Privacy Policy
& Terms of Service
Privacy Policy
This Privacy Policy describes how Marat Safutdinov ("we", "us", "our") collects, uses, stores, and protects information when you use any dometro.app metro navigation mobile application, including the following apps: Google Play: Ψ―ΩΩΩ Ω ΨͺΨ±Ω Ψ§ΩΨ±ΩΨ§ΨΆ - Ψ¨Ψ―ΩΩ ΩΨͺ (Riyadh Metro Guide - Offline), Metro Roma - Mappa Offline (Rome metro - Offline Map); App Store: Riyadh metro | ΩΨ·Ψ§Ψ± Ψ§ΩΨ±ΩΨ§ΨΆ, Rome metro | Metro di Roma β and any future cities (collectively, the "App"). This policy applies exclusively to our mobile applications and does not cover the dometro.app website. We are committed to protecting your privacy in accordance with applicable data protection laws, including the EU General Data Protection Regulation (GDPR) and the Saudi Arabia Personal Data Protection Law (PDPL).
Data Controller
The collection and processing of your information is carried out by:
Given the limited scope and volume of personal data processing, we are not required to appoint a Data Protection Officer under GDPR Article 37. For all privacy-related inquiries, please contact us directly at the email above.
Information We Collect
We do not require account registration, and the App does not collect your name, email address, phone number, or other directly identifying information. However, certain data is collected automatically through integrated third-party services. Some of this data β particularly advertising identifiers β constitutes personal data under GDPR.
Device Information
Device model, operating system version, app version, screen resolution, and system language β used to optimize app performance and compatibility across devices.
Usage Analytics
Anonymous device identifier, screens visited, features used, session duration, and interactions with interface elements β used to understand how users interact with the App and improve the user experience.
Crash and Performance Data
Crash logs, app state at the time of a crash, memory usage, and performance metrics such as app launch time and network latency β used to diagnose errors, fix crashes, and improve stability.
Advertising Identifiers
Advertising ID (IDFA on iOS, GAID on Android) β collected by Google AdMob to serve advertisements. Under GDPR, these identifiers are classified as personal data.
Third-Party Services
We use the following third-party data processors to operate and improve the App. We have entered into Data Processing Agreements (DPAs) with each processor in accordance with GDPR Article 28, ensuring appropriate levels of data protection. Where international data transfers are involved, these agreements incorporate Standard Contractual Clauses (SCCs) adopted by the European Commission.
Collects anonymous crash reports including device type, OS version, and app version. No personal data is collected.
Privacy Policy βCollects an anonymous device identifier to understand feature usage patterns. No name, email, or precise location data is collected.
Privacy Policy βServes advertisements using advertising identifiers (IDFA / GAID). We do not share personal information with AdMob beyond the advertising identifier.
Privacy Policy βProvides app configuration delivery and metro data updates. No user accounts are created and no personal data is stored.
Privacy Policy βLegal Basis for Processing
If you are located in the European Economic Area (EEA), United Kingdom, or another jurisdiction requiring a legal basis for processing personal data, we rely on the following grounds:
Legitimate Interest (Article 6(1)(f) GDPR)
Processing analytics and crash data is necessary to ensure the functionality, stability, and continuous improvement of a free public-transit navigation app. We have conducted a Legitimate Interest Assessment and concluded that this processing does not override your fundamental rights and freedoms, based on the following factors: (a) only anonymous or pseudonymous technical data is processed; (b) no sensitive personal data or special categories of data are involved; (c) the data is not used for profiling, automated decision-making, or marketing purposes; (d) users reasonably expect a navigation app to collect basic diagnostics to function properly. You have the right to object to this processing at any time (see Section 10).
Consent (Article 6(1)(a) GDPR)
For advertising identifiers and cross-app tracking, we obtain your explicit consent before any such data is collected:
β’ iOS: Via Apple's App Tracking Transparency (ATT) prompt, shown before any tracking begins.
β’ Android: Via the personalized ads consent mechanism provided by Google Play Services.
You may withdraw your consent at any time without affecting the lawfulness of processing carried out prior to withdrawal.
Advertising and Opt-Out
The App is free and supported by advertising served through Google AdMob. Advertising identifiers (IDFA / GAID) are personal data under GDPR. You can opt out of personalized advertising at any time:
Android: Settings β Google β Ads β opt out of Ads Personalization.
Opting out does not affect core App functionality β all metro navigation features remain fully available.
Offline Data
Metro map data is stored locally on your device for offline use. This data contains only metro station names, geographic coordinates, and route information β no personal data of any kind.
Data Security
We implement appropriate technical and organizational measures to protect your information against unauthorized access, alteration, disclosure, or destruction. Data transmitted to third-party services is encrypted in transit using HTTPS/TLS. Data at rest is protected by each provider's security infrastructure. Access to analytics and crash data is restricted to authorized personnel only.
In the unlikely event of a data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach, as required by GDPR Article 33. If the breach is likely to result in a high risk to you, we will also inform you directly without undue delay.
