Privacy Policy

Introduction

Reveal is operated by OVVA, s.r.o., a company registered in Slovakia. At Reveal, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and website.

Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the application.

Short Version

  • We collect anonymous statistics about your visit, like which of our pages you viewed.
  • Some third parties like Facebook and Twitter may know you visited this website if you use their services. We can't control them but we don't believe this knowledge poses any threat to you.
  • If you sign up with us we take great care to keep your information safe and we'll never share it with others without your express permission.
  • We never share your data with third parties except to help us deliver our own services.
  • We will never provide your personal information or email address to any third parties for marketing purposes.

These are just the key points. If you need detail, keep reading.

Information We Collect

We may collect information about you in various ways:

  • Personal Data: Name, email address, and other contact information when you register for an account.
  • Location Data: With your permission, we collect location data to provide our core service of tracking your travels.
  • Usage Data: Information about how you use our application, including your interactions with features and content.
  • Device Information: Information about your mobile device, including device type, operating system, and unique device identifiers.

Google User Data

When you choose to connect your Google account to Reveal, we request access to specific types of Google user data to enhance your experience. Below is a clear description of what data we access and how we use it:

Data We Access from Google

  • Email Address: We access your Google account email address to create and authenticate your Reveal account.
  • Profile Information: We may access your basic profile information (name, profile picture) to personalize your Reveal experience.
  • Google Fit Data (if authorized): (Next part NOT aplicable, work is still in progress. We will let you know when it's ready, and this point is aplicable to your privacy.)
    If you grant permission, we may access your Google Fit activity data to automatically import your fitness activities and track your travels.

How We Use Google User Data

  • Account Creation and Authentication: Your Google email is used to create your Reveal account and authenticate your login sessions.
  • Profile Setup: Your name and profile picture are used to set up your Reveal profile, which you can modify at any time.
  • Service Communication: Your email may be used to send important service notifications, security alerts, and updates about your Reveal account.

Data Sharing and Third-Party Access

We do not sell, rent, or share your Google user data with third parties for marketing or advertising purposes. Your Google user data is used exclusively within the Reveal application to provide our core services. We may share aggregated, anonymized data for analytics purposes, but this data cannot be used to identify individual users.

Data Retention and Deletion

  • Data Storage: Google user data is stored securely in our encrypted database for as long as your account is active.
  • Account Deletion: You can delete your Reveal account at any time from your account settings. Upon deletion, all associated Google user data will be permanently removed from our systems within 30 days.
  • Revoke Access: You can revoke Reveal's access to your Google account at any time through your Google Account Permissions page. Note that revoking access may limit certain features of the Reveal application.

Security Measures

We implement industry-standard security measures to protect your Google user data, including encryption at rest and in transit, secure authentication protocols (OAuth 2.0), and regular security audits. However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

Compliance with Google API Services User Data Policy

Reveal's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. We use your Google user data only to provide and improve the features you have explicitly requested, and we do not use this data for any other purpose without your explicit consent.

Strava Integration

When you choose to connect your Strava account to Reveal, we request access to your Strava data to automatically import your fitness activities and enhance your travel tracking experience. Below is a clear description of what data we access and how we use it:

Data We Access from Strava

  • Profile Information: We access your Strava profile data including your name, profile picture, athlete ID, location (city, state, country), and basic account information to create or link your Reveal account.
  • Activity Data: With your permission (scope: activity:read_all), we access your Strava activities including routes, distances, timestamps, GPS coordinates, elevation data, and activity types (running, cycling, hiking, etc.).
  • Public Activities Only: We only access activities you have marked as public or have explicitly shared with Reveal. Private activities remain private unless you change their visibility settings.

How We Use Strava Data

  • Account Creation and Authentication: Your Strava profile information is used to create your Reveal account and enable seamless sign-in through Strava OAuth.
  • Activity Import and Visualization: Your Strava activities are automatically imported and displayed on your personal Reveal map, allowing you to visualize your travel history and explored territories.
  • Statistics and Gamification: Activity data (distances, elevation, activity types) is used to calculate your exploration statistics, achievements, and gamification metrics within Reveal.
  • Historical Comparison: Your activity routes may be compared with historical explorer journeys to show how your travels align with famous expeditions.

Data Sharing and Storage

We do not sell, rent, or share your Strava data with third parties for marketing or advertising purposes. Your Strava data is stored securely in our encrypted database and used exclusively within the Reveal application. Activity data you choose to share publicly within Reveal (via your privacy settings) may be visible to other Reveal users, consistent with how Strava's own sharing features work.

Managing Your Strava Connection

  • Disconnect Anytime: You can disconnect your Strava account from Reveal at any time through your account settings. This will stop new activity imports, but previously imported data will remain in your Reveal account unless you delete it manually.
  • Revoke OAuth Access: You can revoke Reveal's access to your Strava account at any time through your Strava Connected Apps page. This will prevent Reveal from accessing new activities, but will not automatically delete data already imported.
  • Data Deletion: To delete all imported Strava data, you can delete individual activities or your entire Reveal account from your account settings. Upon account deletion, all Strava-sourced data will be permanently removed from our systems within 30 days.

Compliance with Strava API Agreement

Reveal's use of Strava data complies with the Strava API Agreement and Strava's Terms of Service. We use your Strava data only to provide the features you have explicitly requested within Reveal, and we do not use this data for any other purpose without your explicit consent.

