Legal

Privacy Policy

Effective Date: May 1, 2026  ·  Issued by: REYCO Innovations

Your privacy matters. This Privacy Policy explains what information aSpot collects, how it is used, and your rights regarding that information. By using aSpot, you agree to the practices described in this policy.

Section 01

Who We Are

aSpot is a product of REYCO Innovations. We build crowd-sourced parking intelligence tools for iOS. If you have any questions about this policy, contact us at legal@aspot.app.

Section 02

Information We Collect

Information You Provide

  • Account information — your name, email address, username, and phone number when you create an account
  • Vehicle information — year, make, model, and color of vehicles you add to your profile
  • Parking spot reports — when you report a spot as available, occupied, or flag a hazard such as a fire hydrant zone, construction, or film shoot
  • Saved parking locations — addresses and labels you save within the app
  • Block difficulty ratings — star ratings you submit about how difficult a block is to park on
  • Confidence votes — thumbs up or down votes you cast on spot reports submitted by other drivers
  • Planned parking sessions — destinations and reminder times you schedule in Plan My Parking

Information Collected Automatically

  • Precise location data — collected while the app is in use to display nearby parking spots, provide turn-by-turn navigation, detect your approach to available spots, and show walking directions to your parked car
  • Approximate location — used to query parking sign data, street geometry, and block-level intelligence for your current area
  • Speed and heading — used by the CurbIntel™ approach detection system to determine when you are slowing near an available spot
  • Device push token — collected when you grant notification permission, used to deliver real-time spot release alerts
  • App usage events — structured analytics events (such as paywall views and feature usage) recorded to improve the product

Information We Do Not Collect

  • We do not collect payment information — no credit card or billing data is processed or stored by aSpot
  • We do not collect data in the background when the app is closed, except for scheduled local notifications
  • We do not use advertising SDKs or sell your data to advertisers
  • We do not track you across other apps or websites

Section 03

How We Use Your Information

All data aSpot collects is used solely to provide and improve the app's core features:

  • Your location is used to center the map, load nearby parking spots, score blocks in real time, and provide navigation
  • Your speed and heading are used to detect when you are approaching an available spot and activate CurbIntel™ guidance
  • Your account information is used to identify you, sync your data across devices, and restore your profile when you sign in
  • Your vehicle information is used to filter parking spots by vehicle type and personalize your experience
  • Parking spot reports, votes, and block ratings you submit improve the accuracy of the crowd-sourced map for all users
  • Your push token is used to send you real-time alerts when a nearby driver signals they are leaving a spot
  • Analytics events are used to understand how features are used and improve the product — they are not shared with advertisers

Section 04

Data Storage & Backend

aSpot uses Supabase as its backend infrastructure — a secure, SOC 2 compliant cloud database platform. The following data is stored on Supabase servers:

  • Your account profile (name, username, email, phone)
  • Vehicle profiles associated with your account
  • Parking spot reports you submit
  • Block difficulty ratings and confidence votes
  • Parking session history
  • Saved parking locations
  • Planned parking sessions
  • Your membership tier and entitlement status
  • Your device push notification token
  • Structured analytics events

All database access is protected by Row Level Security (RLS) policies. Your data is only readable by you and REYCO Innovations. No other user can access your personal account data.

Some data — such as notification preferences and cached map data — is also stored locally on your device using Apple's UserDefaults system and is encrypted by iOS when your device is locked.

Section 05

Authentication

aSpot supports the following sign-in methods, all handled securely through Supabase Auth:

Email & Password

Your email address and a hashed password are stored securely by Supabase. We never store your password in plain text.

Sign in with Apple

When you sign in with Apple, Apple provides aSpot with a unique user identifier and, optionally, your name and email address. Apple may provide a private relay email address if you choose to hide your real email. This data is stored in your aSpot profile on Supabase. Governed by Apple's privacy policy at apple.com/legal/privacy.

Sign in with Google

When you sign in with Google, Google provides aSpot with your name and email address via OAuth. This data is stored in your aSpot profile on Supabase. Governed by Google's privacy policy at policies.google.com/privacy.

Guest Mode

You may use aSpot in Guest Mode without creating an account. In Guest Mode, no account data is transmitted to our servers. Crowd-sourced contribution features require a signed-in account.

Section 06

Active User Presence

aSpot includes an optional Show Me on Map feature. When enabled, your approximate location is broadcast in real time via Supabase Realtime so that other nearby drivers can see you as an orange car pin on the map.

