, POIs, settings, tile cache, prefetched data): retained for as long as the App is installed; removed when you uninstall the App or clear the cache from the in-app Settings.
- iCloud data: retained under your Apple ID until you delete it from iOS Settings › [your name] › iCloud › Manage Account Storage, or until you sign out of iCloud.
- Google AdMob data: retained by Google according to its own policy.
- Apple diagnostics: retained by Apple according to its own policy.
12. Security
The App enforces HTTPS / App Transport Security for all network requests. Local persistence relies on the iOS app sandbox and on Apple file-protection classes. iCloud synchronization relies on CloudKit’s private database, encrypted in transit and at rest by Apple. Because no developer-controlled server exists, there is no developer-side credentials database that could be attacked. You are responsible for protecting your device with a passcode and Face ID/Touch ID.
13. Your rights
Under Articles 12 and 15–22 GDPR you have the rights of access, rectification, erasure, restriction, portability and objection, as well as the right to withdraw consent at any time without affecting the lawfulness of processing carried out before withdrawal. In practice, because the App holds no server-side data about you, these rights are exercised as follows:
- Revoke ATT: iOS Settings › Privacy & Security › Tracking › Sea Maps & AR › OFF.
- Reopen the EU consent form (UMP): in the App, Settings sheet › Privacy › Manage ad preferences.
- Object to advertising / non-personalized ads: deny ATT and/or refuse personalized ads in UMP; you may also subscribe to Pro to disable ads entirely.
- Disable location, camera, motion or notifications: iOS Settings › Sea Maps & AR.
- Erase local data: uninstall the App, or clear caches from the in-app Settings.
- Erase iCloud data: iOS Settings › [your name] › iCloud › Manage Account Storage.
- Contact the developer at andreapiani.dev@gmail.com for any other request; responses are provided within 30 days as required by Art. 12(3) GDPR.
You also have the right to lodge a complaint with a supervisory authority (in Italy, the Garante per la protezione dei dati personali).
California residents (CCPA/CPRA). The developer does not sell personal information for money. The sharing of the IDFA with Google AdMob for personalized advertising, when you have granted ATT, may qualify as “sharing” or “cross-context behavioral advertising” under the CPRA. You can exercise your right to opt out of sharing at any time by denying or revoking ATT in iOS Settings, which immediately switches AdMob to non-personalized mode. You also have the rights to know, to delete, to correct and to non-discrimination, exercisable by writing to andreapiani.dev@gmail.com.
14. Children
The App is not directed to children under 13 and carries an App Store age rating of 4+. The developer does not knowingly collect personal data from children. If you believe a child has provided personal data through the App, please contact the developer so that any local data on the device can be removed and, where applicable, consent flows can be reviewed.
15. Automated decision-making
The App does not perform automated decision-making producing legal or similarly significant effects on you within the meaning of Art. 22 GDPR. Ad selection performed by Google AdMob is governed by Google’s own policies and is not used by the developer to make any decision about you. Route guidance is a real-time geometric computation and is not used to evaluate you as a person.
16. Changes to this policy
This document may be updated to reflect new features, new third-party services or regulatory changes. The effective date at the top of the document indicates the current version. Continued use of the App after an update means you have read the revised policy; significant changes affecting consent will be re-prompted through the ATT and/or UMP flows.
17. Contact
For privacy questions or to exercise the rights described above, write to andreapiani.dev@gmail.com. Replies are provided within 30 days in accordance with Art. 12(3) GDPR. For complaints in Italy, you may also address the Garante per la protezione dei dati personali.