Privacy Policy – SafePing

Provider: FrontByte GmbH, Säntisstrasse 20, 9400 Rorschach, Switzerland UID: CHE-143.381.343 Last updated: 23 June 2026


🔒 Our Privacy Promise

We do not sell your data. SafePing never shares, rents, or sells your personal data to third parties for advertising purposes.

Data minimisation as a principle. We only store your last 3 locations – no movement profile, no history. What we don't need, we don't collect.

Your data stays in Europe. Servers are located in Germany. Transfers to third countries (USA) take place exclusively for indispensable platform functions (Apple, Google, RevenueCat) – never for advertising.

You stay in control. You can fully delete your account at any time within the app. All data is then irrevocably removed.


1. Controller and Contact

(1) The controller responsible for processing your personal data within the meaning of the Swiss Federal Act on Data Protection (FADP) and the General Data Protection Regulation (GDPR) is:

FrontByte GmbH
Säntisstrasse 20
9400 Rorschach Switzerland
UID: CHE-143.381.343

Commercial Register Office of the Canton of St. Gallen
Represented by: Almir Hodzic

(2) Privacy contact:

Email: privacy@safeping.net
General support: support@safeping.net
Legal matters: legal@safeping.net

(3) FrontByte has not currently appointed a Data Protection Officer, as the legal requirements for this (Art. 37 GDPR or Art. 10 FADP) are not met. Please direct privacy enquiries to the addresses listed in paragraph 2.


2. Scope and Applicable Law

(1) This Privacy Policy applies to the use of the mobile application "SafePing" (iOS, Android), the website safeping.net, and all associated services (collectively the "Service").

(2) The processing of your data takes place in compliance with the relevant laws, in particular:

a) FADP – Swiss Federal Act on Data Protection (for users residing in Switzerland and for FrontByte GmbH as the Swiss controller); b) GDPR – General Data Protection Regulation of the European Union (for users residing in the EU); c) ePrivacy Directive / national implementations – for cookies and electronic communication; d) supplementary national data protection laws (DSG, BDSG, DSG-A etc.).

(3) In the event of conflicts between the regulations, the stricter provision applicable to you shall prevail.


3. Data We Process

3.1 Account data

When you register in the SafePing app, we collect:

  • Name (freely chosen)
  • Phone number (verified via SMS OTP; also serves as the account identifier)
  • Email address (verified via email OTP)
  • Device token (technical identifier of your device for push notifications, including receipt of silent safety signals such as an on-demand location request in an emergency – see 11.1)
  • Language and region (for localised emergency numbers)

3.2 Location and heartbeat data (only with "SafePing Pro")

During an active "SafePing Pro" subscription, we process:

  • GPS coordinates, transmitted every 28 minutes as a heartbeat
  • Timestamp of transmission
  • Accuracy data of the GPS signal

Important: We permanently store only the last three (3) positions. Older data is automatically and irrevocably deleted. No movement profile or location history is created.

3.3 Emergency contact data (only with "SafePing Pro")

When you set up emergency contacts, we process:

  • Name of the emergency contact (freely chosen by you)
  • Phone number of the emergency contact
  • Confirmation status (whether the contact has confirmed the double opt-in via the confirmation link sent to them)
  • Delivery channel of the confirmation request (in-app notification or SMS — for internal traceability, not publicly visible)
  • Time of confirmation

3.4 Configuration and usage data

To provide the Service, we collect:

  • SafePing settings (selected alarm threshold, home mode configuration)
  • Subscription status (Free or Pro, term, trial status)
  • App version and build number
  • Operating system version (iOS/Android)

3.5 Device and diagnostic data

For security and stability reasons, we collect:

  • Device model (e.g. iPhone 15)
  • Anonymous crash reports and error logs
  • Battery status (for checking pre-alarm conditions)
  • Push permission status

3.6 Payment data

Payment processing takes place exclusively via the Apple App Store or Google Play Store. From these stores, FrontByte receives only:

  • Anonymised subscription status information (via RevenueCat)
  • Billing period and tariff

We do not receive credit card, bank, or address data. This remains with Apple/Google.

3.7 Support and communication data

When you contact us, we process:

  • Content of your messages (email, in-app support)
  • Contact details for our reply
  • Account identifiers (to assign your enquiry)

3.8 Newsletter and marketing data

If you sign up for our newsletter or marketing push notifications:

  • Email address (for newsletter)
  • Push token and marketing consent (for marketing push notifications)
  • Timestamp of consent (double opt-in confirmation)
  • Open and click statistics (anonymised, for newsletter optimisation)

3.9 Website usage data (safeping.net)

When you visit our website, we collect web analytics data – with active consent – (see § 14 Cookies and Tracking).


