Privacy Policy

Last updated: 6 June 2026

Storm Sniff is operated by Tim Smyk (ABN 15 610 526 678), Adelaide, South Australia.

Storm Sniff watches the sky for storms heading toward your home so you can settle your dog ahead of time. To do that we collect a small amount of personal data. This page explains exactly what, why, and what your rights are.

What we collect

Account information — your email address, password (hashed with bcrypt — we never see the plain text), display name, and the date you signed up.
Location data — the latitude and longitude of your home (or each home location, if you're on Pro). We need this to compute whether a storm or lightning strike is near you. We do not track your day-to-day location.
Country and time zone — used to time the nightly outlook email and the fireworks calendar correctly.
Dog profile data — names, breeds, weights, anxiety levels, photos, medication schedules, and behaviour-journal entries you log.
Notification channel data — phone number for SMS and push subscription tokens (browser-issued), only if you enable those channels.
Usage data — the alerts we sent you and when, and basic request logs (IP address, browser type) retained only long enough to investigate abuse or downtime.

How we use it

To deliver the service you signed up for — alerts, the dashboard, the nightly outlook email.
To send transactional emails (verification, password reset, billing receipts).
To improve the product — debugging, fixing bugs, understanding which alert types fire most often.
To meet legal obligations — tax records, responding to lawful requests.

What we don't do

We don't sell, rent, or trade your data.
We don't share your home location or your dog's information with third parties for advertising.
We don't track your day-to-day movements.
We don't run third-party advertising trackers on the site.

Who we share data with (sub-processors)

We use a small number of services to run the product. Each only sees what they need to do their job:

Stripe — payment processing for Pro subscriptions
Twilio — SMS delivery (Pro only)
Google (Gmail) — transactional email delivery
No third party for analytics — our site analytics are first-party and cookie-free. We count visits and approximate location (country/region, derived from IP and not stored raw) ourselves; no third-party tracker is involved.

Your rights

Australian Privacy Act 1988

Storm Sniff complies with the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). You have the right to:

Access the personal information we hold about you.
Correct information that is inaccurate, out of date, incomplete, or misleading.
Make a complaint if you believe we have breached the APPs (see below).

GDPR / UK GDPR / CCPA

If you are located in the European Economic Area, United Kingdom, or California, you also have the right to:

Delete — close your account and have your data removed. You can do this yourself from Settings → Delete account, or email us.
Export — receive your behaviour journal and alert history in a machine-readable format.
Object — to specific processing activities.
Withdraw consent — at any time, including disabling any notification channel.
Portability — receive your data in a structured, commonly used format.

To exercise any of these rights, email stormsniffapp@gmail.com. We respond within 30 days (often much sooner).

Complaints

If you believe we have handled your personal information in a way that breaches the Australian Privacy Principles, you may contact us first at stormsniffapp@gmail.com. If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.

Data retention

Account data — kept for as long as your account is active. Deleted within 30 days of account closure.
Behaviour journal and alert history — kept while your account is active.
Billing records — retained 7 years for tax purposes.
Server logs — rotated after 30 days.

International transfers

Our servers are located in Germany. If you are outside the EU, your data is transferred to the EU under Standard Contractual Clauses where applicable. As an Australian operator, we take reasonable steps to ensure overseas recipients handle your data in a manner consistent with the Australian Privacy Principles.

Security

Passwords are hashed with bcrypt. The site is served over HTTPS. We take regular backups of the database. We take security seriously and apply reasonable measures to protect your data, but no system is completely immune to risk.

Children

Storm Sniff is not directed at children. We do not knowingly collect personal information from anyone under 16. If you believe we have done so, contact us and we will delete it promptly.

Changes to this policy

If we make material changes, we will email account holders at least 30 days before they take effect. The "last updated" date at the top of this page will always reflect the current version.

Contact

Storm Sniff — operated by Tim Smyk (ABN 15 610 526 678)
Adelaide, South Australia, Australia
Email: stormsniffapp@gmail.com