Privacy Policy

Last Updated: March 25, 2026

MapMy.City (“Company,” “we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our platform, APIs, and related services (collectively, the “Service”). Please read this Privacy Policy carefully. By using the Service, you consent to the data practices described in this policy. If you do not agree with the terms of this Privacy Policy, you should not access or use the Service.

This Privacy Policy applies to information collected by the Service and does not apply to information collected by any third party, including through any application or content that may link to or be accessible from the Service.

1. Information We Collect

1.1 Information You Provide Directly

We may collect the following categories of information that you voluntarily provide to us:

Account Information: Name, email address, username, password, and profile details when you create an account.
Marker & Listing Data: Content you post on the map, including text descriptions, category selections, images, breed/pet information, and business details.
Communications: Messages you send through our direct messaging system, contact forms, support requests, and feedback submissions.
City Operator Data: Business information, payment details, and territory preferences when you enroll in the City Operator program.
Voting & Interaction Data: Upvotes, downvotes, comments, and flags you submit.

1.2 Information Collected Automatically

When you access the Service, we may automatically collect certain information, including:

Device Information: Device type, operating system, browser type and version, screen resolution, and unique device identifiers.
Log Data: IP address, access times, pages viewed, referring URL, and interactions with the Service.
Location Data: With your consent, we collect precise geolocation data from your device to provide map-based functionality. You may disable location services through your device settings, though this may limit certain features. Location data is used solely for positioning your map view and is not stored on our servers beyond the active session unless you choose to place a marker.
Cookies & Similar Technologies: We use cookies, local storage, and similar tracking technologies to enhance your experience (see Section 5 below).

1.3 Information from Third Parties

We may receive information from third-party services, such as:

Map tile providers (e.g., OpenStreetMap) for rendering map data.
Payment processors for processing City Operator program transactions.
Analytics providers for aggregated usage statistics.

2. How We Use Your Information

We use the information collected for the following purposes:

Service Delivery: To operate, maintain, and provide the features and functionality of the Service, including displaying map markers, processing listings, and facilitating messaging between users.
Account Management: To create, maintain, and secure your account; verify your identity; and provide customer support.
Communication: To send you service-related notices, operator welcome emails, system alerts, and respond to your inquiries.
Improvement & Analytics: To analyze usage patterns, diagnose technical issues, and improve the Service’s functionality, performance, and user experience.
Safety & Security: To detect, prevent, and address fraud, abuse, security vulnerabilities, and technical issues; to enforce our Terms of Service.
Legal Compliance: To comply with applicable laws, regulations, legal processes, or governmental requests.
City Operator Program: To process applications, manage territories, facilitate payments, and deliver operator-specific features.

3. How We Share Your Information

We do not sell your personal information. We may share your information only in the following limited circumstances:

Publicly Visible Content: Any content you post to the map (markers, comments, listings) is visible to other users of the Service. Map markers include approximate location data. You should not post sensitive personal information in publicly visible content.
Service Providers: We may share information with trusted third-party vendors who perform services on our behalf, such as payment processing, email delivery, hosting, and analytics. These providers are contractually obligated to use your information only as necessary to provide services to us and are bound by confidentiality obligations.
City Operators: If you place a marker or listing within a City Operator’s territory, the Operator may view your publicly posted content for moderation and community management purposes. Operators do not receive your private account information (such as email address) unless you choose to share it directly.
Legal Requirements: We may disclose your information if required to do so by law, regulation, legal process, or governmental request, or when we believe in good faith that disclosure is necessary to: (a) comply with the law; (b) protect our rights, property, or safety, or that of our users or the public; (c) detect, prevent, or address fraud, security, or technical issues; or (d) respond to a lawful request by public authorities.
Business Transfers: In the event of a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of our assets, your information may be transferred as part of the transaction. We will notify you of any such change via prominent notice on the Service or by email.
With Your Consent: We may share information for any other purpose with your explicit consent.

4. Data Retention

We retain your information only for as long as reasonably necessary to fulfill the purposes for which it was collected:

Map Markers: Automatically deleted within 24 hours of creation as part of our map reset cycle.
Account Data: Retained for so long as your account is active or as needed to provide you with the Service. You may request deletion of your account at any time.
Log & Analytics Data: Retained in aggregated or anonymized form for analytical purposes and may be kept for up to 12 months.
City Operator Data: Retained for the duration of the operator relationship and for a reasonable period thereafter for recordkeeping and legal compliance.
Communications: Messages sent through the Service may be retained for service integrity and abuse prevention.

When information is no longer needed, we will securely delete or anonymize it. If deletion is not immediately possible (for example, because information has been stored in backup archives), we will securely store the information and isolate it from further processing until deletion is possible.

5. Cookies & Tracking Technologies

5.1 What Are Cookies?

Cookies are small text files stored on your device when you visit a website. They are widely used to make websites work efficiently, provide analytics, and remember your preferences.

5.2 How We Use Cookies

We use the following types of cookies and similar technologies:

Strictly Necessary Cookies: Essential for the operation of the Service. These enable core functionality such as session management, authentication, and security features. Without these cookies, the Service cannot function properly. These cookies do not require consent.
Functional Cookies: Used to remember your preferences and settings (e.g., map view state, theme preferences, welcome overlay dismissed status). These enhance your user experience but are not strictly necessary.
Analytics Cookies: Used to collect aggregated, anonymous information about how visitors use the Service, including pages visited, time spent, and interaction patterns. This data helps us improve the Service. We do not use analytics cookies to personally identify users.
Local Storage: We use browser local storage to persist certain user preferences and session data (e.g., marker history, voting records, operator status). Local storage data remains on your device and is not transmitted to our servers unless required for Service functionality.

