Privacy Policy for ESF Mobile

Last Updated: September 30, 2025

Introduction

ESF Mobile (“we,” “our,” or “the app”) is a mobile application developed for UC Merced Experimental Smart Farm to facilitate field research, data collection, and equipment management. This Privacy Policy explains how we collect, use, and protect your information when you use our app.

Developer Information

Developer: UC Merced
Contact: esilberman@ucmerced.edu

Information We Collect

1. Account Information

When you create an account, we collect:

• Email address
• Password (encrypted and stored securely)
• Display name

2. Location Data

The app collects precise location data to:

• Display your position on the map
• Enable navigation features
• Track sampling locations for research purposes

Location Collection: Only when the app is in use
User Control: You can deny location permissions, but this will limit core functionality

3. Photos and Camera Access

The app may access your camera and photo library to:

• Scan QR codes and barcodes for sample tracking
• Capture photos of equipment for inventory management

User Control: Camera and photo access is requested only when needed for specific features

4. Equipment and Research Data

We collect and store:

• Equipment inventory information (names, serial numbers, locations)
• Sample collection data (barcodes, locations, timestamps)
• Field research notes and observations

5. Analytics Data

We use Firebase Analytics to collect:

• App usage statistics (screens viewed, features used)
• Authentication events (login, signup, logout)
• Error logs and crash reports
• Device information (OS version, app version)
• User role (admin or standard user)

Note: Analytics data is anonymized and aggregated. We do not collect personally identifiable information beyond what’s necessary for app functionality.

How We Use Your Information

We use collected information to:

• Provide and maintain app functionality
• Authenticate users and manage access
• Display location-based features on maps
• Track research samples and equipment
• Improve app performance and user experience
• Analyze usage patterns to enhance features
• Provide technical support

Data Storage and Security

Backend Services

• Authentication: Supabase (secure user authentication and session management)
• Database: Supabase PostgreSQL (encrypted data storage)
• Analytics: Firebase Analytics (Google Cloud Platform)
• Maps: Mapbox (map rendering and navigation)

Security Measures

• All data transmitted between the app and servers is encrypted using industry-standard protocols (HTTPS)
• Passwords are hashed and never stored in plain text
• Access to user data is restricted to authorized personnel only
• We implement role-based access control (admin vs. standard users)

Data Sharing and Third Parties

We share data with the following third-party services necessary for app operation:

Supabase

• Purpose: User authentication and data storage
• Data Shared: Email, password (hashed), user profile, research data
• Privacy Policy: https://supabase.com/privacy

Firebase/Google Analytics

• Purpose: App analytics and performance monitoring
• Data Shared: Usage statistics, device information, anonymized user IDs
• Privacy Policy: https://firebase.google.com/support/privacy

Mapbox

• Purpose: Map rendering and location services
• Data Shared: Location coordinates (when using map features)
• Privacy Policy: https://www.mapbox.com/legal/privacy

We do not sell or rent your personal information to third parties.

Data Retention

• Account Data: Retained while your account is active and for a reasonable period after deletion
• Research Data: Retained for the duration of ongoing research projects
• Analytics Data: Retained according to Firebase retention policies (typically 14 months)
• Location Data: Not permanently stored; used only for real-time features

Your Rights and Choices

You have the right to:

• Access your personal information
• Update or correct your account information
• Request deletion of your account and associated data
• Opt out of location services (may limit functionality)
• Disable analytics tracking (may limit support capabilities)

To exercise these rights, contact us at esilberman@ucmerced.edu.

Children’s Privacy

ESF Mobile is intended for use by UC Merced students, faculty, and researchers. We do not knowingly collect information from children under 13. If we become aware that a child under 13 has provided us with personal information, we will take steps to delete such information.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify users of significant changes by:

• Updating the “Last Updated” date
• Posting a notice in the app
• Sending email notifications for material changes

Continued use of the app after changes constitutes acceptance of the updated policy.

Contact Us

If you have questions about this Privacy Policy or our data practices, please contact:

UC Merced – Experimental Smart Farm
Email: esilberman@ucmerced.edu

California Privacy Rights

California residents have additional rights under the California Consumer Privacy Act (CCPA):

• Right to know what personal information is collected
• Right to know if personal information is sold or disclosed
• Right to opt out of the sale of personal information
• Right to deletion of personal information
• Right to non-discrimination for exercising CCPA rights

We do not sell personal information. To exercise your CCPA rights, contact us at the email above.

Consent

By using ESF Mobile, you consent to this Privacy Policy and agree to its terms.