PINC
Privacy Policy
Last updated: May 2026
PINC ("the App") is a community-driven application that maps café Wi-Fi speeds in real time. This Privacy Policy ("Policy") explains what information PINC's developer ("we") collects from users ("you") and how we use it.
By installing or using the App, you agree to this Policy. If you do not agree, please do not use the App.
1. Information We Collect
1.1 Wi-Fi Speed Data
When you tap the scan button, we collect:
- Download and upload speed (Mbps)
- Round-trip time (RTT) and jitter (ms)
- Connection type (Wi-Fi / VPN)
- Timestamp of measurement
This data is stored anonymously and tied to a location — never to an individual user.
1.2 Wi-Fi Credentials
Only when you voluntarily choose to share Wi-Fi information, we collect:
- SSID (network name)
- Password
This information is encrypted with AES-GCM before transmission and is never stored in plaintext. Sharing Wi-Fi credentials is entirely optional and not required to use the scan feature.
1.3 Approximate Location
We request access to your device's location to identify nearby cafés. However:
- Precise GPS coordinates are never sent to our servers
- Only an approximate location is used to identify the café
- Location is not tracked in the background
1.4 Amenity Information
We collect the following information that you voluntarily enter:
- Crowding level
- Power outlets and seating availability
- Opening hours
- Smoking area and outdoor seating
- Payment methods accepted
2. Information We Do Not Collect
PINC never collects:
- Account information (name, email, phone number, address)
- Device UUID or advertising identifiers (IDFA)
- MAC addresses or BSSIDs
- Browsing history, app usage, or behavioral data
- Other installed apps
- Access to microphone, camera, contacts, or photos
- Credit card or payment information
PINC does not require account registration.
3. How We Use Information
Collected information is used solely to:
- Share Wi-Fi speed data anonymously with the community
- Display Wi-Fi quality on a map for nearby cafés
- Maintain and improve service quality
- Prevent abuse
PINC does not use collected information for advertising.
4. Data Storage
| Data type | Storage location | Retention |
|---|---|---|
| Wi-Fi speed data | PostgreSQL database (Tokyo) | While service is active |
| Wi-Fi credentials | Same (AES-GCM encrypted) | Until user deletes |
| Amenity information | Same | While service is active |
| Location cache | On-device only | Cleared on app exit |
| Private Wi-Fi settings | On-device only | Until user deletes |
5. Third-Party Sharing
PINC does not share your information with third parties for advertising, analytics, or marketing.
Infrastructure services used by PINC:
Cloudflare
Purpose: Wi-Fi speed measurement and API request handling
Privacy policy: cloudflare.com/privacypolicy
Supabase (PostgreSQL)
Purpose: Storage of speed data and credentials
Privacy policy: supabase.com/privacy
These services act solely as PINC's infrastructure and do not use your data for marketing.
Cloudflare and Supabase are trademarks of their respective owners.
6. Important Notes on Sharing Wi-Fi Credentials
By sharing Wi-Fi credentials, you confirm that:
- You own the Wi-Fi network or have permission from the owner to share it
- You will not share others' Wi-Fi without authorization
- Shared credentials may be used by other community members
PINC does not guarantee the accuracy or legality of shared credentials. All responsibility for sharing lies with the user.
7. Data Deletion
From the Settings screen you can at any time:
- Delete saved Wi-Fi connections
- Delete your private Wi-Fi block list
To delete speed data stored on our servers, please contact us via the Feedback field in Settings.
8. Security
PINC implements the following security measures:
- All communications encrypted via HTTPS/TLS
- Wi-Fi credentials encrypted with AES-GCM
- Bearer token authentication for API access
- Rate limiting to prevent unauthorized access
No security measure is perfect. PINC accepts no liability for security breaches.
9. Children
PINC is not directed at children under 13. We do not knowingly collect information from children under 13. If we become aware that we have done so, we will delete it promptly.
10. GDPR (EEA Residents)
If you reside in the European Economic Area (EEA), you have the following rights under the GDPR:
- Access: Request a copy of your stored data
- Rectification: Request correction of inaccurate data
- Erasure: Request deletion of your data ("right to be forgotten")
- Restriction: Request restriction of processing
- Portability: Receive your data in a portable format
- Objection: Object to processing of your data
To exercise these rights, contact us via the Feedback field in Settings.
Legal basis for processing:
- User consent (location access)
- Legitimate interests (service improvement and abuse prevention)
International transfers:
Data is stored in Japan (Tokyo region). Where transfers outside the EEA occur, appropriate safeguards are applied.
11. Japan's Personal Information Protection Act
PINC complies with Japan's Act on the Protection of Personal Information (APPI). For inquiries regarding the handling of personal information, please contact us via the Feedback field in Settings.
12. Changes to This Policy
This Policy may be updated without prior notice. For material changes, we will notify you within the app. Continued use of the App after changes constitutes acceptance of the revised Policy.
13. Contact
For privacy-related inquiries, please contact us via Settings → Support & Legal → Feedback.
PINC — Privacy by design.