Trust & Privacy

01 Who is responsible for your data

The data controller for all data collected through this website and the Gorebet mobile app is Gorebet, operated by Gorebet Inc. Requests about your personal data should be sent to [email protected].

Minimum age: 16. This service is not directed at individuals under 16. We do not knowingly collect data from children under 16. If you believe a child has created an account or submitted data, contact us at the address above so we can delete it.

02 What this website collects

Contact form

If you submit the contact form, we collect: your name (optional), email address (required), organization (optional), the purpose of your inquiry, and your message. This data is stored on Gorebet's backend infrastructure in Frankfurt, Germany. We use it only to respond to your inquiry.

We retain contact form submissions for a maximum of two years, or until your inquiry is resolved, whichever comes first. You can request deletion at any time by emailing [email protected].

Account deletion requests (web form)

If you submit an account deletion request via our account deletion page, we collect your phone number or email address for the purpose of locating and deleting your account. We use it only to process your deletion request and confirm completion. This data is not retained after the request is fulfilled.

Analytics

This site uses Plausible Analytics, a privacy-friendly, cookieless analytics service. Plausible does not use cookies, does not store IP addresses, does not track users across sites, and does not collect personally identifiable information. No consent banner is required.

The analytics data Plausible collects is: page URL, referrer (stripped of query parameters), browser type, operating system, device category, and country. This data is aggregated — it cannot be used to identify individual visitors.

Language preference

If you switch the site language, your preference is stored in your browser's local storage. This data never leaves your device and is not sent to our servers.

Server access logs

DigitalOcean App Platform, which hosts this site, records server access logs including your IP address, the pages you accessed, and the time of access. These logs are retained for 30 days and are used only for security and operational monitoring. We do not process or analyze these logs for marketing purposes.

Cookies

This website sets no cookies. We confirmed this by design: no session cookies, no tracking pixels, no embedded social media buttons, no third-party video embeds.

03 What the Gorebet app collects

Key principles:

Anonymous reporting is end-to-end: if you submit a report in anonymous mode, your identity is not stored in the report record, not logged with the incident, and not shared with partner agencies or operators. Anonymous reports are linked only to a randomized session identifier that cannot be traced back to your account or device by anyone, including Gorebet staff.
Location data: incident location is stored at street-level internally but published only at neighborhood or woreda resolution. We do not publish GPS coordinates of individual reports.
Photos and media: photos attached to incident reports are stored securely and are not publicly accessible. They are visible to verified partner agencies only under governance agreements.
Account data: we store the phone number used to register your account, your display name (which you choose), and your neighborhood group memberships. We do not store a password — authentication uses a one-time code sent to your phone number.
Crash reports and diagnostics: the app uses Firebase Crashlytics to automatically report technical errors. Crash reports include device model, OS version, app version, and a stack trace. They do not include your phone number, photos, or incident content.

See section 06 (Firebase services) for full details on analytics and crash reporting. For full permission-by-permission disclosure, see our App Permissions page.

04 Google Play Data Safety — full disclosure

This section fulfills Google Play Store's Data Safety form requirements. It discloses every category of data the app collects or shares.

Data type	Collected?	Shared with third parties?	Required or optional?	Purpose
Phone number	Yes	No	Required for account	Account registration and OTP authentication
Display name	Yes	No	Optional (user-chosen)	Profile display in-app
Precise location	Yes	No	Optional	Pin incident location on map; can be set manually
Approximate location	Yes	No	Required for map features	Display neighborhood feed and relevant incident reports
Photos	Conditionally	No (stored on Gorebet servers; visible to verified partner agencies)	Optional	Attach evidence photo to incident report
Incident reports (text, category, timestamp, location)	Yes	Aggregated/anonymized only, to partner agencies	Core app function	Safety incident reporting and neighborhood safety awareness
App crash data (device model, OS version, stack trace)	Yes	Yes — Firebase Crashlytics (Google)	Automatic, cannot be disabled at OS level	App stability monitoring
App interaction events (screen views, button taps)	Yes	Yes — Firebase Analytics (Google)	Automatic, cannot be disabled at OS level	Understand feature usage to improve the app; no advertising
Firebase Installation ID (pseudonymous device identifier)	Yes	Yes — Firebase (Google)	Automatic	Required for Firebase services (Analytics, Crashlytics, FCM)
Push notification tokens (FCM)	Yes	Yes — Firebase Cloud Messaging (Google)	Required for notifications (optional permission)	Deliver incident alerts and safety notices
Android Advertising ID	No — explicitly disabled	No	N/A	Not used. Gorebet does not display advertising.

