Privacy Policy — MyTPS Version 1.0 — Last updated: November 09, 2025 Publisher: TPSOnline Contact: mytps@tpsonline.info 1) WHO WE ARE MyTPS is an app published by TPSOnline (“we”). This policy explains how MyTPS collects, uses, and shares information about users and devices, and the choices available to you. 2) SCOPE This policy applies to the MyTPS mobile app and related backend services operated by TPSOnline. 3) DATA WE PROCESS • Account & profile: first/last name, email, roles and permissions, organization parameters (e.g., congregation, training status, service type), internal identifiers. • User‑submitted content: availabilities, absences, invitations and responses, monthly reports (hours, courses, remarks), incidents, workshops, location instructions, circuit positions (lat/lng) and related photos (admin). • Technical identifiers & logs: IP address, user‑agent, timestamps, derived device identifiers, push token (Firebase Cloud Messaging), error logs. • Files & local storage: encrypted/isolated caches for offline use. • Location: MyTPS does not require continuous device location. Maps show administrative positions recorded by an administrator. If an optional location feature is enabled, we request explicit consent and limit use to that feature. 4) PURPOSES OF USE • Provide core app features (invitations, planning, workshops, reports, maps). • Send service‑related notifications (e.g., invitation, reminder, schedule change). • Security, fraud/abuse prevention, diagnostics (logging, anomaly detection). • Support and assistance. • Non‑targeted, aggregated statistics to improve the service. We do not sell personal data. The app contains no third‑party advertising and no cross‑app tracking. 5) LEGAL BASES (GDPR) • Performance of a contract: account management and expected features. • Legitimate interests: security, fraud/abuse prevention, and service improvement. • Consent: notifications and any optional feature (e.g., location; camera/photos). 6) SHARING & RECIPIENTS We do not sell your data and do not display third‑party ads. We use service providers that act as processors under contract and documented instructions: • Google Firebase Cloud Messaging (EU/US): push notification delivery (device token, event related to the notification). • Mapbox (EU/US): map tiles and mapping services. • Hosting & email (EU): operational email and backend hosting. • File storage (EU): export/sharing of documents (e.g., Nextcloud). International data transfers outside the EEA may occur; where applicable, we rely on EU Standard Contractual Clauses or an equivalent mechanism. 7) RETENTION • Account and user‑submitted content: for the life of the account, then deletion or anonymization within 2 weeks. • Technical logs: up to 2 weeks. • Push tokens: until revoked by the user or upon app reinstallation. 8) SECURITY Encryption in transit (TLS), role‑based access controls, logging and monitoring, encrypted backups, and periodic reviews of administrative access. No advertising SDKs. 9) YOUR CHOICES & RIGHTS Under the GDPR you may request access, rectification, erasure, restriction, portability, and object to processing. You may withdraw consent at any time when processing is based on consent. To exercise your rights, email mytps@tpsonline.info. You may lodge a complaint with the CNIL. 10) CHILDREN MyTPS is not intended for children under 13. If you believe a minor provided data without authorization, contact us for deletion. 11) APP PERMISSIONS (SUMMARY) • Notifications: receive service‑related alerts (consent). • Camera / Photos: attach a photo to a circuit position (admin feature, optional). • Storage: offline local cache (no collection of personal files). • Location: not required by default. • SMS / Call log: not used. 12) ACCOUNT DELETION If your account was provisioned by your organization, deletion may need to be requested through your organization’s administrator. Otherwise, contact mytps@tpsonline.info to request deletion. Identity verification may be required. Deletion may be restricted by legal or legitimate retention obligations (e.g., security logs, backup integrity). 13) CHANGES TO THIS POLICY We may update this policy. The “Last updated” date reflects the latest change. Material changes will be communicated in the app. 14) CONTACT Email: mytps@tpsonline.info Publisher: TPSOnline