How We Use Your Information

We use the information we collect for various purposes, including:

  • To provide and maintain our service
  • To notify you about changes to our service
  • To allow you to participate in interactive features of our application
  • To provide customer support
  • To gather analysis or valuable information so that we can improve our service
  • To monitor the usage of our service
  • To detect, prevent and address technical issues

Data Storage and Security

We use commercially reasonable methods to secure your personal information. However, please be aware that no method of transmission over the internet or method of electronic storage is 100% secure.

Disclosure of Data

We may disclose your personal information in the following situations:

  • Legal Requirements: To comply with a legal obligation
  • Business Transfers: In connection with a merger, acquisition, or sale of assets
  • With Your Consent: With your explicit consent for other purposes

Your Data Protection Rights (GDPR Compliance)

Under the General Data Protection Regulation (GDPR), you have comprehensive rights regarding your personal data:

Right to Access (Article 15)

You have the right to access your personal information at any time through your account settings.

Right to Data Portability (Article 20)

You can export all your data in a machine-readable JSON format. This includes:

  • Profile information and account settings
  • All tracks, GPS data, and activity history
  • Photos, comments, and social interactions
  • Achievements and gamification data
  • Activity logs and audit trail

To export your data: Visit your account settings and click "Export My Data". You can request a data export once every 24 hours. The export will be available for immediate download.

Right to Erasure / "Right to be Forgotten" (Article 17)

You have the right to request permanent deletion of your account and all associated data. Our deletion process:

  • Grace Period: 30 days before permanent deletion
  • Email Confirmation: You will receive a confirmation email with a unique link
  • Cancellation: You can cancel the deletion request at any time during the grace period
  • Permanent Deletion: After 30 days, all data is irreversibly deleted from our systems

What gets deleted: Your profile, all tracks and GPS data, photos, comments, social connections, achievements, and all activity logs are permanently deleted. We comply with data retention requirements under GDPR and may retain minimal anonymized metrics solely for legal compliance purposes (e.g., aggregated usage statistics without any personally identifiable information). These anonymized statistics cannot be traced back to you and are retained under our legitimate interest to maintain service quality and security.

To delete your account: Visit your account settings and click "Delete My Account". Follow the confirmation process. You can request account deletion once every 24 hours.

Other Rights

  • Right to Rectification: Update inaccurate or incomplete information through your account settings
  • Right to Restrict Processing: Request limitations on how we process your data
  • Right to Object: Object to processing of your personal data for specific purposes
  • Right to Withdraw Consent: Withdraw consent for data processing at any time

Exercising Your Rights

To exercise any of these rights, you can:

  • Access your account settings for data export and account deletion
  • Contact us at privacy@revealapp.eu
  • Write to us at: OVVA, s.r.o., Staré Grunty 18, 841 04 Bratislava - Karlova Ves, Slovakia

Response Time: We will respond to your request within 30 days, as required by GDPR. For data exports through our automated system, the data is available immediately.

Children's Privacy

Our service is not intended for use by children under the age of 13. We do not knowingly collect personally identifiable information from children under 13.

Measuring Our Visitors

We measure visitors to our website using analytics tools. This records what pages you view within our site, how you arrived at our site, and some basic information about your computer. All of that information is anonymous – so we don't know who you are; just that somebody visited our site. The information we collect from analytics helps us understand what parts of our sites are doing well, how people arrive at our site, and so on. Like most websites, we use this information to make our website better.

You can learn more about Google Analyticsor opt out if you wish.

Social Networks

These services provide social buttons and similar features which we use on our website – such as the "Like" and "Tweet" buttons. To do so we embed code that they provide and we do not control ourselves. To function, their buttons generally know if you're logged in; for example, Facebook uses this to say "x of your friends like this". We do not have any access to that information, nor can we control how those networks use it. Social networks therefore could know that you're viewing this website if you use their services (that isn't to say they do, but their policies may change).

Email Communications

We may send you email notifications regarding your service (such as important account updates, security alerts) or which you have specifically requested (such as newsletters or notifications). You have the ability to opt out of any of this communication at any time from your account settings.

We will never provide your personal information or email address to any third parties except where they are specifically employed to help deliver our own services, as detailed above.

Payment Processing

We use payment providers to bill for our products online. These companies will have access to your personal and payment information. When paying by credit card, OVVA themselves do not ever have any access to your credit card details. We share information with these companies only to the extent necessary for the purposes of processing payments you make via our website.

Security Measures

OVVA takes many precautions to prevent the loss, misuse, or alteration of your personal information. These precautions include:

  • Use of SSL encryption for sensitive data
  • Hardware stored in secured datacenters behind firewalls
  • All access to information restricted by password and/or secure key
  • Restrictions to what information can be accessed via any location
  • Regular security audits and monitoring

Whilst we take great care to ensure any confidential information remains protected, we cannot guarantee the security of data sent over the Internet. Of course, you are responsible for keeping your password and user details confidential. Nobody at OVVA will ever ask you for your password, so please don't trust anybody asking you for it.

Changes to This Privacy Policy

We may update our Privacy Policy from time to time, particularly as technology changes. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "effective date". We may also notify you of changes to our privacy policy by email.

Contact Us

If you have any questions about this privacy policy or your personal data, please write to us:

Last updated: February 2, 2026