Privacy Policy
1. Introduction and Scope
This Privacy Policy explains how [Company name to be supplied before publication] ("we," "us," or "our") handles information when you use Louvre in 2 Hours (the "App"), a self-guided museum guide available as a mobile application or progressive web app.
The App provides museum information, suggested tours, artwork descriptions, images, and audio-guide content. This Policy applies to the App and the related information made available through https://louvre.in2hours.info. It does not govern a museum's own websites, ticketing systems, Wi-Fi networks, or other third-party services.
2. Data Controller
For the processing described in this Policy, the data controller is:
[Company name to be supplied before publication]
[Company address to be supplied before publication]
Email: [Contact email to be supplied before publication]
Website: https://louvre.in2hours.info
Questions or requests concerning privacy may be sent to [Contact email to be supplied before publication].
3. No Account Required
You do not need to create an account, provide your name, or submit an email address to use the App's core guide features. The App does not currently provide user profiles or account-based synchronization.
4. Information We Handle
4.1 Information stored locally on your device
The App may store the following information locally so that it can remember your choices and support your visit:
- your selected language;
- the museum or guide selected for use;
- tour status and progress, including stops viewed, completed, or skipped;
- completion information and achievements or badges; and
- guide content made available on the device, including text, audio, and images.
This locally stored information is not intended to identify you directly and is not transmitted to us merely because it is saved on your device. It may be removed if you clear the App's or browser's storage, reset the App, or uninstall it.
4.2 Downloaded and offline guide content
Some versions of the App may allow guide content, audio, or images to be saved locally for offline use. Where that feature is available, the downloaded files remain on your device until the App, browser, operating system, or you remove them. Downloading content does not by itself send your tour progress or achievements to us.
The availability of offline downloads varies by App version. Some releases instead include guide and audio files as part of the installed App.
4.3 Analytics and usage events
When analytics is enabled, the App may send limited usage events to Google Analytics for Firebase. These events may include:
- opening the App;
- starting or completing a tour;
- viewing or completing a tour stop;
- starting playback of an audio guide;
- selecting a related guide;
- selected language;
- tour, stop, museum, and App-variant identifiers; and
- aggregate tour information, such as the number of visited stops and completion duration.
We use these events to understand whether the guides work as intended, improve content and navigation, and measure general use. We do not intentionally include your name, email address, the audio you hear, or the text of your personal communications in these events.
Analytics providers may also process technical identifiers and network information, such as an app-instance identifier, IP address, device category, operating-system version, country or approximate region derived from network information, and App version, according to their own service configuration and documentation.
4.4 Crash reports and diagnostics
When crash reporting is enabled, the App may send diagnostic information to Firebase Crashlytics, including:
- error and crash details;
- technical logs and stack traces;
- App version and App variant;
- museum identifier;
- device model, operating-system version, and runtime state; and
- technical identifiers used to group related crashes.
We use this information to diagnose failures, improve stability, and protect the App. Crash reports are not intended to contain guide notes or other user-entered content because the App does not currently offer free-text input. Diagnostic data may nevertheless contain incidental technical information, so access should be limited to those who need it for support and security.
4.5 Audio services
Audio guides included with or saved by the App are normally played locally. Starting playback may generate the limited analytics event described above, but the App does not record your voice or send the audio you listen to back to an audio provider.
[Audio provider to be confirmed before publication] may be used to produce, supply, or host audio content for a particular App version. If a future version streams audio or sends personal data to [Audio provider to be confirmed before publication], this Policy and any required notice or choice must be updated before that processing begins.
4.6 Remote configuration and service requests
The App may contact a remote-configuration service associated with the App's service providers to retrieve non-personal settings, such as feature values or operational defaults. Such requests may necessarily expose technical information including an IP address, App version, platform, and app-instance identifier to the service provider.
4.7 Information we do not intentionally collect
The App does not intentionally collect sensitive personal data or special-category data, such as health information, biometric identifiers, precise location, racial or ethnic origin, political opinions, religious beliefs, trade-union membership, or information about sex life or sexual orientation. Please do not send such information to us through support communications.
The App does not intentionally collect contact lists, photographs, microphone recordings, payment-card details, government identifiers, or precise GPS location as part of its core guide functionality.
5. Why We Process Information and Our GDPR Legal Bases
Where the General Data Protection Regulation ("GDPR") applies, processing must have a legal basis. Depending on the App configuration and applicable law, we rely on the following bases:
- Performance of a contract or steps requested by you: to provide the guide, remember requested settings, play selected content, and maintain tour progress on your device.
- Legitimate interests: to operate and improve the App, understand general feature performance, prevent misuse, secure the service, and diagnose crashes, where those interests are not overridden by your rights and freedoms.
- Consent: for analytics, device storage, or similar technologies where applicable law requires consent. Where processing relies on consent, you may withdraw it at any time through an available App or device control or by contacting [Contact email to be supplied before publication]. Withdrawal does not affect processing that was lawful before withdrawal.
