Privacy Policy

App: DevFeed

Provider / Data Controller: Tinkernook, an independent developer based in Morocco ("we", "us", "our")

Last updated: 14 June 2026

This Privacy Policy explains what information the DevFeed app (the "App") collects, why, and your choices. By using the App you agree to this policy.

1. Summary

DevFeed is designed to collect as little personal data as possible. There is no sign-up, no login, and no password. We do not sell your data and we do not use it to track you across other apps or websites for advertising.

2. Information We Collect

a) Anonymous identifier. When you first open the App, you are signed in anonymously through Firebase Authentication. This assigns your device a random identifier (a "UID") that we use to attribute your submissions and interactions and to apply abuse limits. It is not linked to your name, email, or real-world identity.

b) Content you submit. If you submit a package or project, we store what you provide: its name, description, category, link, and icon image, together with your anonymous UID and a timestamp.

c) Reports. If you report a post, we store the reported post's identifier, the reason you selected, and your anonymous UID.

d) Optional notification email. After submitting, you may choose to provide an email address so we can tell you whether your submission was approved or rejected. This is optional — if you don't provide it, we don't have it.

e) Interaction & app data stored on your device. Your saved items, upvotes, reported-post list, and language preference are stored locally on your device and are not sent to us. Public counts (total upvotes/saves on a post) are stored on our servers in aggregate.

f) Crash and diagnostic data. In released versions, we use Firebase Crashlytics to collect crash reports and related technical information (e.g. device model, operating-system version, and the state of the app at the time of a crash) so we can fix bugs. This is collected only in production builds.

g) Security/technical data. We use Firebase App Check to confirm requests come from a genuine copy of the App, which involves device-attestation tokens. This is used to prevent abuse, not to identify you.

3. How We Use Information

We use the information above to:

operate and display the feed and your submissions;
review and moderate submissions, and act on reports of objectionable content;
send you submission-status emails if you opted in by providing an email;
maintain app stability and fix crashes;
prevent abuse, spam, and automated misuse (e.g. daily interaction limits).

4. Legal Bases (EEA/UK users)

Where the GDPR applies, we process data on these bases: legitimate interests (operating the App, moderation, security, and abuse prevention); consent (the optional notification email — which you may withdraw at any time by contacting us); and compliance with legal obligations where applicable.

5. Third-Party Services

We rely on the following service providers, who process data on our behalf:

Google Firebase (Authentication, Firestore, Storage, Cloud Functions, Crashlytics, App Check) — our backend infrastructure. See Google's privacy policy: policies.google.com/privacy
Resend — to deliver transactional emails (e.g. your submission-status email, if you opted in). See resend.com/legal/privacy-policy

These providers may process and store data on servers outside your country, including in the United States. The App also displays links to third-party sites such as npm and GitHub; once you follow a link, that site's own privacy policy applies.

6. Data Sharing

We do not sell your personal information and we do not share it for advertising. We share data only with the service providers listed above, and only as needed to run the App, or where required by law.

7. Data Retention

We keep submitted content for as long as it remains in the App. Rejected or removed submissions and resolved reports may be retained for a limited period for moderation and abuse-prevention records, then deleted. Crash diagnostics are retained according to Firebase's defaults.

8. Your Rights

Depending on where you live (for example under the GDPR or California's CCPA), you may have the right to access, correct, or delete your personal data, to object to or restrict certain processing, and to withdraw consent. To exercise any of these rights, email contact@tinkernook.com.

Deleting your content: because the App has no login, tell us which submission to remove (its name/link) from the device that created it, or use the in-app report tool, and we will remove it.
On-device data: your saved/upvoted/reported lists and settings are cleared simply by uninstalling the App.

We do not knowingly discriminate against you for exercising these rights.

9. Children

The App is not directed to children under 13 (or the minimum age of digital consent in your country, if higher). We do not knowingly collect personal data from children. If you believe a child has provided personal data, contact us and we will delete it.

10. Security

We use reasonable technical measures to protect data, including authenticated access, server-side security rules, and App Check. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be reflected by updating the "Last updated" date above. Continued use of the App after changes take effect means you accept the updated policy.

12. Contact

For any privacy question or request, contact us at contact@tinkernook.com.