Privacy Policy

Last updated: March 2026

1. Data Controller

AUDORA TECH SAS, domiciled in Argentina, is the data controller responsible for the personal data collected through the RUTHY mobile application. Full corporate details are provided upon request via info@audoratech.com.

Contact: info@audoratech.com

Right to information: In accordance with Argentina's Law 25.326, you have the right to be informed about the existence of databases, their purpose, and the identity of the controller. This policy fulfills that right.

2. Personal Data We Process

In RUTHY, we process the following personal data when you use our application:

2.1. Authentication Data

When you sign in via Google (on all platforms) or Apple (on iOS only), we receive and store:

  • Email address
  • Full name
  • Profile image (optional)
  • Unique identifier from the authentication provider (e.g. Firebase UID)

This data is provided directly by the identity provider you choose and is necessary to create and maintain your account.

2.2. Geolocation Data

RUTHY uses your real-time location exclusively at the device level to:

  • Identify nearby points of interest and display them on the map
  • Automatically activate audio guides when you approach historical sites
  • Enhance your urban exploration experience

Important: We do not save or store your location. Real-time location is used exclusively on your device to guide you through the city. Your location does not reach our servers and is not stored anywhere.

User control: You can disable location access at any time from your device settings. If you disable geolocation, audio guides must be activated manually.

2.3. In-App Purchases

If or when in-app purchases are available (e.g. to unlock cities), the following applies:

  • Transactions are processed entirely by the Apple App Store or Google Play Store; we do not collect or process payment details.
  • We do not store or have access to credit card or payment method information.
  • We may receive purchase confirmation and transaction ID solely to activate the corresponding content. Payment data is handled only by Apple/Google.

2.4. Diagnostics (Crash Reporting)

We use Firebase Crashlytics solely for bug and crash diagnostics. This may include:

  • Crash logs and stack traces
  • Device model and operating system version
  • App version and installation identifiers
  • Information needed to diagnose stability and reliability issues

This data is used exclusively to fix bugs and improve app reliability. We do not use it for advertising, marketing, or tracking user behavior.

Automated decision-making and profiling: RUTHY does not use fully automated decision-making or profiling that produces legal effects or significantly affects users. All service-related decisions are supervised and controlled by human personnel.

We do not track you across apps or websites, do not sell or share your data with data brokers, and do not use your data for advertising or ad measurement.

2.5. Offline Content

When you unlock a city, audio files, images, and map data are downloaded and stored locally on your device to allow offline access. This data remains solely on your device and is not shared with third parties.

3. Legal Basis and Processing Purposes

We process your personal data on the following legal bases:

  • Contract performance: Authentication and geolocation data are necessary to provide the service you requested when using RUTHY. If you make in-app purchases, purchase-related data is used to deliver the content you bought.
  • Consent: We request your explicit consent to access your location when required by your device or platform.
  • Legitimate interest: We use crash and diagnostics data (e.g. via Firebase Crashlytics) solely to fix bugs and improve app reliability, not for advertising or tracking.
  • Legal compliance: Where in-app purchases apply, we retain transaction records as required by applicable tax and commercial laws.

4. Data Retention

We retain your personal data for the following periods:

  • Account data: While your account is active or as necessary to provide you the service. If you delete your account, we will erase your data within 30 days.
  • Geolocation data: Processed in real-time on your device and not stored on our servers.
  • Crash/diagnostics data: Retained only as long as needed for bug fixing and reliability (typically in line with our crash-reporting provider’s retention policy).
  • Purchase records (if applicable): Where in-app purchases are in use, retained for the period required by Argentine tax and accounting obligations (e.g. up to 10 years).

5. Sharing Data with Third Parties

We share your data only with:

  • Authentication providers: Google and Apple (via Firebase Auth), solely for sign-in. We do not use Facebook login.
  • Payment platforms (if in-app purchases are available): Apple App Store and Google Play Store process payments; we do not receive payment details.
  • Service providers: Hosting and crash-reporting (e.g. Firebase Crashlytics) acting as data processors under strict confidentiality agreements. We do not use advertising SDKs or share data with data brokers.

We do not sell or share your personal data with third parties for marketing purposes, and we do not use your data for advertising or ad measurement.

6. International Transfers

Some of our service providers may be located outside Argentina. In these cases, we ensure adequate protection mechanisms are in place, such as:

  • Approved standard contractual clauses
  • Recognized privacy certifications
  • Adequacy decisions issued by competent authorities

All international transfers of personal data are conducted under adequate protection mechanisms, including Standard Contractual Clauses (SCC) approved by the European Commission or other equivalent mechanisms recognized by data protection authorities, ensuring that your personal data receives an adequate level of protection in accordance with GDPR and Law 25.326.

6.5. EU Representative

In accordance with GDPR Article 27, AUDORA TECH SAS, being established outside the European Union but offering services to EU residents, is in the process of designating an EU Representative. Once designated, the representative's contact information will be published in this privacy policy and updated in the mobile application.

In the meantime, for any inquiries related to the processing of EU residents' data, you may contact us directly at info@audoratech.com.

7. Your Rights

In accordance with Argentina's Law 25.326 on Personal Data Protection and GDPR (if applicable), you have the following rights:

  • Access: Request a copy of the personal data we hold about you.
  • Rectification: Correct inaccurate or incomplete data.
  • Erasure: Request deletion of your personal data.
  • Objection: Object to the processing of your data for specific purposes.
  • Restriction: Request limitation of processing under certain circumstances.
  • Portability: Receive your data in a structured, commonly used format.
  • Withdrawal of consent: Withdraw your consent at any time for processing based on this legal basis.

To exercise your rights, write to us at: info@audoratech.com

Response times: We commit to responding to your requests within a maximum of 30 days according to Argentina's Law 25.326, or 1 month according to GDPR if applicable. In complex cases, we may extend this period up to 2 months, informing you in advance.

Right to lodge complaints:

  • In Argentina: You may file a complaint with Argentina's Agency for Access to Public Information (AAIP) if you believe your rights have been violated.
  • In the European Union: If you are an EU resident, you have the right to lodge a complaint with the data protection supervisory authority of your country of residence or the place where the alleged infringement occurred.

8. Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, destruction, or alteration, including:

  • Encryption of data in transit and at rest
  • Role-based access controls
  • Security audits and monitoring
  • Strong password policies
  • Regular system updates and security patches

9. Cookies and Tracking (Website Only)

The RUTHY mobile app does not use cookies or tracking technologies for advertising, marketing, or cross-app/website tracking. This section applies only to our website.

This website does not use tracking or analytics cookies. Only strictly necessary cookies may exist for the basic functionality of the site, which do not require consent under GDPR. If we implement additional cookies on the website in the future, we will update this policy and request your consent when required by law.

10. Minors

RUTHY is not directed at minors. In accordance with GDPR, we do not process personal data of children under 16 without verifiable consent from parents or legal guardians. In Argentina, Law 25.326 establishes special protections for minors under 18.

We do not knowingly collect personal data from minors. If we discover we have collected data from a minor without proper consent, we will delete such information immediately and take necessary measures to prevent future collection.

11. Changes to This Policy

We may update this Privacy Policy occasionally. We will notify you of significant changes through an in-app notice or email. We recommend reviewing this policy periodically.

12. Contact

For any questions, requests, or complaints related to this Privacy Policy or the processing of your personal data, contact us:

AUDORA TECH SAS
Email: info@audoratech.com
Additional legal information available upon request.