"Shared with third parties" means the data leaves Gorebet's systems to a third-party service. Firebase (Google) processes crash, analytics, and push notification data under Google's Data Processing Addendum. Gorebet does not sell data to advertisers.

05 Legal basis for processing (GDPR Article 6)

For users in the European Economic Area (EEA), we process personal data under the following legal bases:

Contract performance (Art. 6(1)(b))

Account registration (phone number), authentication (OTP), storing and displaying your incident reports, delivering push notifications you have requested. Without this processing, we cannot provide the service.

Legitimate interest (Art. 6(1)(f))

Firebase Crashlytics (app stability), Firebase Analytics (aggregate feature-usage analysis — no advertising), server access logs (security monitoring). Our interest in maintaining a stable and secure service is not overridden by your privacy rights because the data is pseudonymous, limited to operational use, and not used for profiling or advertising.

Public interest / official authority (Art. 6(1)(e))

Sharing aggregated, anonymized incident data with partner government agencies and emergency services under governance agreements. This sharing supports neighborhood safety as a civic function.

Legal obligation (Art. 6(1)(c))

Retaining transaction and audit records where required by Ethiopian law. Responding to lawful requests from Ethiopian authorities under due process.

We do not rely on consent as a legal basis for any processing described above, except for optional features where consent is clearly obtained at the point of use (e.g., attaching a photo to a report, enabling push notifications). You may withdraw consent at any time by disabling the relevant feature in Settings.

06 Firebase services — detailed disclosure

The Gorebet app uses the following Firebase (Google) services. Firebase processes data in data centers operated by Google, primarily in the United States. Google LLC and its affiliates act as our data processor for these services under Google's Data Processing Addendum, incorporating Standard Contractual Clauses (SCCs) for cross-border data transfers from the EEA and UK.

Firebase Authentication

Used to deliver one-time verification codes (OTPs) via SMS. Firebase processes your phone number to send the code. It is not used for persistent identity tracking beyond the login session.

Firebase Analytics

Collects aggregate data about how features are used: which screens are viewed, which actions are taken, session duration. Data is associated with a Firebase Installation ID (pseudonymous). It is not used for advertising, not shared with advertising networks, and not combined with advertising identifiers. The Android Ad ID is explicitly disabled. The iOS IDFA is not requested.

Firebase Crashlytics

Automatically records details when the app crashes: device model, Android or iOS version, app version, and the code location of the crash. This does not include your phone number, photos, incident content, or location. Crash data is used exclusively for fixing technical problems.

Firebase Cloud Messaging (FCM)

Used to deliver push notifications to your device. Firebase holds a push token associated with your device. You can revoke notification permission at any time in your phone settings.

Google's privacy policy: policies.google.com/privacy. Google's Firebase Data Processing Addendum governs our use of these services.

07 iOS and App Tracking Transparency (ATT)

Gorebet does not use App Tracking Transparency (ATT) and does not request permission to track you across apps or websites owned by other companies. We do not use the iOS Identifier for Advertisers (IDFA).

Firebase Analytics on iOS uses a pseudonymous Firebase Installation ID — not the IDFA — for aggregate analytics purposes only. This does not constitute cross-app tracking under Apple's ATT framework because:

We do not share Firebase analytics data with advertising networks
We do not combine it with data from other apps or websites
It is used only for improving the Gorebet app itself

We do not display advertising in the Gorebet app. We do not partner with advertising networks. No ATT prompt is shown.

