← Back to Crash

Privacy Policy

Last updated: March 18, 2026

Crash is built around trust. Your privacy is a core part of the experience, not an afterthought.

By using Crash, you agree to this Privacy Policy.

1. Who We Are

Crash is an iOS app developed by Joshua Shinkle (crash.livesimple@gmail.com). It is a personal, non-commercial project.

2. What Data We Collect and Why

We collect only what is necessary to provide the app's core functionality. Here's exactly what we collect and why:

Account & Identity
  • Email address — account creation, authentication, and password reset
  • First and last name — to identify you to your friends
  • Username — your unique handle within the app
  • Profile photo (optional) — stored in Firebase Storage; visible to all users of the app
  • Phone number (optional) — stored privately in your profile; used only to help your contacts discover you on Crash. Never visible to other users.
Location
  • Exact home address (street address, city, state, ZIP, and precise coordinates) — revealed to approved guests beginning on the day of arrival and hidden automatically after the departure date (see Section 3)
  • Approximate home location (city-level) — shown on the map to accepted friends only
Activity
  • Chat messages (text, timestamp, sender) — for in-app messaging between friends
  • Friend connections — who you are mutually connected with; used for core functionality
  • Crash request data (dates, guest count, status) — to manage stay requests
Device & System
  • iOS Calendar events (read/write via EventKit) — only when you choose to add a stay to your calendar
  • iOS Contacts (read-only, via Apple Contacts framework) — only when you tap "Find Friends from Contacts". Phone numbers from your contacts are normalized and checked against a private server-side index to find registered users. Your contacts list is never stored on Crash's servers.

We do not collect analytics, advertising IDs, browsing behavior, or any tracking data. We have no analytics SDK, crash-reporting SDK, or advertising SDK. We do not sell your data or use it for advertising of any kind.

3. How Location Is Shared

Location visibility is tiered based on your relationship with other users and is managed automatically — no action is required from you to hide or reveal your location.

Who What they can see
Non-friends (anyone not mutually connected with you) No location information at all
Accepted friends Your approximate location (city-level circle on the map)
A friend whose crash request you have approved, beginning on their arrival day and until their departure date Your exact address (street address and precise coordinates)

Once the departure date passes, the exact address is automatically hidden. No action is required from you.

What you are always in control of:

  • Accepting or declining any friend request
  • Removing any friend at any time (which immediately removes their access to your location)
  • Approving or declining any crash request
  • Cancelling an approved crash at any time
  • Deleting your account and all associated data at any time (Settings → Delete Account and Data)

4. Third-Party Services

Crash uses the following third-party services:

  • Firebase Authentication (Google LLC) — stores your email address and authentication tokens. Google's servers are located in the United States.
  • Cloud Firestore (Google LLC) — stores all app data listed in Section 2. Firebase Privacy Policy.
  • Firebase Storage (Google LLC) — stores profile photos. Photos are accessible to any authenticated user of the app.
  • Apple Maps / MapKit — used to display the in-app map. No user data is transmitted to Apple by Crash for this purpose; MapKit operates client-side.
  • Apple EventKit — accesses your iOS calendar only when you choose to add a crash stay. No calendar data is stored on Crash's servers.
  • Apple LocalAuthentication — if you enable Face ID / Touch ID sign-in, authentication is handled entirely by iOS on your device. Crash never receives your biometric data; credentials are stored in the iOS Keychain on-device only.
  • Apple Contacts — accessed read-only only when you use "Find Friends from Contacts". Your full contact list is not stored on Crash's servers; only normalized phone numbers are transmitted to Firestore for the purpose of matching registered users.

5. Data Retention

Your data is retained as long as your account exists.

When you delete your account (Settings → Delete Account and Data), the following are permanently and immediately deleted:

  • Your private profile (address, coordinates, phone number)
  • Your public profile (name, username)
  • Your profile photo (if uploaded)
  • Your contacts discovery index entry (if a phone number was provided)
  • Your friend list and all pending friend requests
  • Your crash requests
  • Your chat thread references and messages

6. Your Rights

Right to deletion: Use Settings → Delete Account and Data in the app. This is immediate and permanent.

Right to access: Contact us at crash.livesimple@gmail.com to request a copy of your data.

EU / EEA users (GDPR): You have additional rights to rectification, restriction of processing, and data portability. Contact us at crash.livesimple@gmail.com to exercise these rights.

California users (CCPA): You have the right to know what personal information we collect (described in Section 2) and the right to delete it (described above). We do not sell your personal information to any third party.

7. Age Requirement

Crash is intended for users who are 16 years of age or older. We do not knowingly collect personal information from anyone under 16. If you believe a minor has created an account, please contact us at crash.livesimple@gmail.com and we will delete the account.

8. Security

Your data is stored in Google Cloud Firestore and Firebase Storage, both protected by security rules. Users can only read their own private profile. Exact home addresses are only readable by the parties to an approved crash stay, and only within the approved time window. Profile photos are readable by any authenticated user of the app.

9. Changes to This Policy

We may update this Privacy Policy from time to time. The date at the top of this page indicates when it was last revised. Continued use of the app after any changes constitutes your acceptance of the updated policy.

10. Contact

If you have questions or concerns about this Privacy Policy, contact us at:
crash.livesimple@gmail.com