Privacy Policy

MirrorMap is run by Daniel Killdano. This policy explains what we collect, what we don’t, and what we do with it. We try to be straightforward.

The short version

We collect the minimum we need to charge you for a subscription and deliver routing to your watch. We don’t track your location, we don’t sell anything to advertisers, and we don’t share data except where we have to in order to provide the service.

What we collect

When you subscribe to MirrorMap Routes or MirrorMap Dash, we collect:

• Your email address — needed to deliver your access code and any service emails (renewal, cancellation, etc.).
• Payment information — handled directly by Stripe (Routes) or Google Play (Dash). We never see your card number; we only see whether payment succeeded.
• Subscription metadata — an internal customer ID and subscription ID from Stripe or Google Play, plus the status of your subscription.
• Your MirrorMap access code — the code we issued you, so we can validate it when your watch makes API requests.
• Per-day usage counts — the number of routing or geocoding API calls your code has made today, plus the timestamp of the most recent call. Used to enforce daily quotas and detect abuse. Reset to zero every night.

What we don’t collect

• Your location. Your GPS coordinates stay on your phone and watch. When you ask for a route, only the origin and destination of that route reach Google’s servers (through us), and we don’t store either one.
• Browsing or analytics data on this website. No Google Analytics, no Facebook pixel, no cookies for tracking. Just the request logs your browser makes for static pages.
• Anything from the free tier. If you’re using MirrorMap without a code, you don’t talk to our backend at all and we have no record of you.

Third parties we use

Providing MirrorMap involves a handful of vendors. They each see only the data they need to do their job.

• Stripe — handles payments for MirrorMap Routes. Subject to Stripe’s privacy policy.
• Google Play — handles payments and distribution for MirrorMap Dash on Android. Subject to Google’s privacy policy.
• Google Maps Platform — provides the routing and geocoding APIs your subscription pays to access. We forward route requests through our backend so your individual queries aren’t tied to your identity. Subject to Google’s privacy policy.
• Resend — delivers your code-delivery emails. Sees your email address. Subject to Resend’s privacy policy.
• Firebase / Google Cloud — hosts our backend and stores your access-code record. Subject to Google’s privacy policy.
• Cloudflare — handles DNS for mirrormap.app.

Cookies

This website doesn’t set any cookies. Stripe’s checkout pages do set cookies during your subscription flow; those are governed by Stripe’s policy.

How long we keep things

We keep your access-code record for as long as your subscription is active, plus a short period afterward for accounting and abuse detection. If you cancel and ask us to delete your data entirely, we will, subject to legal retention requirements.

Your rights

You can email us at hello@mirrormap.app at any time to:

• Get a copy of the data we have on you
• Correct something that’s wrong
• Delete your data (subject to legal retention requirements)
• Cancel your subscription

If you’re in the EU/UK, you have the rights laid out in the GDPR or UK GDPR. If you’re in California, you have the rights laid out in the CCPA/CPRA. We’ll honor them. We’re a small operation and easier to reach than the big platforms; just email us.

Children

MirrorMap isn’t directed at children under 13. We don’t knowingly collect anything from them. If we find out we have, we delete it.

Changes

If this policy changes materially, we’ll email anyone with an active subscription. The effective date at the top will always reflect the most recent version.

Contact

Questions? hello@mirrormap.app.

← Back to MirrorMap