Privacy Policy

DolarMap · Last updated: May 14, 2026

1. Introduction

This Privacy Policy describes how DolarMap handles user data, in compliance with the General Personal Data Protection Law (LGPD – Law No. 13,709/2018) and the privacy policies of the distribution platforms (Google Play and Apple App Store).

By using DolarMap, you agree to the practices described in this document. If you do not agree, we recommend that you do not use the application.

2. Data Controller

The controller of the personal data processed by DolarMap is <strong>Tecnologia Atual Serviços LTDA</strong> (CNPJ 51.334.748/0001-61), a Brazilian company. To exercise your rights or obtain clarifications, please contact us via email at support@bitsark.com.

3. What Data We Collect

DolarMap was designed with the principle of data minimization: we collect only what is strictly necessary for the service to function.

3.1 Device Identifier (UUID)

When you first use the application, we automatically generate a UUID (Universally Unique Identifier) for your device. This identifier is anonymous - it is not linked to your name, email, or any other personally identifiable information. It is used to:

  • Associate your price alerts with your device, without requiring registration.
  • Authenticate requests to the DolarMap API.

3.2 Firebase Identifier (UID)

The local UUID is registered with Firebase Authentication to generate a secure authentication token. The Firebase UID is stored in our database as the key for your alerts. This identifier is generated automatically and does not reveal your identity.

3.3 FCM Token (Push Notifications)

To send price alerts to your device, we use Firebase Cloud Messaging (FCM). FCM provides a specific token for your device, which we store associated with your alerts. This token:

  • Identifies the device for notification delivery purposes but does not identify you personally.
  • Is automatically updated by the operating system and synchronized with our server.
  • Is removed from our database when the associated alerts are deleted or when the token is invalidated by the system.

3.4 User-Configured Alert Data

When you create an alert, we store:

  • The monitored asset (e.g., "USDT/BRL on Binance").
  • The target price and condition you set (e.g., "below R$ 5.20").
  • The alert settings: mode (buy/sell/arb), recurrence, status (active/paused).
  • The creation date and time.

This data is authored by you and is used exclusively to trigger notifications as you have configured.

3.5 Sign in with Google (Optional)

If you opt to Sign in with Google, Firebase Authentication receives your Google UID (an opaque identifier generated by Google, not your email or name). We only store this UID to migrate your alerts from the temporary UUID to a permanent account. We do not store your email, name, profile picture, or any other data from your Google profile.

3.6 Third-Party SDKs

DolarMap integrates the following third-party SDKs that may process device data as described in this policy:

  • <strong>Firebase Authentication</strong> (Google LLC) – anonymous and Google-based authentication.
  • <strong>Firebase Cloud Messaging</strong> (Google LLC) – push notification delivery.

No other third-party analytics, advertising, or crash-reporting SDKs are integrated into the application.

3.7 Data We Do NOT Collect

DolarMap does not collect:

  • Name, email, CPF, phone number, or any direct personal identification data.
  • Geographic location.
  • Biometric data.
  • Browsing history or behavior outside the application.
  • Financial, banking, or credit card data.
  • Contacts, photos, or other device data.

3.8 App Preferences

We store your display preferences (dark mode, decimal places, default mode) locally on your device. These preferences are not sent to our servers or linked to your identity.

4. How We Use Data

The collected data is used exclusively to:

  • Associate price alerts with the user's device or account.
  • Send push notifications when alert conditions are met.
  • Maintain a secure authenticated session.
  • Improve the performance and stability of the service (aggregated technical and usage data, without individual identification).

We do not use personal data for advertising, profiling, or any purpose other than the operation of the service itself.

5. Legal Basis (LGPD)

The data processing by DolarMap is based on the following legal grounds provided in Art. 7 of the LGPD:

  • <strong>Performance of a contract or preliminary procedures (Art. 7, V):</strong> necessary to provide the features requested by the user, such as alerts and notifications.
  • <strong>Legitimate interest (Art. 7, IX):</strong> for generating the UUID and anonymous authentication, which allow the use of the application without mandatory registration, respecting the user's privacy.
  • <strong>Consent (Art. 7, I):</strong> for Sign in with Google, which is explicitly voluntary.

6. Data Sharing

We do not sell, rent, or trade users' personal data. Data is shared only with the following infrastructure providers, strictly necessary for the service to function:

6.1 Google Firebase (Authentication and Cloud Messaging)

We use Firebase Authentication for secure authentication and Firebase Cloud Messaging for sending push notifications. Google receives the UUID/UID and FCM token from devices. Google has its own privacy policy, available at <a href="https://firebase.google.com/support/privacy" target="_blank" rel="noopener noreferrer">firebase.google.com/support/privacy</a>. firebase.google.com/support/privacy .

