Privacy Policy

Welcome to RollCall, operated by Sky Enterprises Australia. We are committed to protecting your privacy and ensuring your personal information is handled transparently and securely. This Privacy Policy outlines what we collect, how we use and share your data, and your rights. By using RollCall, you agree to this policy.

Last Updated: June 16, 2025

1. What We Collect

We collect different types of information to power key features like group challenges, punishments, and social interactions. This includes personal details, device data, and content you submit within the app.

1.1 Personal Information

This includes information you provide directly when signing up, creating a profile, or using the app's features.

Email and Account Data: Email address, Apple Sign-In identity token, hashed passwords, and JWT tokens.
Profile Information: Username, display name, profile picture (stored in AWS S3).
User-Generated Content: Photos/videos submitted for daily challenges and punishment proof, with optional metadata like timestamps or timer settings.
Social Features: Friends, friend requests, group invites, comments, and leaderboard activity.
Push Notification Tokens: Apple device tokens used to send real-time alerts and reminders.
Premium Subscription Info: Premium status, skip/punishment restore usage, and custom UI preferences (e.g., premium colours).
Contact Matching (Optional): If enabled, we temporarily hash and match up to 10 contact names to suggest friends. Data is discarded unless a match is found and added.
Timezone & Preferences: Stored locally or optionally synced to backend to schedule challenges correctly for your region.

Contact syncing is always optional and can be disabled at any time in your device or app settings.

1.2 Device and Usage Data

We collect certain device and usage information automatically to help us improve performance, ensure compatibility, and troubleshoot bugs.

IP Address and Device Info: Used for security, diagnostics, and geolocation of API traffic.
Usage Metrics: Submission history, group activity, feed fetch logs, comment interactions, and challenge participation.

This information is anonymized where possible and helps us keep the app responsive, reliable, and relevant.

2. How We Use Your Data

We use your data to provide core functionality, personalize your experience, and ensure app safety and compliance.

To deliver daily challenges, manage group streaks, and assign or track punishments.
To authenticate accounts using secure login (JWT + Apple Sign In).
To notify you about group events, reminders, likes/dislikes, or punishment deadlines.
To enable social features such as comments, reactions, invites, and friend suggestions.
To personalize your feed and appearance (premium colour, group layout, etc.).
To support troubleshooting, account recovery, and technical support.
To comply with legal requirements and community safety standards.

We do not use your data for third-party advertising or behavior-based profiling.

3. Data Sharing

Your data is never sold. It is shared only where necessary to operate the app, deliver media, or comply with the law.

Group Members: Your name, profile picture, submissions, and streak activity are visible to others in your group.
Third-Party Services:
- MongoDB Atlas: Stores your account, group, and challenge history.
- AWS S3: Securely hosts all uploaded photos and videos.
- Cloudflare: Handles CDN delivery and API protection.
- Heroku: Hosts backend services and daily automation scripts.
- Apple: Provides authentication via Apple Sign In and delivers push notifications via APNs.
Legal Authorities: Your data may be disclosed to comply with legal requests, subpoenas, or to protect other users from harm.

All third parties are contractually bound to protect your information and use it only for intended purposes.

4. Data Retention

Your data is retained only while your account remains active. If you delete your account, all associated data is permanently removed from MongoDB, S3, and related systems.

Group content, including comments and submissions, may remain visible to group members until the group is deleted.

5. Your Rights

You may have specific rights depending on where you live (e.g. Europe, California). These may include:

Access: Get a copy of your data.
Correction: Fix incorrect or outdated information.
Deletion: Permanently erase your account and personal data.
Objection & Restriction: Limit how your data is used or object to certain types of processing.
Portability: Request your data in a format you can reuse or transfer.

To make a request, email [email protected]. We’ll respond within applicable timeframes under relevant laws.

6. Security Measures

We take your security seriously and use modern safeguards:

SSL/TLS encryption for data transmission.
AWS IAM policies and MongoDB access roles to protect storage.
JWT verification for user sessions and API access.

Despite this, no platform is 100% secure. We recommend using strong, unique passwords and keeping your login credentials private.

7. Children’s Privacy

RollCall is not intended for anyone under 13. We do not knowingly collect data from children. If you believe a child has submitted information, please contact us to remove it.

8. International Transfers

Your data may be stored or processed in the United States or other countries outside your jurisdiction. We use Standard Contractual Clauses (SCCs) and other safeguards to ensure legal compliance and adequate protection.

9. Cookies & Web Technologies

RollCall may use cookies for login, caching, and essential functionality on our website. We do not use cookies for targeted ads or third-party tracking.

You can disable cookies in your browser settings, but doing so may affect site performance.

10. Changes to This Policy

We may update this Privacy Policy over time. You will be notified through the app or by email if significant changes are made. Please review this page regularly to stay informed.

11. Contact Us

Sky Enterprises Australia
Email: [email protected]
Website: www.skyenterprisesau.com