- Legal obligation: where processing is necessary to comply with applicable law, respond to lawful requests, or establish, exercise, or defend legal claims.
Local information that never leaves your device is primarily controlled by you through the App, browser, and operating-system controls. Before publication, the selected legal bases and available consent controls must be checked against the actual App version and the requirements of [Governing law to be supplied before publication].
We do not use App information for decisions that produce legal or similarly significant effects about you, and we do not intentionally perform such profiling.
6. Third-Party Providers
We may use specialized providers to operate the App:
- Google Analytics for Firebase for analytics and, where applicable, remote App configuration;
- Firebase Crashlytics for crash reporting and technical diagnostics; and
- [Audio provider to be confirmed before publication] for audio production, supply, or hosting where applicable to the published App version.
These providers process information only for their stated service roles and under their applicable terms and privacy documentation. Before this Policy is published, [Company name to be supplied before publication] must verify each provider's role, configuration, retention, security, subprocessors, and data-transfer arrangements and remove any provider clause that does not apply.
App stores, operating-system vendors, museums, map or link destinations, and websites opened from the App may process information independently under their own privacy policies. We do not control those independent services.
7. International Data Transfers
Some providers or their subprocessors may process information outside your country or the European Economic Area. Where GDPR transfer rules apply, we use a legally recognized transfer mechanism as required, such as an adequacy decision, approved standard contractual clauses, or another lawful safeguard. You may contact [Contact email to be supplied before publication] to request information about the safeguards relevant to a published App version.
Provider locations and transfer safeguards must be confirmed during the app-specific review before publication.
8. Data Retention and Deletion
We retain information only for as long as reasonably necessary for the purposes described in this Policy, subject to legal, security, and dispute-resolution requirements.
- Local preferences, progress, badges, and offline content remain on your device until you clear storage, reset or uninstall the App, or the operating system removes them.
- Analytics data is retained according to the configured retention period for Google Analytics for Firebase and is deleted or aggregated when it is no longer needed.
- Crash and diagnostic data is retained according to the configured retention period for Firebase Crashlytics and only as long as needed to investigate reliability or security issues.
- Support communications, if you contact us, may be retained while we address your request and for a reasonable period afterward to keep necessary records or resolve disputes.
Because no account is required, we may be unable to connect local device data or pseudonymous provider data to a particular person without additional information. You can delete device-only information using the App, browser, or operating-system controls available to you. Provider retention periods and deletion procedures must be verified before publication.
9. Your Rights Under the GDPR
If GDPR applies to you, and subject to its conditions and exceptions, you may have the right to:
- request access to your personal data;
- request correction of inaccurate or incomplete data;
- request deletion of personal data;
- request restriction of processing;
- object to processing based on legitimate interests;
- receive certain data in a portable format;
- withdraw consent where consent is the legal basis; and
- lodge a complaint with the data-protection supervisory authority in your country of residence, place of work, or place of the alleged infringement.
To exercise a right, contact [Contact email to be supplied before publication]. We may ask for information reasonably necessary to verify the request. We will respond within the period required by applicable law. These rights generally apply to information processed by us or on our behalf, not to device-only information that we cannot access.
10. Children's Privacy
The App is a general-audience museum guide and is not designed to solicit personal data from children. A child may use guide content with appropriate adult or museum supervision, but should not send personal information through support channels without the involvement of a parent or guardian.
We do not knowingly collect personal data from a child in circumstances that require parental authorization without that authorization. If you believe a child has provided personal data improperly, contact [Contact email to be supplied before publication] so the matter can be reviewed and appropriate deletion steps can be taken.
11. Security
We use reasonable technical and organizational measures designed to protect information against unauthorized access, alteration, disclosure, loss, or misuse. Measures may include limiting provider access, using encrypted network connections where supported, maintaining current dependencies, and restricting diagnostic access.
No application, device, storage system, or transmission method is completely secure. You are responsible for maintaining appropriate security on your device and for following museum rules when using the App.
12. Changes to This Policy
We may update this Privacy Policy when the App, providers, legal requirements, or our practices change. The revised version will be published through https://louvre.in2hours.info or the channel through which this Policy is made available. Material changes will be communicated as required by applicable law.
The version applicable to a white-label App must be reviewed whenever analytics, crash reporting, audio delivery, offline storage, or other data practices materially change.
13. Contact Information
For privacy questions, requests, or complaints, contact:
[Company name to be supplied before publication]
[Company address to be supplied before publication]
Email: [Contact email to be supplied before publication]
Website: https://louvre.in2hours.info
This reusable draft is not legal advice and is not approved for publication until it has been completed and reviewed by qualified legal counsel against the published App's actual providers, retention settings, international transfers, store disclosures, target territories, museum relationships, and applicable legal requirements.