Privacy Policy
Last Updated: May 2026
Coffee Valley Limited ("we," "us," or "our") operates the 52 mobile application (the "App"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our App.
By using the App, you agree to the collection and use of information in accordance with this Privacy Policy.
In short: 52 is built to keep your memories private. Your photos, the locations inside them, your contacts, and your step data are all processed entirely on your device and are never sent to us or anyone else. The only information that leaves your device is anonymous subscription and usage data.
1. Information We Collect
Information Processed On Your Device
The following data is processed entirely on your device and is never transmitted to our servers or to any third party:
Photos and Media
- We access your photo library to organize your memories by location, trips, places, and meaningful moments
- We read the location (GPS) and date metadata embedded in your photos to group them geographically and build your trips, passport, and map
- All photo analysis and organization happens on your device using Apple's built-in services and our on-device boundary data
- Your photos never leave your device. We do not upload, store, or transmit your photos
Contacts
- With your permission, we read your contacts to identify birthdays and special moments with friends and family
- Contact data is processed locally and is never uploaded to our servers
- You can use the App without granting contacts access
Health (Step Count)
- With your permission, we read your daily step count from Apple Health to show how many steps you walked on each trip — a fun statistic alongside your photos
- We request read-only access to step count. We never write any data to Apple Health
- Your Health data is processed entirely on your device, is never transmitted to our servers, and is never used for advertising or marketing or shared with any third party
- You can use the App without granting Health access
Subscription Information (52 Max)
52 offers an optional paid subscription, "52 Max," sold through Apple's App Store. To manage your subscription and unlock features, we use RevenueCat, a subscription-management provider, which receives:
- An anonymous customer identifier (not linked to your name, email, photos, contacts, or Health data)
- Your subscription status and purchase events (purchase, renewal, cancellation)
Payment for 52 Max is handled entirely by Apple. We never receive or store your name, email, credit card number, or any payment details — Apple processes the transaction under its own terms.
Information Collected Automatically
Analytics Data
- We collect anonymous usage data to understand how the App is used and to improve it
- This data is associated with a device identifier, not your personal identity, and does not include your photos, contacts, or Health data
- We do not sell or share analytics data with third parties for advertising purposes
2. How We Use Your Information
We use the information described above to:
- Provide the App's core features: organize your photos by location, detect your trips, and build your passport and map — all on your device
- Show your trip step counts: read your step count (with permission) to display how far you walked on a trip
- Manage your subscription: track your 52 Max subscription status to unlock Max features
- Send in-app notifications: memory reminders and suggestions, only with your permission
- Improve the App: analyze anonymous usage patterns to enhance features and fix issues
We do not use your photos, contacts, or Health data for advertising, and we do not sell any of your data.
3. How We Share Your Information
We do not sell your personal information. Because your photos, contacts, and Health data never leave your device, there is nothing to share. We share limited information only in these circumstances:
Subscription Management Provider (RevenueCat)
- Receives: anonymous customer identifier, subscription status, purchase events
- Purpose: manage your 52 Max subscription entitlement
- Does not receive your photos, contacts, Health data, or personal identity
Apple (App Store)
- Handles all payment for the 52 Max subscription under Apple's own terms and privacy policy
Analytics Provider
- Receives: anonymous usage data and a device identifier
- Purpose: help us understand how the App is used so we can improve it
- Data is used for internal analysis only and is not shared for advertising
Legal Requirements
- We may disclose information if required to do so by law or in response to valid requests by public authorities
Business Transfers
- If we are involved in a merger, acquisition, or sale of assets, information may be transferred as part of that transaction
4. Data Retention
On-Device Data
- Your photos, photo metadata, contacts, and Health data remain on your device and under your control
- You can revoke the App's access to any of these at any time in your device Settings
- Deleting the App removes the data it has cached on your device
Subscription Data
- Subscription status data held by RevenueCat is retained for the lifetime of your subscription and as required for billing and audit purposes
Analytics Data
- Anonymous analytics data is retained for up to 2 years
5. Data Security
We implement appropriate technical and organizational measures to protect your information:
- Your most sensitive data — photos, location metadata, contacts, and Health data — never leaves your device, which is the strongest protection we can offer
- Any data transmitted between the App and our subscription or analytics providers uses HTTPS/TLS encryption
- We do not store your photos, contacts, Health data, or payment details on our servers
Data Breach Notification
In the event of a data breach affecting your personal information, we will notify you and the relevant data protection authority where required by applicable law (including within 72 hours under the GDPR), and describe the nature of the breach and the steps we are taking. If you believe a security incident has occurred involving your data, please contact us at info@getfiftytwo.com.
