Privacy Policy
Effective Date: February 13, 2026
Introduction
Welcome to Coffee in the Sun. This Privacy Policy explains how we handle information in connection with your use of our iOS mobile application ("the App"). Our goal is to help you find great coffee spots with sunshine by showing real-time building shadows on a map, and we are committed to protecting your privacy while doing so.
This policy applies to all users of the App, including the accompanying home screen widget. By using the App, you are asked to consent to the practices described in this policy.
Our Commitment to Your Privacy: The "Privacy by Design" Principle
We have designed 'Coffee in the Sun' with a "privacy by design" approach. We do not operate our own servers and do not create a user account or profile for you. All personal data (such as your favorites and preferences) is stored exclusively on your device. The App communicates with third-party services only to fetch building data and weather information, and we do not collect, store, or have access to any of this data ourselves.
What Data is Processed and Why?
To provide our service, the App needs to process a limited amount of information:
Geographical Location (Latitude and Longitude): This is essential for the App to show building shadows at your current location, find nearby coffee spots, and provide weather data. Your location is requested via the standard iOS "When In Use" permission. You can revoke this permission at any time in your device's Settings.
IP Address: Your device's IP address is automatically sent when it connects to any internet service. Our third-party partners use it to send data back to your device and for security and operational purposes.
Our legal basis for this processing is the performance of our service to you and your explicit consent, which you provide when you agree to let the App use your location and access these services.
Data Stored on Your Device
The App stores the following data locally on your device. This data never leaves your device and is not accessible to us:
Favorites: When you save a favorite location, the name, coordinates, and category are stored in a local file on your device. You can delete individual favorites at any time within the App.
Preferences: Settings such as whether you have completed the onboarding are stored in your device's local storage.
Purchase Status: Whether you have an active Pro subscription is recorded locally to unlock premium features. All purchase transactions are handled exclusively by Apple through the App Store.
Widget Data: The App shares your most recent location and Pro status with the home screen widget through a secure on-device container (App Group). This data does not leave your device.
Detailed Information on Third-Party Services
The core functionality of 'Coffee in the Sun' relies on specialized services from trusted partners. These services have their own privacy policies and act as independent data controllers.
Apple MapKit
Purpose: To display interactive maps, render map snapshots for the widget, and provide location search functionality.
Data Processed: When the App shows you a map or you search for a location, your device communicates with Apple's MapKit servers. This includes your IP address, the map region being viewed, and any search queries you enter.
Data Handling: Apple processes this data in accordance with their privacy policy. Apple may use this data to improve their mapping services.
Their Privacy Policy: You can review Apple's Privacy Policy for more details: https://www.apple.com/legal/privacy/
OpenStreetMap (Overpass API)
Purpose: To retrieve building footprint data (shapes and heights) needed to calculate shadows.
Data Processed: When the App calculates shadows for your area, your device sends the visible map region (a bounding box of coordinates) and your IP address to the Overpass API, a public query service for OpenStreetMap data. Your exact location is not sent; only the map area currently displayed.
Data Handling: The Overpass API uses this data to return building geometry for the requested area. According to their policy, OpenStreetMap may retain network logs containing your IP address for security and operational analysis for up to 180 days.
Their Privacy Policy: You can review the OpenStreetMap Foundation's Privacy Policy for more details: https://osmfoundation.org/wiki/Privacy_Policy
Open-Meteo
Purpose: To provide real-time and forecast weather data, including temperature, cloud cover, UV index, and sunrise/sunset times.
Data Processed: To get the weather for your location, your device sends your IP address and geographical coordinates to the Open-Meteo API.
Data Handling: Open-Meteo uses this data to provide the relevant weather forecast. The App caches weather data locally and will not re-request data if your location has not significantly changed and the data is less than 10 minutes old. According to their policy, Open-Meteo retains server logs for technical and security purposes for up to 90 days, after which the logs are deleted.
