Privacy Policy

GovPin (“we,” “our,” or “the platform”) is a crowdsourced civic transparency platform for tracking US government vehicles. This Privacy Policy explains what information we collect, how we use it, and your rights regarding that information.

We are committed to collecting only what is necessary to operate the platform and to protecting your personal data with technical and organizational safeguards.

When you use GovPin we may collect:

• Account information — your email address, username, and hashed password when you create an account. We use Supabase Auth for authentication; passwords are never stored in plaintext.
• Submitted photos — images you upload of government vehicles. See EXIF Stripping below for how metadata is handled.
• GPS coordinates and location name — the location where a sighting occurred, as entered or detected by your device and confirmed by you before submission.
• Vehicle information — plate number, tail number, hull ID, vehicle category, type, color, agency, and any notes you provide.
• Usage logs — anonymized action logs (e.g., “sighting submitted”) used for tier enforcement and abuse prevention. These logs are keyed to your user ID, not your IP address.

We do not collect device fingerprints, browsing history, or third-party tracking data. We do not use advertising cookies.

All photos submitted through GovPin are processed through our image pipeline before storage. This pipeline:

• Strips all EXIF metadata from every image, including GPS coordinates, device make/model, timestamp, and any other embedded metadata.
• Performs a second strip pass on the server even if the submitting client has already removed EXIF data (defense-in-depth against GPS leakage).
• Re-encodes the image as WebP at a fixed resolution, producing a file with no embedded metadata fields.

The location associated with a sighting is the GPS coordinate you explicitly enter or approve in the submission form — it is never extracted from photo metadata.

GovPin does not log or store your IP address in association with any sighting submission. Server infrastructure may retain standard access logs for security purposes, but these are not linked to sighting records and are purged on a rolling 30-day basis.

We use the data we collect to:

• Operate and display the public sighting database for civic transparency purposes.
• Authenticate your account and enforce submission tier limits.
• Run OCR and agency-lookup enrichment on submitted photos and plate numbers.
• Detect and prevent duplicate or abusive submissions.
• Generate Vehicle Intelligence Reports when requested by eligible users.
• Respond to your support or privacy requests.

We do not sell your personal data, share it with advertisers, or use it to profile you for commercial purposes.

Account data (email, username, tier, sighting count) is stored in a Supabase Postgres database hosted in the United States. Authentication is handled by Supabase Auth, which follows industry-standard security practices including bcrypt password hashing and JWT session tokens.

Submitted images are stored in Supabase Storage (S3-compatible object storage) and served via Cloudflare CDN. Images are publicly accessible by URL once a sighting is approved.

All database connections are encrypted in transit (TLS 1.2+). Data at rest is encrypted by the storage provider.

Approved sightings and their associated images are retained indefinitely as part of the public civic record. Pending and rejected sightings are retained for 90 days and then purged.

Usage logs are retained for 12 months. Account data is retained until you delete your account.

You may delete your account at any time from Account Settings. Deleting your account will:

• Permanently remove your email, username, and profile data.
• Disassociate your user ID from all sighting submissions. The sightings themselves remain in the public database (they are part of the civic record) but are no longer linked to your account.
• Delete all usage logs associated with your user ID within 30 days.

To request complete deletion of all sightings you submitted, email us at privacy@govpin.app with the subject “Data Deletion Request.” We will process your request within 30 days.

If you are located in the European Economic Area, you have the following rights under the General Data Protection Regulation (GDPR):

• Right of access — request a copy of the personal data we hold about you.
• Right to rectification — request correction of inaccurate data.
• Right to erasure — request deletion of your personal data (see Account Deletion above).
• Right to portability — request your data in a machine-readable format.
• Right to object — object to processing based on legitimate interests.

To exercise any of these rights, email privacy@govpin.app. We will respond within 30 days.

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information we collect, the right to delete your personal information, and the right to opt out of the sale of your personal information.

GovPin does not sell personal information. To exercise your CCPA rights, email privacy@govpin.app.

GovPin uses the following third-party services that may process data:

• Supabase — database, auth, and storage (US-based).
• Platerecognizer — OCR processing of submitted vehicle photos. Images are transmitted to their API for plate recognition and are not retained by them beyond the API response.
• Cloudflare — CDN for image delivery. Cloudflare may cache images on edge servers globally.
• Sentry — error tracking in production. Error reports may include stack traces and request context, but are not linked to user identities.

For privacy questions, data requests, or concerns, contact us at: privacy@govpin.app

We aim to respond to all privacy requests within 30 days.