4. Purposes and Legal Bases of Processing

Every data processing operation only takes place if there is a valid legal basis. The following table shows the respective legal basis for each purpose:

4.1 Provision of the Service (mandatory processing)

Purpose Data category Legal basis
Account management, authentication Account data (3.1) Art. 6(1)(b) GDPR (performance of contract)
Heartbeat monitoring (Pro) Location data (3.2) Art. 6(1)(b) GDPR (performance of contract)
Alerting emergency contacts Emergency contact data (3.3), location data (3.2) Art. 6(1)(b) GDPR (performance of contract) + Art. 6(1)(d) GDPR (vital interests)
Push notifications (pre-alarm, service notices) Device token (3.1) Art. 6(1)(b) GDPR (performance of contract)
Subscription verification Payment data (3.6) Art. 6(1)(b) GDPR (performance of contract)
Support handling Support data (3.7) Art. 6(1)(b) GDPR (performance of contract)

4.2 Legitimate interests

Purpose Data category Legal basis
App stability, crash analysis Device and diagnostic data (3.5) Art. 6(1)(f) GDPR (legitimate interest in a stable service)
Security against abuse (e.g. false alarms) Account and usage data Art. 6(1)(f) GDPR (legitimate interest in abuse prevention)
Version checks (mandatory updates) App version, device info Art. 6(1)(f) GDPR (legitimate interest in security)

4.3 Consent-based processing

Purpose Data category Legal basis
Newsletter dispatch Email address (3.8) Art. 6(1)(a) GDPR (consent)
Marketing push notifications Push token (3.8) Art. 6(1)(a) GDPR (consent)
Web analytics (Google Analytics) Cookie data (3.9) Art. 6(1)(a) GDPR (consent) in conjunction with § 25(1) TTDSG / Art. 45c FMG

You can withdraw a granted consent at any time with effect for the future (see § 10).

4.4 Legal obligations

Purpose Legal basis
Retention of business records Art. 6(1)(c) GDPR (legal obligation) in conjunction with Art. 957 et seq. CO
Disclosure to authorities upon legally valid order Art. 6(1)(c) GDPR

5. Data Sharing and Recipients

5.1 User's emergency contacts

In the event of an alarm (pre-alarm period expired or manual SOS), we transmit to the emergency contacts you have set up:

  • An SMS with your first name
  • A link to a protected detail page with your last known location
  • A PIN for accessing this page

The recipients are exclusively the persons you have voluntarily set up and who have been confirmed via double opt-in through the confirmation link sent to them. Delivery of the confirmation request takes place – where technically possible – as an in-app notification to the emergency contact themselves, otherwise as an SMS via our processor seven.io (see 5.2). The alert SMS in an emergency is likewise dispatched via seven.io.

5.2 Processors

We use carefully selected processors with whom data processing agreements pursuant to Art. 28 GDPR are in place:

Hetzner Online GmbH

  • Registered office: Industriestr. 25, 91710 Gunzenhausen, Germany
  • Purpose: Server hosting of the backend infrastructure (database, API, web services)
  • Data categories: all data processed on the server side
  • Processing location: Germany (EU)

RevenueCat, Inc.

  • Registered office: 153 Townsend Street, Suite 200, San Francisco, CA 94107, USA
  • Purpose: Server-side verification of subscription status, subscription management
  • Data categories: anonymised customer identifier (= device token), subscription data
  • Processing location: USA (third country, see § 7)

seven communications GmbH & Co. KG (seven.io)

  • Registered office: Willestr. 4-6, 24103 Kiel, Germany
  • Purpose: SMS dispatch for OTP codes, emergency-contact confirmation links (SMS fallback if the in-app notification is not possible), alert, and all-clear SMS
  • Data categories: Phone numbers (users and emergency contacts), SMS content
  • Processing location: Germany (EU)

Apple Inc.

  • Registered office: One Apple Park Way, Cupertino, CA 95014, USA
  • Purpose: Distribution via Apple App Store, payment processing, push notifications via APNs
  • Data categories: Device token, anonymous purchase data, push content
  • Processing location: USA and EU data centres (third country, see § 7)

Google LLC

  • Registered office: 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
  • Purpose: Distribution via Google Play Store, payment processing, push notifications via FCM, web analytics (Google Analytics)
  • Data categories: Device token, anonymous purchase data, push content, cookie data (with consent)
  • Processing location: USA and EU data centres (third country, see § 7)

5.3 Authorities and law enforcement

We are obliged to disclose personal data to competent authorities (in particular law enforcement authorities, courts, supervisory authorities) where there is a legal obligation or a legally valid order – for example in criminal investigations, missing person reports, or accident investigations.