Their Privacy Policy: You can review Open-Meteo's Privacy Policy for more details: https://open-meteo.com/en/terms
Apple App Store (In-App Purchases)
Purpose: To process subscriptions and one-time purchases for the Pro version of the App.
Data Processed: All purchase transactions are handled entirely by Apple through the App Store. We do not collect or have access to your payment information, Apple ID, or transaction details.
Data Handling: Apple processes purchase data in accordance with their privacy policy and the App Store terms of service.
Their Privacy Policy: https://www.apple.com/legal/privacy/
On-Device Processing
The App performs the following computations entirely on your device. No data is sent to external servers for these operations:
Shadow Calculations: Building shadows are computed locally using the sun's position and building geometry. The sun position algorithm is based on the open-source SunCalc library by Vladimir Agafonkin.
Share Image Generation: When you share a shadow map screenshot, the image is rendered entirely on your device using Apple's MapKit snapshot service and local drawing. The resulting image is shared through the standard iOS share sheet, and you control where it is sent.
Analytics and Tracking
The App does not contain any analytics SDKs, crash reporting services, advertising identifiers, or tracking mechanisms. We do not track your usage of the App in any way.
Your Data Protection Rights under GDPR
If you are a resident of the European Economic Area (EEA), you have certain data protection rights under the General Data Protection Regulation (GDPR). These rights include:
The right to access: You have the right to request information about the data being processed.
The right to rectification: You have the right to have inaccurate information corrected.
The right to erasure: You have the right to request the deletion of your personal data ("right to be forgotten").
The right to restrict processing: You have the right to request the restriction of the processing of your personal data.
The right to data portability: You have the right to be provided with a copy of the information in a structured, machine-readable format.
The right to object to processing: You have the right to object to the processing of your personal data.
The right to withdraw consent: You have the right to withdraw your consent at any time where we relied on your consent to process your information. You can withdraw location consent at any time in your device's Settings.
How We Handle User Rights Requests
Because we do not store your personal data on our servers, we cannot directly access or delete it. Data stored on your device (favorites, preferences) can be deleted by you at any time by removing favorites within the App or by deleting the App from your device.
For data processed by our third-party partners, please contact us at the email address provided below. We will act as a facilitator for your request. This means we will:
Acknowledge your request.
Formally forward your request to our relevant third-party partners (OpenStreetMap, Open-Meteo, and Apple) on your behalf.
Provide you with information on how you can contact them directly to follow up and verify the completion of your request.
Data Security
We take the security of the data processing associated with our App seriously. Data stored on your device is protected by iOS's built-in app sandboxing. Network communications with third-party services use encrypted HTTPS connections. We rely on the security measures implemented by our partners, Apple, OpenStreetMap, and Open-Meteo, and have chosen them based in part on their commitment to industry-standard security practices.
International Data Transfers
Using this App involves transferring your IP address and location data to our third-party partners. These partners, and their own service providers (like CDNs), may operate servers in various countries around the world, including outside of the European Economic Area (EEA). These transfers are necessary to provide the App's core functionality. By consenting to this Privacy Policy, you agree to these transfers.
Children's Privacy
The App is not directed at children under the age of 13. We do not knowingly collect personal information from children. If you believe a child has provided personal data through the App's third-party services, please contact us so we can take appropriate action.
Changes to This Privacy Policy
We may update our Privacy Policy from time to time. We will also update the "Effective Date" at the top of this Privacy Policy. You are advised to review this Privacy Policy periodically for any changes.
Contact Us
If you have any questions about this Privacy Policy or wish to exercise your data protection rights, please contact us at:
Licenses and Attribution
The 'Coffee in the Sun' App is made possible by open-source software and open data. We gratefully acknowledge the following projects:
Building data is from © OpenStreetMap contributors, accessed via the Overpass API.
Weather data is from Open-Meteo.com, licensed under CC BY 4.0.
Sun position calculations are based on the SunCalc algorithm by Vladimir Agafonkin, licensed under the BSD-2-Clause license.