Data Retention
We retain collected data only for as long as necessary to fulfill the purposes described in this policy:
β’ Analytics data (Amplitude): retained for up to 12 months, then automatically deleted.
β’ Crash reports (Sentry): retained for up to 90 days.
β’ Advertising data (AdMob): managed according to Google's retention policies.
β’ Infrastructure data (Supabase): app configuration only, no personal data retained.
Aggregated and fully anonymized data may be retained longer for statistical purposes, as it no longer constitutes personal data.
International Data Transfers
Your data may be processed on servers located outside your country of residence, including servers operated by Google, Amplitude, Sentry, and Supabase in the United States and other countries. For transfers of personal data from the EEA/UK to countries that have not received an adequacy decision from the European Commission, we rely on the following safeguards as implemented by each service provider:
β’ Standard Contractual Clauses (SCCs): incorporated into our Data Processing Agreements with each provider.
β’ Supplementary measures: encryption in transit (TLS) and at rest, access controls, and pseudonymization where applicable.
Details on each provider's transfer mechanisms are available in their respective privacy documentation linked in Section 03. For transfers from Saudi Arabia, we comply with the cross-border transfer requirements of the PDPL.
Your Rights
Depending on your location, you may have the following rights regarding your personal data:
β’ Access: Request information about what personal data we process about you.
β’ Correction: Request correction of inaccurate or incomplete data.
β’ Deletion: Request deletion of your personal data. For automatically collected analytics data, you can also reset your advertising ID via your device settings.
β’ Restriction: Request that we limit processing of your data in certain circumstances.
β’ Objection: Object to processing based on our legitimate interests.
β’ Portability: Request a copy of your data in a structured, commonly used, machine-readable format.
β’ Withdraw Consent: Withdraw previously given consent at any time without affecting prior lawful processing.
To exercise your rights, contact us at support@dometro.app. We will respond within 30 days in accordance with applicable law. If you are in the EU, you also have the right to lodge a complaint with your local data protection supervisory authority.
Children's Privacy
The App is not directed at children under 13 years of age (or the minimum age required in your jurisdiction β for example, 16 in certain EU member states under national GDPR implementations). We do not knowingly collect personal information from children. If we learn that we have inadvertently collected such data, we will delete it promptly. If you believe a child has provided us with personal data, please contact us at support@dometro.app.
Saudi Arabia (PDPL) Specific Provisions
If you are located in the Kingdom of Saudi Arabia, the following provisions apply in addition to the rights described above. Under the Personal Data Protection Law (PDPL), you have the right to: be informed about the purpose of data collection; access your personal data; request correction or deletion of your data; and request destruction of data that is no longer needed. We process only the minimum data necessary for the App's legitimate operation and do not engage in automated individual decision-making. To exercise your rights under the PDPL, contact us at support@dometro.app.
Updates to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by publishing an updated version on our website and updating the Effective Date at the top of this page. For significant changes, we may also provide notice within the App. We recommend reviewing this page periodically.
Terms of Service
By downloading or using any dometro.app metro navigation app (listed in the Privacy Policy above, and any future cities), you agree to these Terms.
Use of the App
The App provides metro map navigation for informational purposes only. While we strive to keep metro data accurate and up to date, schedules, routes, and station information may change without notice. Always verify critical travel information with official metro operators before relying on it for time-sensitive journeys.
Intellectual Property
All app content, design, user interface, and software are owned by dometro.app and protected by applicable intellectual property laws. Metro network data is used under applicable public data licenses where available. You may not copy, reproduce, modify, distribute, or create derivative works from app content without prior written permission.
Advertising
The App is free and supported by advertising served through Google AdMob. By using the App, you acknowledge that advertisements will be displayed during use. See the Privacy Policy above for details on how advertising identifiers are handled and how to opt out of personalized ads.
Limitation of Liability
THE APP IS PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTIES OF ANY KIND, WHETHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT.
To the maximum extent permitted by applicable law, we shall not be liable for any direct, indirect, incidental, special, consequential, or punitive damages arising from your use of or inability to use the App, including but not limited to missed journeys, travel delays, or losses resulting from inaccurate or outdated data.
App Store Distribution
The App is distributed via the Apple App Store and Google Play Store. Your use of the App is also subject to the terms and conditions of the respective app store. In the event of a conflict between these Terms and the applicable app store terms, the app store terms shall prevail to the extent of the conflict.
Governing Law
These Terms shall be governed by and construed in accordance with the laws of the Kingdom of Saudi Arabia. Any disputes arising from these Terms shall be subject to the jurisdiction of the courts of Saudi Arabia. This governing law clause does not affect your statutory rights under GDPR or other mandatory consumer protection laws of your country of residence.
Changes to These Terms
We reserve the right to update these Terms at any time. Continued use of the App after publication of changes constitutes your acceptance of the revised Terms. The Effective Date at the top of this page indicates the latest revision.
Contact
For questions about these Terms or the Privacy Policy, please contact us: