Privacy Policy

Last updated: 1 May 2026

This Privacy Policy describes how the Taste Istanbul mobile application ("the App", "we", "our") handles information when you use it. We have built the App with privacy as a default: we do not require you to create an account, we do not collect personally identifiable information, and the data you generate inside the App stays on your device.

1. Summary

• We do not ask you to register or sign in.
• We do not collect your name, email, phone number, or any direct identifier.
• Your favourites, tour progress, and downloaded offline tours are stored only on your device.
• We fetch tour and venue content from our hosting provider (Google Firebase Hosting) and venue photography from Google's image servers — these requests reveal your IP address to those providers.
• If analytics are enabled, anonymous, aggregated usage events may be sent to Google Firebase Analytics. You can disable this in the App's settings.
• The App does not currently request your location. Map views are display-only and centred on each venue.

2. Information stored on your device

The App stores the following data locally using Apple's standard storage mechanisms (UserDefaults and the application Documents directory). None of it is transmitted to us or to any third party.

• Favourites — the list of tours, stops, and venues you have hearted.
• Tour progress — which stops you have marked as visited.
• Offline downloads — JSON content and photography you have explicitly chosen to download for offline use, kept inside the App's sandboxed Documents directory.
• Onboarding flag — a single boolean indicating whether you have seen the welcome screens.

All of this data is removed from your device when you delete the App.

3. Information sent over the network

3.1 Content delivery

The App fetches its tour catalogue, district directory, food categories, and venue data from Google Firebase Hosting (tasteistanbul.web.app). Each request to that service necessarily reveals your device's public IP address and a generic user-agent string to the hosting provider for the purpose of delivering the response. We do not associate those requests with any user identity, because we do not have one.

3.2 Photography

Tour and venue photography is hosted on Google's image servers (lh3.googleusercontent.com) and is fetched directly by the App when an image is displayed. These requests are subject to Google's Privacy Policy.

3.3 Map tiles

Map views inside the App use Apple's MapKit, which fetches map tiles from Apple. These requests are governed by Apple's privacy policies. The App displays only static map regions centred on each venue and does not request access to your device location.

3.4 Optional analytics

The App may include integration with Google Firebase Analytics to collect anonymous, aggregated usage statistics — for example, how many users opened a tour, or which districts are most popular. When enabled, these events are sent without any direct user identifier and cannot be tied back to a specific person by us. Firebase Analytics is governed by Google's Privacy Policy.

You can disable analytics at any time inside the App's Settings. The App also honours the analytics flag delivered in our remote configuration; if we disable it remotely, all analytics calls cease immediately for every user.

4. Children's privacy

The App is rated suitable for general audiences and is not directed at children under 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us at the email address below and we will delete it.

5. Third-party services

The App relies on the following services. Each operates under its own privacy policy:

• Apple MapKit — for map display. Apple Privacy.
• Google Firebase Hosting — for content delivery. Firebase Privacy.
• Google Places photography — for venue photos. Google Privacy.
• Google Firebase Analytics (optional, opt-out) — for anonymous usage statistics. Firebase Privacy.

6. Your rights

Because the App does not collect personally identifiable information, there is no user record we hold that we could disclose, correct, or delete on request. You can:

• Reset your favourites and progress at any time inside the App.
• Delete the App from your device to remove all locally stored data.
• Disable optional analytics inside the App's Settings.
• Disable Apple's IDFA tracking system-wide via iOS Settings → Privacy & Security → Tracking.

7. Data retention

We do not retain user data on our servers because we do not collect any. Anonymous analytics events sent to Firebase are subject to Google's retention defaults (typically 2 months for event data, 14 months for user properties), unless you have disabled analytics in the App's Settings.

8. Changes to this policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top of this page reflects the most recent change. Material changes will be communicated inside the App when practical.

9. Contact

Questions about this policy or our data practices? Email [email protected].