6.2 Own Server (TimescaleDB/PostgreSQL)

Alerts and tokens are stored in our own database, hosted on a dedicated server. We do not share this data with third parties other than Firebase as described above.

6.3 Legal Disclosure

We may disclose data if required by law, court order, or competent authority, to the extent strictly necessary to comply with the legal obligation.

7. Data Retention

We retain your data for the time necessary to provide the service:

  • <strong>Alerts and FCM tokens:</strong> stored as long as the alerts exist. When an alert is deleted, the associated data is removed.
  • <strong>Raw market quote data:</strong> retained for 30 days and then automatically deleted.
  • <strong>Aggregated analytical data</strong> (without individual identification): retained indefinitely for historical exchange analysis.
  • <strong>UUID and Firebase UID:</strong> maintained as long as the user is active. To protect your privacy, we automatically deactivate alerts after 6 months of inactivity (anonymous accounts) or 12 months (Google accounts). All data associated with the identifier is permanently removed after 7 or 13 months of inactivity, respectively.

8. Security

We adopt the following technical measures to protect data:

  • Communication between the application and the server via HTTPS (TLS).
  • Authentication based on tokens signed by Firebase.
  • Database on a private server, without direct exposure to the internet.
  • FCM tokens are automatically invalidated when they expire or are reported as invalid by Google.

No system is 100% secure. In the event of a security incident affecting personal data, we will notify the affected users as required by the LGPD.

9. Your Rights (LGPD – Art. 18)

As a personal data subject, you have the following rights, which can be exercised via the developer's contact email:

  • <strong>Confirmation and access:</strong> to know what data we have about you and obtain a copy.
  • <strong>Correction:</strong> to request the correction of incomplete or incorrect data.
  • <strong>Anonymization or deletion:</strong> to request the anonymization or deletion of your unnecessary data or data processed in non-compliance with the law.
  • <strong>Portability:</strong> to receive your data in a structured and readable format.
  • <strong>Revocation of consent:</strong> where processing is based on consent, you can revoke it at any time.
  • <strong>Objection:</strong> to object to processing carried out on the basis of legitimate interest.

For alert data, you can exercise these rights directly in the app by deleting or editing your alerts. For permanent account and data removal, use the <em>"Delete my account"</em> option in Settings.

10. Cookies and Tracking

DolarMap is a native mobile application and does not use cookies. There is no behavioral tracking, advertising pixels, or third-party analytics SDKs integrated into the application.

11. International Data Transfer

Firebase Authentication and Firebase Cloud Messaging are Google services, whose servers may be located outside of Brazil. This transfer is carried out based on the adequate safeguards provided for in Art. 33 of the LGPD, as Google is a provider with privacy policies compatible with recognized international standards.

12. Minors

The application is not specifically directed at children or adolescents under the age of 13. We do not knowingly collect data from children. If a guardian identifies that a child under their care has provided data to the application, please contact us so that the data can be deleted immediately.

13. Changes to This Policy

This Policy may be updated periodically. Significant changes will be communicated via an in-app notice before they take effect. Continued use after the communication implies acceptance of the new version. The current version is always available on the <em>"Privacy Policy"</em> screen of the application.

14. Contact and Data Protection Officer (DPO)

DolarMap is operated by Tecnologia Atual Serviços LTDA, which follows industry-standard privacy and security practices. For any privacy-related questions, please contact us via email at <a href="mailto:support@bitsark.com">support@bitsark.com</a>.

We will respond to requests within 15 business days, as provided for by the LGPD.

15. App Store Privacy Summary

The following summary is provided in alignment with Apple App Store and Google Play Store privacy disclosure requirements.

Data Not Linked to You

The following data may be collected but is not linked to your identity:

  • <strong>Identifiers:</strong> Anonymous device UUID and Firebase UID, used solely to associate your alerts with your device.
  • <strong>Usage Data:</strong> Aggregated, anonymized service performance data (no individual identification).

Data Linked to You (Google Sign-In only)

If you opt to Sign in with Google, the following data is linked to your account:

  • <strong>Identifiers:</strong> Google UID (opaque identifier - not your email or name), used to restore your alerts across devices.
  • <strong>User Content:</strong> Your configured price alerts (asset, target price, conditions).

Data Not Collected

DolarMap does not collect data used to track you across apps or websites owned by other companies, and does not use data for advertising or profiling purposes.

To request deletion of your account and all associated data, visit our <a href="/dolarmap/support#account-deletion">Support page</a> or use the <em>"Delete my account"</em> option in the app's Settings.