5.3 Managing Cookies

Most web browsers allow you to control cookies through their settings. You can typically set your browser to refuse all or some cookies, or to alert you when cookies are being set. Please note that if you disable or refuse cookies, some parts of the Service may become inaccessible or not function properly. For more information about how to manage cookies, visit www.allaboutcookies.org.

5.4 Do Not Track Signals

Some browsers include a “Do Not Track” (DNT) feature that signals to websites you visit that you do not want to be tracked. We currently do not respond to DNT signals, as there is no industry-standard technology for recognizing or honoring DNT signals. We will update this policy if a standard for responding to DNT signals is established.

6. Data Security

We implement reasonable administrative, technical, and physical security measures designed to protect your personal information from unauthorized access, use, alteration, or destruction. These safeguards include:

Encryption of data in transit using TLS/SSL protocols.
Regular security reviews and vulnerability assessments.
Access controls limiting employee access to personal information on a need-to-know basis.
Secure disposal of data that is no longer required.

However, no method of electronic transmission or storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security. You acknowledge that you provide your personal information at your own risk.

7. Your Rights & Choices

Depending on your jurisdiction, you may have the following rights regarding your personal information:

Right to Access: You may request a copy of the personal information we hold about you.
Right to Correction: You may request that we correct inaccurate or incomplete personal information.
Right to Deletion: You may request that we delete your personal information, subject to certain exceptions (e.g., legal obligations, legitimate interests).
Right to Object: You may object to the processing of your personal information in certain circumstances.
Right to Data Portability: You may request a copy of your personal information in a structured, commonly used, and machine-readable format.
Right to Restrict Processing: You may request that we restrict the processing of your personal information.
Right to Withdraw Consent: Where processing is based on consent, you have the right to withdraw that consent at any time without affecting the lawfulness of processing carried out before the withdrawal.

To exercise any of these rights, please contact us through our Contact Page. We will respond to your request within a reasonable timeframe and in accordance with applicable law. We may need to verify your identity before fulfilling your request.

8. Jurisdiction-Specific Disclosures

8.1 California Residents (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (“CCPA”) as amended by the California Privacy Rights Act (“CPRA”):

The right to know what personal information is collected, used, shared, or sold.
The right to delete personal information held by businesses and by extension service providers.
The right to opt out of the sale or sharing of personal information. We do not sell or share your personal information for cross-context behavioral advertising.
The right to non-discrimination for exercising your CCPA rights.
The right to correct inaccurate personal information.
The right to limit the use and disclosure of sensitive personal information.

To submit a request, please contact us through our Contact Page.

8.2 European Economic Area, United Kingdom & Switzerland (GDPR/UK GDPR)

If you are located in the European Economic Area (“EEA”), United Kingdom (“UK”), or Switzerland, personal data is processed in accordance with the General Data Protection Regulation (“GDPR”) or the UK GDPR as applicable. Legal bases for processing your data include:

Consent: Where you have given clear consent for us to process your personal data for a specific purpose.
Contract: Where processing is necessary for the performance of a contract with you, including providing the Service.
Legitimate Interest: Where processing is necessary for our legitimate interests or the legitimate interests of a third party, provided those interests are not overridden by your rights and interests.
Legal Obligation: Where processing is necessary for compliance with a legal obligation.

If you are in the EEA, UK, or Switzerland, you have the right to lodge a complaint with your local supervisory authority if you believe that our processing of your personal information violates applicable law. You may also contact us directly with any concerns.

8.3 International Data Transfers

Your information may be transferred to and processed in countries other than the country in which you reside. These countries may have data protection laws that are different from the laws of your country. We take appropriate safeguards to require that your personal information remains protected in accordance with this Privacy Policy, including the use of Standard Contractual Clauses or other approved transfer mechanisms where required by applicable law.

9. Children’s Privacy

The Service is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13 years of age. If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact us immediately. If we become aware that we have collected personal information from a child under age 13 without verification of parental consent, we will take steps to delete that information promptly. If you are between 13 and 16 years of age and located in the EEA, we require parental consent for collecting and processing your personal data.

10. Third-Party Services

The Service may contain links to or integrate with third-party websites, services, and technologies, including but not limited to:

OpenStreetMap / Leaflet: For rendering interactive maps. Subject to the OpenStreetMap Foundation Privacy Policy.
Payment Processors: For processing payments in the City Operator program. Payment information is handled directly by the processor and is not stored on our servers.
Email Services: For sending transactional and system emails.

We encourage you to read the privacy policies of any third-party services you interact with through our Service. We are not responsible for the privacy practices of third parties.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. If we make material changes, we will notify you by posting the revised policy on the Service with an updated “Last Updated” date. For significant changes, we may also provide additional notice (e.g., a banner on the Service or an email notification). We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of the Service after any changes to this Privacy Policy constitutes your acceptance of the updated policy.

12. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us through our Contact Page.

If you are located in the EEA or UK and believe we have not adequately addressed your data protection concerns, you have the right to lodge a complaint with your local data protection supervisory authority.