Privacy Policy

This Privacy Policy explains how Muld ("we", "us", "our") collects, uses, and protects personal data when you use the Muld mobile app ("the app").

1. Data controller

Muld is an independent app operated from Denmark. For any privacy inquiry — including to identify the data controller — contact hello@muld.dev.

2. What data we collect

We collect only what is necessary to operate the app.

2.1 Account data

2.2 Location data

2.3 Find data

Each find you log stores:

This data — including the photos you attach — is stored locally on your device in SQLite. It is not uploaded to our servers. A find leaves your device only when you choose to send it out yourself — by submitting it to DIME (see 2.5) or exporting it as a file you share.

2.4 Protected zone data

The app displays protected archaeological zones (fortidsminder, kulturarvsarealer, beskyttede sten- og jorddiger) on the map using public data from SLKS (Slots- og Kulturstyrelsen) and the §3 nature register from Miljøportalen. Map data is fetched from these public services as you pan and zoom; no personal data or location is sent to them.

2.5 DIME submission (optional)

If you choose to submit a find to DIME (the Danish national metal-detecting register), the find data — coordinates, photos, description, finder identity — is sent to DIME's servers under their terms. This is opt-in per find; we do not submit automatically.

DIME is a non-commercial portal owned by Aarhus University (the data controller) and operated together with Moesgård Museum. By accepting DIME's terms during account creation, you agree to the following — these are DIME's terms, not ours, but you should know them before submitting:

See metaldetektorfund.dk for DIME's full terms and privacy policy.

2.6 What we do NOT collect

2.7 Launch-notify list (muld.dev website)

If you enter your email address in the "notify me at launch" form on muld.dev, we store only that email address (together with the date, which site language you used, and which country you connected from) for a single purpose: to send you one email when the Muld app becomes publicly available.

2.8 Crash and error diagnostics (Sentry)

To keep the app stable, we use Sentry to collect crash and error reports. When the app crashes, Sentry receives the error and technical state (device model, OS version, app version, and a random anonymous install identifier). Your precise GPS location, find locations, notes, and photos are removed from crash reports before they leave your device.

Because a crash report is sent over the internet, Sentry derives an approximate, city-level location from your IP address (your region or city — not your GPS position or find sites). This coarse IP-based inference is standard for any internet service, is used only to diagnose crashes, and is never linked to your finds or movements. Crash data is processed in Sentry's EU data region.

3. Why we collect this data (legal basis under GDPR)

DataPurposeLegal basis
Email + authAccount creation, sign-inContract (Art. 6(1)(b))
Email (launch-notify list)One launch notification (website waitlist)Consent (Art. 6(1)(a))
Location (foreground)Map centring, find geotaggingContract
Location (background, session)Session path recordingExplicit consent (you start the session)
Photos + find dataCore app functionalityContract
Subscription statusMuld+ feature accessContract
DIME submissionVoluntary national reportingExplicit consent (per submission)
Crash diagnosticsApp stability & debuggingLegitimate interest (Art. 6(1)(f))

4. Who we share data with (sub-processors)

We do not share data with advertisers, analytics providers, or data brokers. We do not sell your data.

5. International transfers

Supabase data is stored in EU regions, and Sentry crash data is stored in Sentry's EU region. RevenueCat — and any US access to Sentry data by Sentry Inc. — may process data in the US under Standard Contractual Clauses (SCCs) approved by the European Commission.

6. Retention

7. Your rights (GDPR)

You have the right to:

To exercise any of these rights, email hello@muld.dev. We respond within 30 days.

8. Security

9. Children

The app is not intended for users under 13. We do not knowingly collect data from children. If you believe a child has used the app, contact us and we will delete the data.

10. Changes to this policy

We may update this policy. The "Last updated" date at the top reflects the most recent change. Material changes will be announced in-app on the next launch after the change.

11. Contact

hello@muld.dev