Privacy Policy
Last updated: 04/30/2026 · Controller: UV Balance
1. Data we collect
Account information
When you register we collect your username, email address, and a bcrypt-hashed password (we never store your plaintext password). We also record when your email was verified and your marketing-email consent choice.
Sun-exposure sessions
When you log a session we store: session date, GPS coordinates or location name you provide, UV Index, Fitzpatrick skin type, duration, exposed body-surface area, estimated vitamin-D output, and any optional notes you enter.
Location data
Location is used only to fetch the UV Index for your position. Coordinates are stored with logged sessions so you can review your history. We do not build movement profiles or share raw coordinates with advertisers.
IP address & device information
We log your IP address on each login attempt (to detect brute-force attacks) and in server access logs maintained by our hosting provider. We do not perform device fingerprinting beyond what your browser sends in standard HTTP headers.
Anonymous session data
Before you create an account, a random session token is stored in your browser cookie. Any UV calculations or preferences saved during that anonymous session cannot be linked back to your identity and are not included in data exports or deletion requests.
Email-lead subscriptions
If you subscribe to our newsletter via a sign-up form (without creating a full account) we store your email address, your opt-in timestamp, and the page source of the sign-up. A one-click unsubscribe link is included in every marketing email.
2. Why we collect it
- Contract performance — to create and maintain your account, authenticate you, and let you view your session history.
- Legitimate interests — to detect and prevent abuse (rate-limiting login attempts), to improve the UV-calculation algorithms, and to keep server and security logs.
- Consent — to send you optional marketing emails about UV safety and vitamin-D research. You can withdraw consent at any time from your profile settings.
- Legal obligation — to retain anonymised audit records of account deletions for a minimum period required by applicable law.
3. Retention periods
- Account data — retained for as long as your account is active. Deleted immediately upon an Article 17 erasure request.
- Sun-session logs — tied to your account; deleted when your account is deleted.
- Login-attempt records — purged automatically after 30 days by a scheduled task.
- Email logs — retained for 90 days for deliverability and anti-abuse purposes. Recipient addresses are stored as a truncated hash only.
- Deletion audit records — a SHA-256 hash of your email (no plaintext) is retained indefinitely for legal-compliance purposes after you delete your account.
- Server / hosting access logs — retained according to our hosting provider's policy (typically 30–90 days).
4. Third parties
Open-Meteo (UV Index data)
UV Index data is fetched in real time from Open-Meteo, an open-source weather API. When you request a UV forecast, your browser's approximate coordinates are sent to Open-Meteo's servers. Open-Meteo states it does not store per-request user data. See Open-Meteo terms.
Amazon (affiliate links)
Some product links on this site are Amazon affiliate links. If you click one, Amazon may set cookies and collect data in accordance with Amazon's Privacy Notice. We receive a small commission on qualifying purchases at no extra cost to you. We do not pass your account information to Amazon.
Hosting & infrastructure
Our web server and database are hosted by a third-party provider. That provider processes data on our behalf under a Data Processing Agreement and does not use your data for its own purposes.
No advertising networks
We do not use Google Ads, Meta Pixel, or any other ad-tracking network. We do not sell or rent personal data to third parties.
5. Mobile Application (Android)
The UV Balance Android app is a native wrapper around uvbalance.com. The table below documents every Android permission declared in the app manifest: what it does in plain English, when it is requested, whether it is optional, and whether any data leaves your device as a result.
| Permission | Purpose | When requested | Optional? | Data leaving device? |
|---|---|---|---|---|
ACCESS_FINE_LOCATIONACCESS_COARSE_LOCATION
|
Reads your GPS position (fine) or network-estimated position (coarse) so the app can retrieve the current UV Index for exactly where you are standing. | Runtime — a system dialog appears the first time you tap "Use my location". You may choose precise location, approximate location, or deny. | Yes. You can type a city or postcode manually and every feature works without this permission. | Your coordinates are sent to Open-Meteo (UV Index lookup) and, for sessions you choose to save, stored on our server. Never sent to advertisers. |
POST_NOTIFICATIONS |
Required on Android 13+ to display any notification — specifically the sun-exposure safety timer alert that fires when your safe UV exposure time is about to expire. | Runtime on Android 13+ — a system dialog appears the first time you set a timer. On Android 12 and below, automatically granted with no dialog. | Effectively required for the timer feature. If denied, timers are scheduled but no visible alert appears. | None. Notifications are generated entirely on-device. |
SCHEDULE_EXACT_ALARMUSE_EXACT_ALARM
|
Allows the app to fire an alarm at a precise millisecond, even while
the device is in Doze (battery-saving) mode. This is safety-critical:
a timer that drifts several minutes could result in sunburn before the
alert fires.