In acute emergencies with immediate danger to life, FrontByte may also be entitled to disclose the last known location data to rescue authorities (Art. 6(1)(d) GDPR – protection of vital interests).

There is expressly no obligation to proactively inform authorities (cf. § 12 of our Terms of Service).

We will inform you of any data disclosures retroactively, insofar as this is legally permitted.

5.4 We do not sell your data

FrontByte never sells, rents, or trades your personal data to third parties for advertising or marketing purposes. Data is shared exclusively for the performance of the contract, within the scope of the purposes stated above, and only with the recipients listed.


6. Transfer to Third Countries (especially USA)

Some of our processors (RevenueCat, Apple, Google) are headquartered in the USA. These transfers take place under appropriate safeguards:

  • EU-US Data Privacy Framework: Apple and Google are certified under the current EU-US Data Privacy Framework (adequacy decision of the EU Commission of 10 July 2023), where applicable.
  • Standard Contractual Clauses: With all US processors not (or not fully) covered by the DPF, we have concluded EU Standard Contractual Clauses (SCCs) pursuant to Implementing Decision (EU) 2021/914.
  • Additional technical measures: Data minimisation, encryption in transit and at rest, anonymised identifiers.

Transfers take place exclusively for the purposes stated in § 5. Your data is not used for advertising in third countries.

You are aware and acknowledge that in third countries (especially the USA) a level of data protection may exist that does not fully correspond to the European level. In particular, authorities in the USA may, under certain conditions, request access to data.


7. Retention Periods

We only store your data for as long as is necessary for the respective purposes or required by law:

Data category Retention period
Account data (name, phone number, email) until account deletion; immediate deletion thereafter
Location data (pings) only the last 3 positions; older data is automatically and immediately deleted
Emergency contact data until removal by the user or until account deletion
Confirmation status of emergency contacts remains permanently after confirmation, as long as the contact is not removed
Confirmation token & delivery log maximum 30 days after expiry or confirmation, then automatic deletion
Subscription data up to 90 days after account deletion (for any refund requests, billing obligations)
Crash and diagnostic data maximum 30 days
Support communication up to 24 months after last contact (for handling recurring enquiries)
Newsletter signup data until withdrawal of consent; proof of withdrawal is stored for 3 years for evidence purposes
Web analytics data (Google Analytics) maximum 14 months (default setting)
Authority disclosure logs in accordance with statutory retention obligations (generally 10 years pursuant to Art. 958f CO)
Business records and receipts 10 years pursuant to Art. 958f CO

Upon account deletion, personal data is immediately and irrevocably removed – with the exception of data for which legal retention obligations exist (e.g. accounting records).


8. Data Security

We implement appropriate technical and organisational measures ("TOMs") to protect your data:

  • Encryption in transit: TLS 1.3 for all data transmissions
  • Encryption at rest: Database encryption at storage level (Hetzner servers)
  • Access controls: role-based permissions, multi-factor authentication for administrative access
  • Data minimisation: only the data necessary for the Service is collected
  • Pseudonymisation: device tokens instead of personal identifiers in third-party systems (e.g. RevenueCat)
  • Regular backups: encrypted backups, stored exclusively in the EU
  • Security updates: timely deployment of security patches on backend systems
  • Logging and monitoring: detection of unauthorised access or unusual activity

In the event of a data breach with a likely high risk to your rights, we will inform you in accordance with Art. 34 GDPR and notify the supervisory authority in accordance with Art. 33 GDPR.


9. Your Rights

Under GDPR and FADP, you have extensive rights:

9.1 Right of access (Art. 15 GDPR / Art. 25 FADP)

You can request information at any time about which personal data we process about you.

9.2 Right to rectification (Art. 16 GDPR)

You can request the correction of inaccurate or the completion of incomplete data.

9.3 Right to erasure (Art. 17 GDPR – "Right to be forgotten")

You can request the deletion of your data. You can also do this directly in the app (Settings → Account → Delete account).

9.4 Right to restriction of processing (Art. 18 GDPR)

You can request that your data be temporarily "frozen" – for example, in the event of a dispute over the lawfulness of processing.

9.5 Right to data portability (Art. 20 GDPR)

You can receive the data concerning you in a structured, common, machine-readable format (e.g. JSON) and have it transferred to another provider.