08 Third-party services

This website and the Gorebet app use the following third-party services:

Plausible Analytics — cookieless, privacy-friendly page analytics. No PII collected. EU-based (Estonia). plausible.io/privacy.
DigitalOcean App Platform — website and API hosting. Frankfurt, Germany. GDPR-compliant; Data Processing Agreement in place. digitalocean.com/legal/privacy-policy.
Firebase (Google LLC) — authentication, crash reporting, analytics, push notifications. See section 06 above. policies.google.com/privacy.
OpenStreetMap / OSMDroid (Android) — map tile rendering. Tile requests include your approximate location in the tile coordinates. No personal data is stored by OSM tile servers. osmfoundation.org Privacy Policy.
MapLibre (iOS) — open-source map rendering library. Tile requests are served from our own server or Gorebet-contracted tile providers. No third-party data sharing beyond tile requests.

All fonts on this site are self-hosted. We do not use Google Fonts, Facebook Pixel, or any advertising technology on this website or in the app.

09 Where your data is stored

All Gorebet backend data — contact form submissions, app incident data, user accounts — is stored on servers in Frankfurt, Germany, operated by DigitalOcean. Frankfurt is within the European Union, and data is processed under GDPR.

Firebase (Google) processes analytics, crash, and push notification data in Google's global infrastructure under Standard Contractual Clauses. See section 06 for details.

Ethiopian Proclamation No. 1321/2024 (Personal Data Protection) also applies to our processing of data from Ethiopian residents. GDPR provides equivalent or stronger protections on all relevant dimensions.

10 Incident data and the public site

Any statistics or maps displayed on gorebet.app are subject to the following rules:

Aggregation threshold: no statistic is published for any neighborhood or woreda with fewer than a minimum number of reports in the trailing 90-day window.
No individual incident data: no individual report IDs, precise locations, timestamps, or media are displayed on the public site.
Sensitive categories excluded: incidents in the categories of gender-based violence, missing persons, and child-involved incidents are never included in public aggregates.
Illustrative label: any visualization that is not live-aggregated real data is labeled "Illustrative — not live data."

11 Deleting your account and data

You can request account deletion at any time. When we delete your account:

Your phone number, display name, and profile are permanently deleted
Your identified incident reports are disassociated from your account
Your anonymous reports remain in the system without any link to your identity
Your neighborhood group memberships and notification settings are removed

We retain a small number of records after deletion for legal compliance:

Audit logs of moderation and account actions (retain for 2 years for legal/safety obligations)
Aggregated, fully anonymized incident statistics (no PII)

Deletion requests are processed within 30 days. To delete your account: go to Settings → Privacy → Delete Account in the app, or submit a request on our account deletion page.

12 Your rights

Under GDPR and Ethiopian Proclamation No. 1321/2024, you have the right to:

Access the personal data we hold about you
Delete your personal data (right to erasure)
Correct inaccurate data we hold
Receive a copy of your data in a portable format (JSON on request)
Object to our processing, where processing is based on legitimate interest
Withdraw consent for any processing based on consent (e.g., attaching a photo to a report, push notifications)

To exercise any of these rights, email [email protected]. We will respond within 30 days. For analytics data, we cannot delete it because Plausible does not collect personally identifiable information — there is no record to delete.

13 Contact and complaints

For all privacy questions and data-subject requests: [email protected]

If you believe we have not handled your data correctly, you have the right to lodge a complaint with the competent supervisory authority. In Germany, the supervisory authority is the Hessian Commissioner for Data Protection and Freedom of Information (HBDI). In Ethiopia, the authority is the Ethiopian Communications Authority (ECA) under Proclamation No. 1321/2024.

14 Changes to this policy

We will update this page when our data practices change. Material changes — new data collected, new third-party services, changed retention periods — will be highlighted with a "what changed" note at the top of this page and the updated date will be revised.

This version: 2026-05-10.

What we collect, why, and how to ask us to delete it.