SCHEDULE_EXACT_ALARM covers Android 12 (API 31–32);
USE_EXACT_ALARM covers Android 13+ and is automatically
granted for qualifying alarm/timer apps.
|
Android 12 only: the app directs you to
Settings → Apps → Special App Access → Alarms & Reminders
if permission has not been granted. Android 13+ grants
USE_EXACT_ALARM automatically.
|
No. Without exact alarm precision the timer cannot fire reliably during Doze and the core safety feature does not work. | None. Alarm scheduling is entirely local. |
RECEIVE_BOOT_COMPLETED |
Android clears all scheduled alarms when the device reboots. This permission lets the app listen for the boot-complete broadcast and re-schedule any pending timers, so a timer set before a restart still fires on time. |
Install-time only — no runtime dialog. The
BootReceiver component activates automatically
after reboot.
|
No. Without it, pending timers are silently lost across reboots. | None. The boot receiver reads alarm data only from local SharedPreferences storage. |
WAKE_LOCK |
Holds the CPU awake for the brief moment the alarm receiver runs, ensuring the alert sound, vibration, and notification are fully delivered before the device sleeps again. Released automatically when the receiver returns. | Install-time only — no runtime dialog. | No. Without it, alarm delivery on deeply sleeping devices is unreliable. | None. |
VIBRATE |
Makes the phone vibrate when the timer alarm fires, providing a tactile alert in addition to sound — useful if the phone is in a pocket or the user is hard of hearing. | Install-time only — no runtime dialog. | Yes in practice — the alarm fires and the notification appears without vibration if this were absent. | None. |
INTERNET |
Required for the app to load uvbalance.com and make API calls for UV Index data. Without network access the app cannot function. | Install-time only — automatically granted by Android (normal permission; no dialog). | No. |
All standard HTTPS traffic to uvbalance.com and to
Open-Meteo. Your IP address is visible to both servers as part of
normal TCP/IP communication.
|
Data Safety summary (Google Play)
The following maps the categories Google Play's Data Safety form uses to what UV Balance actually collects, so you can cross-check both documents.
| Play Data Safety category | Collected? | Notes |
|---|---|---|
| Location — Precise | Yes, optional | GPS coordinates sent to Open-Meteo for UV Index lookup; stored with saved sessions on our server. Shared with Open-Meteo (processor only). Not shared with advertisers. User may decline. |
| Location — Approximate | Yes, optional | Same purpose and handling as Precise Location above. |
| Personal info — Name | Yes (username) | Collected at registration; stored on our server; not shared with third parties. |
| Personal info — Email address | Yes | Collected at registration; used for account management and optional marketing email (explicit consent required). |
| Personal info — Password | Yes (hashed) | bcrypt hash stored; plaintext never recorded or transmitted. |
| Health & fitness — Health info | Yes | Fitzpatrick skin type, sun-exposure duration, exposed body-surface area, estimated vitamin D output — stored on our server for sessions the user explicitly saves. Not shared with third parties or advertisers. |
| Device or other IDs | No | No advertising ID, Android ID, or device fingerprint is collected. |
| App activity — App interactions | No | No analytics SDK (Firebase, Amplitude, etc.) is present in the app. |
| Data encrypted in transit? | Yes | All traffic is over HTTPS/TLS. |
| User can request data deletion? | Yes | Via Profile → Privacy & Your Data → Delete my account in-app (instant), or via https://uvbalance.com/delete-account.php without login. See Section 6. |
6. Your rights (GDPR)
If you are located in the EEA or UK you have the following rights:
- Article 15 — Access & portability: Download a JSON copy of all data we hold about you from your profile page.
- Article 16 — Rectification: Correct your username or email from your profile page.
- Article 17 — Erasure: Permanently delete your account and all associated data from your profile page, or follow the instructions at delete-account.php if you no longer have access to your account. We will also scrub any matching email-lead records.
- Article 18 — Restriction: You may ask us to restrict processing while a dispute is being resolved. Contact us by email.
- Article 21 — Objection: You may object to processing based on legitimate interests at any time. Marketing emails include a one-click unsubscribe link.
- Right to lodge a complaint: You can complain to your local supervisory authority (e.g. the ICO in the UK or your national DPA in the EU) if you believe your rights have been infringed.
We aim to respond to all verifiable requests within 30 days.
7. Contact & complaints
For privacy questions or to exercise rights that cannot be completed through your profile page, contact us at:
UV Balance
Email: contact@uvbalance.com
This policy may be updated from time to time. Material changes will be communicated via the email address on your account or via a notice on the site. The "Last updated" date at the top of this page always reflects the current version.