9.6 Right to object (Art. 21 GDPR)

You can object to the processing of your data insofar as it is based on legitimate interests (Art. 6(1)(f) GDPR). You can object to processing for direct marketing at any time without giving reasons.

9.7 Withdrawal of consent (Art. 7(3) GDPR)

You can withdraw consent granted (e.g. for newsletter, marketing push, cookies) at any time with effect for the future. The lawfulness of processing carried out up to the withdrawal remains unaffected.

9.8 Right to lodge a complaint with the supervisory authority (Art. 77 GDPR / Art. 49 FADP)

You can lodge a complaint with the competent data protection supervisory authority:

  • Switzerland: Federal Data Protection and Information Commissioner (FDPIC), Feldeggweg 1, 3003 Bern, www.edoeb.admin.ch
  • Germany: Data protection authority of the respective federal state (overview: www.bfdi.bund.de)
  • Austria: Austrian Data Protection Authority, Barichgasse 40-42, 1030 Vienna, www.dsb.gv.at
  • Other EU countries: respective national supervisory authority

9.9 Exercising your rights

Send requests to exercise your rights to: privacy@safeping.net

We process requests immediately, no later than within one month. For identity verification, we may ask you to verify yourself via the phone number stored in your account.

Exercising your rights is free of charge for you. In the case of manifestly unfounded or excessive requests, we may charge a reasonable fee or refuse to process the request (Art. 12(5) GDPR).


10. Self-Service in the App

You can exercise many privacy rights directly in the app – without contacting support:

Action Where in the app
View and change account data Settings → Profile
Manage emergency contacts (Pro only) Settings → Emergency contacts
Control push notifications Settings → Notifications
Withdraw marketing consent Settings → Privacy
Fully delete account Settings → Account → Delete account
Request data export Settings → Privacy → Data export

11. Marketing Communication and Newsletter

11.1 Service and transactional messages

We send you certain emails and push notifications that are strictly necessary for the operation of the Service:

  • Account verification OTPs
  • Security-relevant notices (e.g. pre-alarm, unusual login attempts)
  • Silent emergency signals to your device (e.g. an on-demand request for your current location in an emergency) – even if you have disabled visible notifications; you won't see anything, it is part of the safety function
  • Subscription and billing information
  • Replies to support enquiries
  • Important changes to the Service or the Terms

You cannot unsubscribe from these messages while your account is active – they are part of contract performance.

11.2 Newsletter and marketing push (optional)

With your express consent, we send you:

  • Newsletter with product news, travel safety tips, security updates
  • Marketing push notifications with app news, special offers

Sign-up takes place via a double opt-in procedure: After signing up, you receive a confirmation email or push that you must actively confirm.

11.3 Withdrawal of consent

You can at any time:

  • Unsubscribe from the newsletter via the unsubscribe link in every email or by mail to privacy@safeping.net
  • Disable marketing push in the app settings or in the OS notification settings

The withdrawal applies for the future and does not affect the dispatch of service messages pursuant to 11.1.

11.4 Performance measurement

To optimise our newsletter, we measure open and click rates at an aggregated level. This evaluation is anonymised and does not profile individual recipients.


12. Privacy of Minors

(1) SafePing does not define a technical minimum age for installing and using the app – the safety function can in principle benefit persons of any age.

(2) For the processing of personal data of children under 16, the express consent of the legal guardian is required pursuant to Art. 8 GDPR. By registering by or for a child under 16, the legal guardian confirms that they consent to this data processing.

(3) Parents and legal guardians have the right to:

  • view the data stored about their child
  • request the correction or deletion of this data
  • prohibit further data processing

Please address such requests to privacy@safeping.net, accompanied by suitable proof of identity (e.g. copy of an official ID with non-relevant data redacted).

(4) Paid subscriptions are concluded exclusively via the Apple App Store or Google Play Store; the requirements applicable there for purchases by minors (Apple Family Sharing, Google Family Link) apply additionally and are outside our sphere of influence.

(5) If we become aware that an account has been created without the required parental consent, we will block or delete it immediately.


13. Privacy of Emergency Contacts

Emergency contacts are third parties whose data we process on the basis of your registration. Special rules apply here:

(1) Responsibility for consent: Before registering a person as an emergency contact, you are obliged to obtain their consent. By registering them, you assure that this consent has been obtained.

(2) Double opt-in: After initial registration, the emergency contact receives a confirmation request with a personal confirmation link. Delivery takes place – if the contact is themselves a SafePing user with push notifications enabled – as an in-app notification with push; otherwise as an SMS from the service number +41 75 573 22 66 or sender ID «SAFEPING». Via the confirmation link, the contact is taken to a protected web page (consent.safeping.net) showing the name of the inviting user, the consequences of confirmation, and the option to decline. The contact is only activated as valid after active confirmation on this web page. The confirmation link expires after seven (7) days.

