Privacy Policy

Last Updated: October 22, 2025

Introduction

Kebab is a privacy-first mobile application for tracking charitable donations and calculating Fair Market Values for tax purposes. This Privacy Policy explains how information is handled when you use the App.

Night Owl Studio ("we," "our," or "us") develops and maintains Kebab. We are committed to protecting your privacy.

Information Collection by Subscription Tier

FREE Tier (No Data Collection)

If you use the FREE tier of Kebab, we collect minimal information about you. Specifically, we do not collect:

• Your donation records
• Organization information you enter
• Item descriptions or valuations
• Export files you generate
• Personal identifying information
• Usage analytics or statistics
• Device identifiers (UDID, Advertising ID, etc.) - except a temporary UUID for rate limiting (see below)
• Your location data (see Location Services below)
• Contact information

FREE tier users have strong privacy protection with minimal tracking.

STANDARD and PREMIUM Tiers (Limited Data Collection)

If you purchase a STANDARD or PREMIUM subscription through Apple's App Store or Google Play Store, we collect only your transaction identifier to enforce subscription limits and prevent abuse:

Transaction ID Collection

• What We Collect: Your unique transaction ID (iOS) or order ID (Android) from your in-app purchase receipt
• How We Get It: Provided automatically by Apple/Google when you subscribe
• Why We Collect It: To track your AI valuation quota usage and verify your subscription status
• What It's NOT Linked To:
  • Your personal identity
  • Your device hardware identifiers
  • Your email address or Apple/Google account information
  • Your donation records or any App data
• Data Retention: Transaction IDs are stored only for the current and previous calendar year for quota tracking
• Third-Party Access: Transaction IDs are validated with Apple/Google servers but not shared with any other third parties

What We Still Don't Collect (Paid Tiers)

Even with a paid subscription, we still do not collect:

• Your donation records or organization information
• Item descriptions or valuations
• Personal identifying information beyond the transaction ID
• Device identifiers (UDID, Advertising ID, etc.) - except a temporary UUID for rate limiting (see below)
• Usage analytics or behavioral data
• Your location data (see Location Services below)
• Contact information

Your donation data always remains under your control, regardless of subscription tier.

Data Storage

Local Storage Only: All donation records, organization data, and valuation information are stored exclusively in a local SQLite database on your device. We have no access to this data and cannot retrieve it remotely.

Your Control: You have complete control over your data. You can export, delete, or clear all donation records at any time through the App's interface.

Third-Party API Services

While we don't collect your donation data, the App uses external services for Fair Market Value lookups. When you use AI-powered valuations:

eBay Browse API

• Purpose: Search sold items for comparable Fair Market Values
• Data Sent: Item descriptions and condition information
• Subscription Receipt (STANDARD/PREMIUM only): Your transaction ID is sent to verify your subscription status
• IP Address: Your IP address may be visible to eBay during API requests
• eBay's Privacy Policy: https://www.ebay.com/help/policies/member-behaviour-policies/user-privacy-notice-privacy-policy

Claude AI (Anthropic)

• Purpose: Analyze marketplace data for valuation recommendations
• Data Sent: Item descriptions and marketplace search results
• Subscription Receipt (STANDARD/PREMIUM only): Your transaction ID is sent to verify your subscription status and quota
• IP Address: Your IP address may be visible to Anthropic during API requests
• Anthropic's Privacy Policy: https://www.anthropic.com/privacy

Important Notes:

• FREE tier users: No subscription receipt is sent. Your requests are anonymous.
• STANDARD tier users: Transaction ID is used only to enforce the 25 AI valuations per year limit
• PREMIUM tier users: Transaction ID is used only to verify unlimited access
• Item descriptions sent to eBay and Claude are not linked to your identity

Offline Value Guide

The App includes a bundled offline guide with 1,757 common donation items. Using the offline guide sends no data to any external service.

Location Services

The App may request permission to access your device's location for automatic charitable mileage tracking:

Purpose: When you enable location services, the App can automatically calculate the distance you travel for charitable purposes (e.g., driving to donation centers, volunteering sites).

Your Choice: Location access is entirely optional. If you decline location permission, you can always enter mileage manually.

Data Handling:

• Location data is used only to calculate travel distance
• We do not save your location data
• We do not share your location with any third parties
• Location information is never transmitted to our servers
• Only the calculated mileage distance is stored locally on your device

Privacy Protection: The App processes location information locally on your device. No location coordinates, routes, or tracking data leave your device.

