Caburé Privacy Policy

Effective date: September 3, 2025
Last updated: September 3, 2025

Leer en español/Available in Spanish: Política de Privacidad de Caburé

Caburé (the “App”) is a product of Caburé Agtech SAS (“Caburé”, “we”, “us”). This Privacy Policy explains what data we collect, for what purposes, how we share it, how long we keep it, what your rights are, and how you can exercise them.

By using the App, you accept this Policy. If you do not agree, please do not use the App.

1. Data controller and contact information

  • Controller: Caburé Agtech SAS
  • Address: Av. Callao 782
  • Contact email: privacy@cabure.com.ar
  • Brand name: Caburé

2. What data we collect and why

We collect information for authentication, operation of the App (device management, rainfall data, and maps), push notifications, security, analytics, and ad monetization.

Account data

Examples: name, email, company, role, permissions.

Source: you (registration form) or your company administrator.

Required? Yes, to use the App.

Main purposes: authentication, authorization, and support.

Retention: while the account remains active and/or as required by law.

Credentials

Examples: password hash or derivative (we do not store passwords in plain text).

Source: you.

Required? Yes.

Main purposes: secure login.

Retention: while the account remains active.

Identifiers

Examples: session token, FCM token, device IDs.

Source: App / operating system / Firebase / AdMob.

Required? Yes for session and push; optional for personalized ads.

Main purposes: session management, operational push notifications, and ads.

Retention: periodic rotation and/or deletion upon logout or uninstall.

Location

Examples: precise or approximate location, if you allow it.

Source: device, through operating system permissions.

Required? Optional.

Main purposes: displaying the map and creating/editing devices on the map.

Retention: locally or on the server depending on the action; we do not continuously collect background location.

App activity

Examples: screens visited and usage events.

Source: App and analytics SDKs.

Required? Optional.

Main purposes: product improvement and aggregated metrics.

Retention: aggregated or anonymized for reasonable periods.

Diagnostics

Examples: crash logs and performance data.

Source: App / Crashlytics.

Required? Optional.

Main purposes: stability and debugging.

Retention: according to best practices and technical necessity.

Content you upload

Examples: rainfall entries and device metadata.

Source: you.

Required? Optional.

Main purposes: core functionality: management and visualization.

Retention: while the account or device remains active, or as required by contract.

Advertising

Examples: Advertising ID (Android) and ad events.

Source: operating system and ads SDKs.

Required? Optional.

Main purposes: monetization through banners and interstitials.

Retention: according to provider policies and applicable settings.

Important

  • Location: we only collect it if you allow us to. At present, we do not continuously collect background location.
  • Push notifications: we use FCM; we register the device’s FCM token in order to send you operational notifications. You can disable them in your system settings.
  • Offline storage: the App stores usage data on your device in order to function offline; when you uninstall the App, that local data is deleted.

3. Legal basis / grounds (including GDPR and equivalent rules)

  • Performance of a contract: to operate your account and the core functionality of the App.
  • Legitimate interest: security, fraud prevention, and aggregated product metrics.
  • Consent: location, push notifications (on iOS/Android 13+ permission is requested), and personalized advertising. You may withdraw consent at any time.

4. Who we share data with

We never sell personally identifiable data. We may only share or commercialize data in aggregated and anonymized form, without any possibility of identifying users or devices. We may share data with:

  • Technology providers that process data on our behalf (processors), such as:
    • Google/Firebase: Core, Cloud Messaging (FCM), and eventually Analytics/Crashlytics.
    • Map services (e.g., Google Maps) for map functionality.
    • Advertising: Google Mobile Ads or others, only when we enable ads.
  • Authorities when required by law.
  • International transfers: your data may be hosted/transferred outside your country (e.g., EU/U.S.) with appropriate safeguards from providers. When we transfer data outside the European Union, we do so based on recognized adequacy mechanisms (e.g., the European Commission’s Standard Contractual Clauses) or equivalent security measures.

We may share or commercialize aggregated and anonymized rainfall and climate data (for example, through publications or API access). This data does not allow users or individual devices to be identified. To protect privacy, location coordinates are rounded or generalized and are not linked to personal information.

5. Retention and deletion

  • We retain data while the account remains active or as required by legal/contractual obligations.
  • Aggregated and anonymized data may be retained and used indefinitely for statistical, research, and product development purposes, with no possibility of identifying individuals or users.
  • Local data (offline) is deleted when you uninstall the App.
  • You may request deletion of your account and data (see “Your rights”).

6. Security

We apply reasonable measures (access controls, encryption in transit, development best practices, and monitoring) to protect your data. Even so, no system is 100% foolproof.

7. Your rights and controls

Depending on your jurisdiction, you may have rights of access, rectification, deletion, portability, and objection to or restriction of processing.

  • To exercise them, contact us at privacy@cabure.com.ar.
  • You can disable notifications in your system settings.
  • You can revoke permissions (location, etc.) in your device settings.
  • If we implement personalized ads, we will provide consent and preference controls.
  • If you are in the European Union, you also have the right to lodge a complaint with your local data protection authority.
  • We will honor any request within a reasonable period and in accordance with applicable law (for example, 30 days under the GDPR).

8. Children

The App is not directed to children. If you believe we have collected a child’s data by mistake, contact us and we will delete it.

9. Changes to this policy

We may update this Policy to reflect legal, technical, or business changes. We will publish the current version with its date. If the changes are material, we will notify you in the App or through other reasonable means.

10. How to contact us

Annex A — Summary of SDKs/services (for transparency)

  • Firebase Cloud Messaging (FCM): delivery of push notifications; manages the device’s FCM token (rotation and deletion on logout/uninstall). It does not access the content of your messages. Notifications can be disabled in the operating system.
  • Firebase Crashlytics: crash and stability reporting. Collects technical data (error traces, app/OS version, model, memory state). We do not log information that directly identifies you (e.g., email).
  • Firebase Analytics: usage events (e.g., screens and actions) to improve product and stability. We do not log information that directly identifies you, nor do we associate your events with your email or name. You may request data deletion and, where applicable, disable measurement.
  • Maps (Google Maps or others): map display and functionality. It may use your location if you allow it; otherwise approximate location may be inferred (e.g., by IP). We do not perform continuous background tracking.
  • Advertising (Google Mobile Ads): displays ads. It may use the Advertising ID and device signals for delivery/measurement and, if you consent, personalization. You can reset or limit the Advertising ID in the operating system and change your consent preferences when applicable.