Data Safety
Last updated: 24 May 2026
This page is a plain-English summary of the data CommuGuard collects and how we handle it. For full detail, see our Privacy Policy.
The short version
- We do not sell your data.
- We do not share your data with advertisers or ad networks.
- Data in transit is encrypted (HTTPS / TLS).
- You can request deletion of your account and data at any time — see Delete account.
What data is collected and why
| Data type | Collected? | Purpose | Required or optional | Shared with third parties |
|---|---|---|---|---|
| Name | Yes | Account creation, identifying you to your community / authority | Required | No (only visible to your community / authority users) |
| Email address | Yes | Sign-in, account recovery, important service emails | Required | No |
| Phone number | Yes | Verification, contact between residents and authorities | Required | Sent to our SMS verification provider only |
| Password | Stored as a one-way hash | Authentication | Required | No |
| Precise location (GPS) | Only when you use a location feature | Tagging incident reports, geofenced notices, nearby alerts | Optional (you grant permission) | No |
| Photos & PDFs you upload | Yes — only files you choose to attach | Incident evidence, notice attachments | Optional | No (visible only to the audience you post to) |
| Messages, notices & reports | Yes | Delivering the content you create to the right audience | You choose what to send | No |
| Device & diagnostics | Yes | App stability, crash reporting, security | Required | Crash diagnostics processed by Google Firebase |
| App activity / usage | Yes | Operating the service, debugging, improving features | Required | Aggregated analytics processed by Google Firebase |
| Push-notification token | Yes | Sending authority broadcasts & incident alerts | Required for notifications | Google / Apple push services |
| Contacts, calendar, microphone, SMS history | Not collected | — | — | — |
| Advertising / marketing identifiers | Not collected | — | — | — |
Sub-processors
We use the following trusted service providers to operate the Services. Each is bound by contract to process data only on our instructions.
- Google Firebase (Google LLC / Google Cloud) — authentication, cloud database, file storage, push notifications, crash and analytics tooling.
- Email and SMS providers — used for verification and notifications.
- Web hosting — for this website (commuguard.co.za).
Security practices
- All traffic between the app, website and our servers is encrypted using HTTPS / TLS.
- Data at rest is encrypted by our cloud storage provider.
- Passwords are stored using one-way hashing — we never see your password.
- Access to personal data is restricted by role and audited.
- We follow the principle of least privilege for staff and authority users.
Your controls
- Location: revoke at any time in your device settings (Settings → Apps → CommuGuard → Permissions).
- Notifications: mute or disable in the app, or in your device settings.
- Access & correction: email support@commuguard.co.za to request a copy or correction of your data.
- Deletion: see our Delete account page.
For the full legal text, see our Privacy Policy and Terms & Conditions.