Skip to content
Back to app

Privacy Policy

Last updated: March 2026

1. Who We Are

Juliapp is operated by DBEK, a company registered in France at 75 rue de Lourmel, 75015 Paris, France. Juliapp provides a community-powered safety mapping and navigation platform (“the Service”). For questions about this policy, contact us at legal@juliapp.io.

2. Data We Collect

We collect only the data necessary to provide and improve the Service:

  • Account data: Email address, display name, authentication provider (Google, Apple, or email).
  • Location data: GPS coordinates when you use the map, create reports, trigger SOS alerts, or use trip navigation. Location is only accessed with your explicit permission.
  • User-generated content: Safety reports (pins), photos, chat messages, saved routes.
  • Device information: Push notification tokens, browser type, and language preference.
  • Verification data: If you choose identity verification, this is processed by our third-party provider Veriff. We store only the verification status (approved/declined), not your identity documents.
  • Payment data: If you subscribe to Juliapp Pro, payments are processed by Stripe. We store your Stripe customer ID and subscription status, but never your card details.

3. How We Use Your Data

  • To provide the Service: display safety reports, route navigation, SOS alerts, push notifications.
  • To improve safety: aggregate anonymised data to compute neighborhood safety scores and trend analysis.
  • To communicate with you: service emails, safety alerts, magic link sign-in.
  • To ensure security: detect abuse, enforce community guidelines, moderate content.

4. Julia AI & Voice Processing

Julia is Juliapp’s built-in AI safety assistant. We have designed Julia with a privacy-first architecture:

  • Hybrid architecture: Julia AI uses a hybrid approach — a local model runs directly on your device for maximum privacy. Your messages are processed on-device first, with no server round-trip required.
  • privacy.s4.items.1
  • Cloud fallback: When the local model cannot handle a request, Julia falls back to cloud processing via Claude by Anthropic. In this case, only the text of your message is sent — never audio data. Anthropic does not use your inputs to train their models.
  • Voice recognition: Speech-to-text processing runs on your device whenever possible, using your browser’s built-in capabilities. Audio is not sent to external servers for transcription.
  • privacy.s4.items.4
  • Conversation history: Julia conversation history is stored in your Juliapp account and can be deleted at any time from Settings → Julia → Clear History.

5. Legal Basis (GDPR Article 6)

  • Consent: Location access, push notifications, identity verification.
  • Contract: Account creation, service delivery, subscription management.
  • Legitimate interest: Security, abuse prevention, anonymised analytics.

6. Data Sharing

We do not sell your data. We share data only with:

  • Supabase (database & authentication) — EU-hosted infrastructure.
  • Mapbox (maps & geocoding) — processes coordinates for map display.
  • Veriff (identity verification) — only if you opt in to verification.
  • Stripe (payments) — only if you subscribe to Pro.
  • Vercel (hosting) — serves the application.
  • Anthropic (AI processing) — when Julia AI falls back to cloud processing, message text is sent to Anthropic’s Claude API. No audio data is transmitted. Anthropic does not use inputs for training.

All processors comply with GDPR or have adequate safeguards in place.

7. Data Retention

  • Account data: retained while your account is active, deleted within 30 days of account deletion.
  • Safety reports: retained indefinitely to maintain the community safety map. Reports are anonymised after 12 months.
  • Location history (Pro feature): retained for 90 days, then automatically deleted.
  • Chat messages: retained for 12 months.

8. Your Rights (GDPR Articles 15–22)

As an EU resident, you have the right to:

  • Access: Request a copy of your personal data.
  • Rectification: Correct inaccurate data.
  • Erasure: Delete your account and all associated data (Settings → Privacy → Delete Account).
  • Portability: Export your data in machine-readable format.
  • Restriction: Limit processing under certain conditions.
  • Object: Object to processing based on legitimate interest.
  • Withdraw consent: At any time, without affecting prior processing.

To exercise these rights, email legal@juliapp.io. We respond within 30 days.

9. Security

We use industry-standard security measures including encrypted connections (TLS 1.3), row-level security on our database, HMAC-signed webhooks, and secure authentication via Supabase Auth. All data is stored in EU data centres.

10. Children

Juliapp is not directed to children under 16. We do not knowingly collect data from children. If you believe a child has provided us data, contact us and we will delete it promptly.

11. Changes to This Policy

We may update this policy from time to time. Material changes will be notified via the app or email. Continued use after changes constitutes acceptance.

12. Contact & Supervisory Authority

Data controller: DBEK, 75 rue de Lourmel, 75015 Paris, France.
Email: legal@juliapp.io
You may also lodge a complaint with the French data protection authority: CNIL, 3 Place de Fontenoy, 75007 Paris (www.cnil.fr).

13. Mobile Applications

The Juliapp mobile applications (iOS and Android) request the following native permissions:

  • privacy.s13.items.0
  • Location (always): required for SOS alerts and real-time escort tracking
  • Contacts: import to your Fides trusted circle
  • Notifications: SOS, escort, and community alerts

Secure storage: authentication tokens are stored in the Keychain (iOS) and EncryptedSharedPreferences (Android), not in standard storage.

Push notifications: we use Firebase Cloud Messaging (Android) and Apple Push Notification service (iOS) to deliver alerts.

privacy.s13.p4