(3) Scope of processing: For emergency contacts, we process the phone number and the name you have assigned. For the confirmation procedure, we additionally generate a pseudonymous confirmation token and a delivery log (channel, timestamp, status); these are stored pursuant to § 6 of this Policy. In the event of an alarm, the contact receives an SMS with your first name, a link to the location detail page, and a PIN.

(4) Rights of emergency contacts: Emergency contacts have all rights pursuant to § 9 of this Privacy Policy. They can contact privacy@safeping.net at any time to:

  • have their data deleted
  • object to processing
  • withdraw their consent

In such cases, we remove the contact directly and permanently from the system, without you as a user having to do this.

(5) Legal basis: Processing takes place on the basis of Art. 6(1)(b) GDPR (performance of contract with the user) and Art. 6(1)(a) GDPR (consent of the emergency contact).


14. Cookies and Tracking on the Website

14.1 What cookies are

Cookies are small text files stored on your device when you visit a website. They make it possible to recognise you across multiple visits or to provide certain functions.

14.2 Technically necessary cookies

These cookies are required for the proper operation of the website (e.g. for storing your cookie consent, language selection, CSRF protection). They are set without consent on the basis of Art. 6(1)(f) GDPR or § 25(2)(2) TTDSG.

14.3 Google Analytics (consent required)

On safeping.net we use Google Analytics 4 from Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, to analyse and improve the use of our website.

Data collected:

  • Anonymised IP address (IP anonymisation activated)
  • Device and browser information
  • Time spent and page views
  • Source of access (referrer)
  • Anonymous cookie identifier

Purpose: Creation of anonymised usage statistics for optimising the website.

Legal basis: Art. 6(1)(a) GDPR (consent) in conjunction with § 25(1) TTDSG or Art. 45c FMG.

Third country transfer: Data is transmitted to Google servers in the USA. Google is certified under the EU-US Data Privacy Framework.

Storage period: maximum 14 months.

14.4 Consent via cookie banner

When you first visit our website, a cookie banner is displayed. You have the choice:

  • Accept all – technically necessary cookies + Google Analytics are set
  • Only necessary – only technically necessary cookies are set
  • Customise selection – you can decide individually

You can withdraw your consent at any time via the cookie settings at the bottom of the page. The withdrawal applies for the future.

14.5 Prevention via browser settings

You can generally block cookies via your browser settings or delete them individually. Please note that individual functions of the website may then no longer be available.

14.6 No cookies in the app

The SafePing mobile app itself does not set any cookies. App tracking takes place exclusively via the mechanisms mentioned in this declaration (e.g. device token).


15. Changes to This Privacy Policy

(1) We reserve the right to adapt this Privacy Policy as needed, in particular in the case of:

  • legal changes
  • introduction of new functions or third-party providers
  • editorial corrections or clarifications

(2) We will inform you of material changes with effects on your rights in good time in an appropriate form – by email to the address on file, by in-app notification, or push message. For changes that require your consent, we will actively obtain it.

(3) Minor editorial changes are published in the current version at safeping.net/en/privacy without separate notification.

(4) The current version of this Privacy Policy is available at: safeping.net/en/privacy

(5) Earlier versions are made available on request from FrontByte support at privacy@safeping.net.


16. Contact and Supervisory Authorities

16.1 Privacy contact at FrontByte

For all matters concerning data protection – information, correction, deletion, complaints – we are happy to help:

FrontByte GmbH – Privacy
Säntisstrasse 20
9400 Rorschach, Switzerland
Email: privacy@safeping.net

We generally respond within 30 days.

16.2 Supervisory authorities

If you are not satisfied with our handling of your concern, you can contact the competent data protection supervisory authority:

Switzerland:

Federal Data Protection and Information Commissioner (FDPIC)
Feldeggweg 1, 3003 Bern
www.edoeb.admin.ch

Germany: Federal Commissioner for Data Protection and Freedom of Information (BfDI), www.bfdi.bund.de – as well as the competent state data protection authority.

Austria:

Austrian Data Protection Authority
Barichgasse 40-42, 1030 Vienna
www.dsb.gv.at

Other EU countries: The competent national data protection authority – an overview can be found at edpb.europa.eu.


FrontByte GmbH Säntisstrasse 20, 9400 Rorschach, Switzerland UID: CHE-143.381.343

Contact:

Last updated: 11 May 2026