Privacy Policy

Last updated: 13/05/2026

1. Data Controller

The data controller of this application is:
Antonino Marco Sambataro, owner of Trinacria Barberia Siciliana.

Contact email: trinacriabarberiasiciliana@gmail.com

2. Scope of This Policy

This Privacy Policy applies to the application "Trinacria Barberia Siciliana", available on Android and iOS platforms.

The application is publicly accessible and can be downloaded by any user.

3. Information We Collect

We collect and process the following personal data provided directly by users:

- First name
- Last name
- Email address
- Phone number
- Password (stored in encrypted form and never in plain text)

Additionally, we collect limited technical data required for app functionality:

- Device push notification token
- Device type (Android or iOS)

4. Purpose of Data Collection

Collected data is used for:

- User authentication and account management
- Providing access to application features
- Managing bookings and user interactions
- Sending essential emails (account confirmation and password reset)
- Sending push notifications related to service updates or promotions
- Ensuring security and proper functioning of the application

5. Authentication System

The application uses email and password authentication only.

No third-party authentication providers (such as Google or Apple login) are used.

6. Email Communications

Email communications are handled via Gmail SMTP and are strictly limited to:

- Account registration confirmation
- Password reset requests

No marketing or promotional emails are sent via email.

7. Push Notifications

Push notifications are delivered using Firebase Cloud Messaging (FCM).

These notifications may include:
- Appointment confirmations or updates
- Service-related communications
- Promotional or informational messages

Users may disable notifications at the device level through system settings.

8. Third-Party Services

The application relies on the following third-party services:

- Supabase: used as backend database and authentication system
- Firebase: used for push notifications (FCM)

These providers may process data according to their respective privacy policies.

9. Data Storage and Security

All personal data is securely stored using industry-standard security measures.

Passwords are encrypted and are never stored in readable format.

Access to data is restricted through role-based access control and security policies (RLS).

10. Data Retention

Personal data is retained for as long as the user account remains active.

When a user deletes their account from the application:

- the account is deactivated (soft delete)
- data remains stored in a disabled state and is no longer accessible

A full permanent deletion of all data can be requested via email to the data controller.

11. User Roles and Access

The application includes different user roles (Administrator, Employee, User).

- Administrators can access and manage all user data and roles.
- Employees can access booking-related data only.
- Users can access only their own personal data and bookings.

12. Data Sharing

We do not sell or share personal data with third parties for commercial purposes.

Data is only shared with essential service providers (Supabase and Firebase) required for application functionality.

13. User Rights

Users may request:

- Access to their personal data
- Correction or update of their data
- Deletion of their account and personal data (via email request)

Requests must be sent to the contact email listed above.

14. Children's Privacy

The application is publicly available and does not implement age verification mechanisms.

While not specifically intended for children under 13 years of age, we do not knowingly target or intentionally collect data from children under 13.

15. Changes to This Policy

This Privacy Policy may be updated from time to time.

Users will be informed of significant changes within the application.

16. Contact

For any questions regarding this Privacy Policy:

Email: trinacriabarberiasiciliana@gmail.com