Cached Data

To reduce API costs and improve performance, the App caches Fair Market Value lookup results locally on your device. This cache:

• Stores only anonymous item descriptions and values
• Is stored exclusively on your device
• Can be cleared at any time through Cache Management in Settings

Device Identifier for Abuse Prevention

To prevent abuse of our Fair Market Value API, we collect a temporary device identifier:

• What We Collect: A randomly generated UUID created when you first install the App
• Why We Collect It: To prevent excessive AI valuation requests that would incur significant API costs
• How Long We Keep It: 24 hours only (usage counters automatically deleted after 24 hours)
• Rate Limits:
  • FREE tier: 50 AI valuations per device per day
  • STANDARD tier: 100 AI valuations per device per day
  • PREMIUM tier: 200 AI valuations per device per day
• What It's NOT:
  • Not linked to your personal identity
  • Not linked to your donation records
  • Not linked to hardware identifiers (UDID, Advertising ID)
  • Not shared with third parties
  • Cannot be used to track you across apps
• Purpose: Rate limiting only to prevent API abuse

This applies to all tiers (FREE, STANDARD, PREMIUM) and is necessary to protect our service.

When your daily limit is reached:

• The App automatically falls back to the Offline Value Guide (1,757 items)
• You can search eBay manually using the provided link
• Your limit resets at midnight UTC

Subscription Enforcement and Compliance

How Subscription Limits Work

• FREE Tier: AI valuation limit (5 per install) is enforced by the App on your device only. No backend tracking.
• STANDARD Tier: AI valuation limit (25 per year) is enforced by our backend server using your transaction ID
• PREMIUM Tier: No limits. Receipt validation ensures you have an active subscription.

Multi-Device Behavior

If you use the same subscription on multiple devices (iPhone and iPad, for example):

• Your transaction ID is the same across all devices
• STANDARD tier: The 25 AI valuations per year quota is shared across all your devices
• This is intentional behavior to prevent abuse while allowing legitimate multi-device use

GDPR and CCPA Compliance

Transaction IDs are not considered Personally Identifiable Information (PII) under GDPR or CCPA because:

• They cannot be used to identify you as an individual
• They are not linked to your name, email, phone number, or other personal data
• They are generated by Apple/Google, not by us
• They exist solely to verify subscription status

Your Rights:

• FREE tier: No data to access, delete, or modify
• STANDARD/PREMIUM tier: You may contact us to request deletion of your transaction ID from our quota tracking system
• Unsubscribing automatically stops all data collection

Export Functionality

When you export donation records:

• Export files (CSV format) are generated locally on your device
• You control where export files are saved or shared
• Export files are never transmitted to our servers
• You are responsible for securing exported files

No User Accounts

The App does not require account creation, registration, or authentication. We collect no email addresses, usernames, or passwords.

Children's Privacy

The App does not knowingly collect information from children under 13. The App is intended for adults managing charitable donation records for tax purposes.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Changes will be reflected in the "Last Updated" date. Continued use of the App after changes constitutes acceptance of the updated Privacy Policy.

Legal Disclaimer

Not Tax Advice: Kebab is a record-keeping tool, not tax preparation software. We provide no tax advice. Consult a qualified tax professional for tax guidance.

No Warranty: Fair Market Values are estimates based on marketplace data. We make no warranty as to their accuracy or IRS acceptance.

Data Security

Since your data never leaves your device (except during exports you initiate), your data security depends on:

• Your device's security settings
• Your device's encryption
• Your backup practices
• How you secure exported files

We recommend:

• Using device encryption
• Setting a device passcode/password
• Regularly backing up your device
• Securely storing exported files

Your Rights

FREE Tier Users

Because we don't collect any data from FREE tier users, there is no data for us to:

• Access or retrieve
• Delete or modify
• Share or sell
• Transfer to another service

All data management is performed directly on your device through the App's interface.

STANDARD/PREMIUM Tier Users

For paid subscribers, we only store your transaction ID for quota enforcement. You have the right to:

• Access: Request confirmation of what transaction ID we have stored
• Deletion: Request deletion of your transaction ID from our system (this will end your subscription benefits)
• Portability: Transaction IDs are generated by Apple/Google and can be retrieved from your purchase history
• Opt-Out: Cancel your subscription at any time through Apple App Store or Google Play Store

To Exercise Your Rights: Contact us at privacy@nightowlstudio.us with your request.

Data on Your Device

Regardless of subscription tier, all donation records on your device are under your complete control:

• Export to CSV at any time
• Delete individual donations or clear all data
• No remote access or retrieval by us
• Your device's security settings protect your data

Contact Us

For questions about this Privacy Policy:

• Email: privacy@nightowlstudio.us
• Website: https://kebab.tax/privacy