← Back
MVM-APP Legal
Privacy Policy – Shift Planner Android
Privacy

Privacy Policy

Shift Planner Android · MVM-APP

Clearly structured, mobile-friendly, and aligned with the Android privacy information for the Shift Planner app.

Privacy Policy

Last updated: March 11, 2026 • Version 2.6 (Android)

This Privacy Policy applies to the Android app “MVM Shift Planner”.

Data Controller

Marcel Salimovic
Independent App Developer
Vienna, Austria

Privacy Contact:
Email: privacy@mvm-app.at
Web: https://mvm-app.at

Privacy Approach (“Local-First”)

MVM Shift Planner is primarily designed for local data processing. Planning data is primarily stored on your device. Data is transferred to external services only when required for the feature you use (e.g., Firebase login/synchronization, AI assistant, subscriptions, advertising in the free version).

We do not sell personal data.

Processed Data Categories

Planning and shift data: Shift codes, colors, calendar entries, notes, overtime, rules, settings (primarily local; with active Share/Sync additionally Firestore).

Personalization data: Name (optional), language, theme, reminder times, app settings (local).

Authentication data: Email, user ID (UID), sign-in status, provider info, security-relevant event data (Firebase Authentication + required local status data).

MVM Share data: Partner ID, shared shifts, swap requests including status/metadata (Cloud Firestore).

Subscription/transaction status: Status data from Google Play Billing for unlocking Pro features (no credit card/bank data processed by us).

Technical data: Diagnostics/error data according to platform/service rules.

Advertising data (free version only): if applicable, advertising/device identifiers (e.g., Advertising ID), where legally permitted and enabled by you.

MVM-AI Assistant

Optional. When used, data may be transmitted to process your request.

Processed data:

  • Prompt/chat content
  • Required app context for response

Recipients:

  • Cloudflare (technical AI proxy/worker)
  • OpenAI (AI service provider)

Consent:

  • Consent is obtained before first transmission
  • No AI transmission without consent
  • Consent can be withdrawn at any time with effect for the future

Firebase Authentication & Synchronization (MVM Share)

When using login/share features:

  • Firebase Authentication (sign-in/account management)
  • Cloud Firestore (synchronization of share data)

Email Security Emails (Firebase Authentication)

When using email login, security-related emails may be triggered (e.g., verification, password reset, login notices).

Payments & Subscriptions (Google Play Billing)

In-app purchases are processed via Google Play Billing. We only receive required status/transaction information for feature unlocking.

Advertising (Free Version Only)

Google AdMob may be used.

  • Personalized advertising only with required consent
  • Otherwise, non-personalized advertising may be shown
  • Advertising is disabled with an active Pro subscription

Android Permissions

Depending on usage, the app may request:

  • Calendar (read/write): for calendar integration
  • Notifications: for reminders
  • Internet/network status: for online features (e.g., AI, Firebase, ads)

Recipients

Depending on usage:

  • Google (Firebase Authentication, Cloud Firestore, AdMob, Google Play Billing)
  • Cloudflare (only for AI usage)
  • OpenAI (only for AI usage and consent)

Third-Country Transfers

Where service providers outside the EEA are used (e.g., USA), transfer is based on legal requirements (e.g., standard contractual clauses), where required.

Retention Periods

  • Local app data: until deletion/uninstallation
  • AI chat histories (local): until deletion/uninstallation
  • Firestore share data: until deleted by you or account deletion, unless legal obligations prevent this
  • Auth/login data: as long as operationally/security required
  • Subscription/status data: as long as required for verification/unlocking

Your Rights (GDPR)

Access, rectification, erasure, restriction, data portability, objection, withdrawal of consent, complaint to a supervisory authority (e.g., Austrian Data Protection Authority).

Data Security

We apply appropriate technical and organizational measures (e.g., transport encryption, access controls, established platform services).

Changes

We update this policy when features, legal requirements, or services change. The currently published version applies.

Contact

privacy@mvm-app.at