MISDCON

Overview

MISDCON is a location-based note-leaving app built on a privacy-first architecture. Your location data never leaves your device. We do not collect, store, or transmit your GPS coordinates to any server.

What data stays on your device

GPS coordinates — Your precise location is processed entirely on your device using local SQLite storage. Coordinates are never sent to our servers or any third party.
Route history — Your movement trail is stored locally and automatically deleted based on your chosen retention period (default: 7 days). You control this setting.
Profile information — Your display name, age range, gender, and social links are stored locally on your device only.

What data leaves your device

Zone keys — When you drop a note, a coarse geographic zone key (approximately 1km grid) and the note text are sent to our server (Cloudflare Workers). This zone key cannot be reverse-engineered to determine your precise location.
Anonymous device identifier — A SHA-256 hash of your device's unique ID is used to associate notes with your device. This hash cannot be traced back to you personally.
Note content — The text you write in notes, verification questions, and verification answer hashes are stored on Cloudflare KV (key-value storage).

What we do NOT collect

No email address
No phone number (stored locally only)
No real name (display name is stored locally only)
No social media accounts (stored locally only)
No precise GPS coordinates on any server
No browsing history or app usage analytics
No advertising identifiers
No contact list or address book data

Identity model

MISDCON uses a device UUID identity model. You do not create an account, provide an email, or sign in with any service. Your identity is your device. If you delete the app, your identity is gone.

Location permissions

Foreground location is used to show nearby notes and let you drop notes at your current location.

Background location (optional, opt-in) is used to record your route trail on your device so you can scrub back through your day and drop notes at places you visited earlier. Background location data is stored exclusively in local SQLite on your device and is never transmitted.

Data retention

Route points: Automatically deleted based on your chosen retention period (2 days to 1 year, default 7 days)
Notes on server: Active until matched or expired (configurable)
Local profile: Persists until you clear data or delete the app

Third-party services

Cloudflare Workers & KV — Server infrastructure for note storage and matching. Cloudflare's privacy policy applies to server-side data processing.
Apple Maps (iOS) / Google Maps (Android) — Map rendering. Standard platform map APIs. We do not send additional data to these services beyond what the map SDK requires.
Expo / React Native — App framework. No data is collected by these frameworks in production builds.

Children's privacy

MISDCON is not directed at children under 13. We do not knowingly collect data from children.

Your rights

You can delete all your local data at any time from the Profile screen ("Clear all data"). Since we do not collect personal information on our servers, there is no server-side data to request or delete — your anonymous zone keys and note content cannot be linked to your identity.

Canadian privacy compliance

MISDCON is developed in Calgary, Alberta, Canada. Our architecture is designed to comply with PIPEDA (Personal Information Protection and Electronic Documents Act) and provincial privacy legislation through data minimization — we minimize personal information collection by processing location entirely on-device.

Changes to this policy

We may update this policy as the app evolves. The "Last updated" date at the top reflects the most recent revision.

Contact

For privacy questions: [email protected]

EliomMags Studio — Calgary, Alberta, Canada