Your coordinates are fuzzed to an approximately 80-meter grid before transmission. Your precise GPS location is never shared with other users. This feature is opt-in and can be disabled at any time in Settings.

When you activate I'm Circling mode, an anonymized signal indicating that a driver is searching for parking in your vicinity is broadcast to nearby users. No precise location is shared.

When you activate I'm Leaving, a spot release event containing the street name and approximate location of your parked spot is broadcast to nearby drivers. This helps other drivers find your spot as you depart.

Section 07

Third-Party Services

aSpot integrates with the following third-party services:

Supabase

Our backend database, authentication, and real-time infrastructure provider. Supabase is SOC 2 Type II compliant. Data is stored on servers in the United States. See supabase.com/privacy.

Apple MapKit & CoreLocation

Used for map rendering, turn-by-turn navigation, and GPS location. Governed by Apple's privacy policy at apple.com/legal/privacy.

Apple Push Notification Service (APNs)

Used to deliver real-time push notifications such as spot release alerts and parking session reminders. Your device push token is stored on Supabase and used solely for notification delivery.

NYC Open Data — DOT Parking Signs

Used to fetch live parking sign regulations for the block nearest your selected spot. Requests include a geographic bounding box. No personal data is transmitted.

NYC Geoclient v2

Used for address and intersection geocoding. Requests include street addresses or coordinates. No personal data is transmitted. Operated by the City of New York.

NHTSA vPIC API

Used to populate vehicle make, model, and year options during onboarding. Requests include only vehicle year and make. No personal data is transmitted. Operated by the U.S. National Highway Traffic Safety Administration.

OpenStreetMap Overpass API

Used to load supplemental street geometry. Requests include a geographic bounding box of your current map view. No personal data is transmitted.

Section 08

Push Notifications

If you grant notification permission, aSpot may send you the following types of notifications:

  • Parking session warnings — reminders before your move-by deadline (30 min, 10 min, 2 min)
  • Spot release alerts — real-time pings when a nearby driver signals they are leaving a spot
  • Parking sign restriction warnings — alerts before a sign restriction goes into effect near your parked car
  • Meter expiry reminders — alerts before your paid meter expires
  • Planned parking reminders — notifications before a planned parking session you scheduled

You can disable all notifications at any time in iOS Settings > Notifications > aSpot.

Section 09

Analytics

aSpot logs structured analytics events to a Supabase table to help us understand how features are used and improve the product. These events include actions such as viewing the membership paywall, using Plan My Parking, and activating CurbIntel™ guidance.

Analytics events may include your user ID (if signed in), app version, platform, and event-specific properties. They do not include precise location data. Analytics data is never sold or shared with third parties for advertising purposes.

Section 10

Children's Privacy

aSpot is not directed at children under the age of 13. We do not knowingly collect any information from children under 13. If you believe a child has provided us with personal information, contact us at legal@aspot.app and we will take steps to delete it promptly.

Section 11

Your Rights

You have the following rights regarding your data:

  • Access — you can view your profile and vehicle information in Settings at any time
  • Correction — you can edit your profile, username, and vehicle information in Settings
  • Deletion — you can delete your account and all associated data by contacting us at legal@aspot.app. We will process deletion requests within 30 days.
  • Location — revoke location permission at any time in iOS Settings > Privacy & Security > Location Services > aSpot
  • Notifications — disable notifications at any time in iOS Settings > Notifications > aSpot
  • Presence — disable Show Me on Map at any time in aSpot Settings
  • Portability — contact us at legal@aspot.app to request a copy of your data

Section 12

Data Security

We take data security seriously. aSpot protects your data through the following measures:

  • All data in transit is encrypted using TLS/HTTPS
  • Supabase enforces Row Level Security (RLS) on all database tables — your data is only accessible to you and REYCO Innovations
  • Authentication tokens are stored securely using platform-standard keychain storage
  • Local device data benefits from iOS encryption when your device is locked
  • Your precise location is never transmitted to other users — only fuzzed approximate coordinates are shared via the optional presence feature

No system is 100% secure. If you believe your account has been compromised, contact us immediately at legal@aspot.app.

Section 13

Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the Effective Date at the top of this document. Continued use of aSpot after any changes constitutes acceptance of the updated policy. For material changes, we will provide notice within the app where reasonably practicable.

Section 14

Contact Us

If you have questions about this Privacy Policy or want to exercise your data rights, please contact us:

REYCO Innovations

Email: legal@aspot.app

Website: aspot.app