6. Your Rights and Choices
Access and Control
Photo Library, Contacts, Health
- You can grant or revoke access at any time in your device Settings > Privacy & Security
- The App requests Health and Contacts access only when you use a feature that needs it, and the core App works without them
Push Notifications
- You can enable or disable notifications in your device Settings
Location
- The App does not request your live location. We only read location data already embedded in your photos
Subscription
- You can manage or cancel 52 Max at any time in your Apple App Store account settings
Data Deletion
Most of your data lives only on your device — deleting the App removes it. To request deletion of any data held by us or our subscription provider, email info@getfiftytwo.com. We will process deletion requests within 30 days. We may retain certain information where required by law.
Data Portability
You may request a copy of any personal data we hold about you by contacting info@getfiftytwo.com.
EU and UK Users (GDPR / UK GDPR)
If you are located in the European Economic Area (EEA) or United Kingdom, you have the following rights under the GDPR and UK GDPR:
- Right of Access: request a copy of the personal data we hold about you
- Right to Rectification: request correction of inaccurate or incomplete personal data
- Right to Erasure ("Right to be Forgotten"): request deletion of your personal data, subject to certain legal exceptions
- Right to Restriction: request that we restrict processing in certain circumstances
- Right to Data Portability: receive your personal data in a structured, commonly used, machine-readable format
- Right to Object: object to processing based on legitimate interests, including direct marketing
- Rights Related to Automated Decision-Making: the right not to be subject to solely automated decisions producing significant legal effects
To exercise any of these rights, contact info@getfiftytwo.com. We will respond within 30 days. You also have the right to lodge a complaint with your local data protection supervisory authority — in the UK, the ICO (ico.org.uk); in the EU, your national supervisory authority.
Legal Bases for Processing (GDPR):
- Consent: accessing your Contacts and Health data (you may withdraw at any time in Settings)
- Contract performance: managing your 52 Max subscription
- Legitimate interests: anonymous analytics to improve the App (assessed not to override your interests or rights)
California Residents (CCPA / CPRA)
If you are a California resident, you have the following rights under the CCPA and CPRA:
- Right to Know: request disclosure of the categories and specific pieces of personal information we have collected
- Right to Delete: request deletion of personal information we have collected, subject to certain exceptions
- Right to Correct: request correction of inaccurate personal information
- Right to Opt-Out of Sale or Sharing: we do not sell or share your personal information for cross-context behavioral advertising
- Right to Limit Use of Sensitive Personal Information: we only use sensitive data (such as photo location metadata or Health data) on your device to provide the service, and never for any other purpose
- Right to Non-Discrimination: we will not discriminate against you for exercising any of these rights
To exercise your CCPA rights, contact info@getfiftytwo.com with the subject line "California Privacy Request." We will respond within 45 days.
7. International Data Transfers
The limited data we do process (anonymous subscription and analytics data) may be processed in countries other than your own, including where our service providers operate. For users in the EEA and UK, such transfers are made under appropriate safeguards, including the EU Standard Contractual Clauses (SCCs) and/or the UK International Data Transfer Agreement (UK IDTA). You can request a copy of the applicable transfer mechanisms by contacting info@getfiftytwo.com.
Your photos, contacts, and Health data are never transferred anywhere — they stay on your device.
8. No Sale of Your Data
We do not sell, rent, license, or share your photos, contacts, Health data, or personal information with any third party for advertising, marketing, or data brokerage purposes.
9. Children's Privacy
The App is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact info@getfiftytwo.com, and we will delete such information.
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page, updating the "Last Updated" date, and, for significant changes, sending a notification through the App. We encourage you to review this Privacy Policy periodically.
11. Contact Us
If you have any questions about this Privacy Policy or our data practices, please contact us:
Coffee Valley Limited
Email: info@getfiftytwo.com
Website: getfiftytwo.com
12. Jurisdiction
This Privacy Policy is governed by the laws of Hong Kong Special Administrative Region. Any disputes arising from this Privacy Policy shall be subject to the exclusive jurisdiction of the courts of Hong Kong.
Summary Table
| Data Type | Collected | Stored On-Device | Sent to Servers | Shared With |
|---|---|---|---|---|
| Photos | Yes | Yes | No | No one |
| Photo location metadata | Yes | Yes | No | No one |
| Contacts | With permission | Yes | No | No one |
| Health (step count, read-only) | With permission | Yes | No | No one |
| Subscription status | Yes | No | Yes | RevenueCat, Apple |
| Payment details | No | — | No | Apple only (we never receive them) |
| Device identifier | Yes | No | Yes | Analytics provider (internal use only) |
| Analytics events | Yes | No | Yes | Analytics provider (internal use only) |