Privacy Policy
Last updated: 4 March 2026
1. Who We Are
Pushpush (pushpu.sh) is a push notification delivery service operated by Tom Ashworth, an individual based in the United Kingdom.
Tom Ashworth is the data controller for the personal data processed through Pushpush.
Contact: privacy@pushpu.sh
2. What We Collect
Identity data
When you sign up, we receive a pseudonymous user ID from our authentication provider, Kinde (e.g. kp_xxxxxxxx). This ID is used to scope your topics and tokens. Pushpush does not store your name.
Email address
Your email address is collected and stored by Kinde during registration. Pushpush itself does not store your email, but Kinde holds it on our behalf as a sub-processor.
Device data
When you enable push notifications in the iOS app, we collect:
- Your APNs device token (a 64-character hex string assigned by Apple)
- The list of topics your device is subscribed to
Message content
When you publish a message via the API, we process:
- Topic name
- Title and body text
- Priority level
- Tags
- Click URL, action button URLs, attachment URLs, and icon URLs
Technical data
Our infrastructure automatically logs:
- IP addresses
- HTTP request metadata (method, path, status code, response duration, remote address)
Auth tokens
Pushpush issues JWT tokens containing your org identifier, subject, issued-at time, and expiry. The iOS app stores these in the device Keychain. OAuth transient state (auth codes, PKCE challenges) is stored in Firestore with a 5-minute TTL and automatically deleted after expiry.
Payment data
Payment is processed by Stripe. Pushpush never receives or stores your card number. Stripe collects your payment card details and billing information directly.
Data stored only on your device
The following data stays on your device and is never sent to our servers:
- Last-seen message IDs (stored in UserDefaults)
- Dismissed message IDs (stored in UserDefaults)
- Kinde session cookies (may persist in Safari from the OAuth sign-in flow)
3. How We Use Your Data
| Purpose | Data used |
|---|---|
| Authenticate you and issue tokens | Kinde user ID, email (via Kinde), OAuth state |
| Deliver messages to your topics | Message content, topic subscriptions |
| Send push notifications to your device | APNs device token, notification content |
| Process payments | Payment data (via Stripe) |
| Prevent abuse and maintain security | IP addresses, request logs, auth tokens |
| Debug issues | Request logs, technical metadata |
4. Lawful Basis
| Processing activity | Lawful basis | Explanation |
|---|---|---|
| Authentication and token issuance | Contract performance | Necessary to provide the service you signed up for |
| Message storage and delivery | Contract performance | Core function of Pushpush |
| Push notification delivery | Contract performance | Core function of Pushpush |
| Payment processing | Contract performance | Necessary to fulfil paid subscriptions |
| Security logging and abuse prevention | Legitimate interest | Protecting the service and its users from misuse |
| Infrastructure request logging | Legitimate interest | Diagnosing errors and maintaining service reliability |
5. Who We Share Your Data With
We do not sell your data. We do not use your message content or personal data to train AI models. We share data only with the following processors, each of which is necessary to operate the service.
| Processor | Data shared | Purpose | Location |
|---|---|---|---|
| Kinde (Kinde Australia Pty Ltd) | User credentials, email, user ID, auth tokens | Authentication via OAuth 2.0 PKCE | Australia |
| Google Cloud (Google Cloud EMEA Limited) | All API requests, messages, device tokens, logs, IP addresses | Hosting, storage, compute (Cloud Run, Firestore) | europe-west1, Belgium |
| Apple (Apple Inc.) | APNs device tokens, notification content (title, body, priority) | Push notification delivery via APNs | United States |
| Stripe (Stripe Inc.) | Payment card details, billing information | Payment processing | United States |
6. International Transfers
Your data originates in, or is controlled from, the United Kingdom. Some processors operate outside the UK.
| Transfer | Mechanism |
|---|---|
| UK to Australia (Kinde) | Australia does not have a UK adequacy decision. We are working with Kinde to put appropriate safeguards (Standard Contractual Clauses) in place. |
| UK to Belgium (Google Cloud) | Adequate — data at rest in the EEA. Google’s US parent covered by DPA, SCCs, and UK Extension to EU-US Data Privacy Framework |
| UK to United States (Apple APNs) | UK Extension to EU-US Data Privacy Framework |
| UK to United States (Stripe) | UK Extension to EU-US Data Privacy Framework |
7. How Long We Keep Your Data
| Data | Retention period |
|---|---|
| Messages | 30 days (auto-deleted from Firestore) |
| Device tokens | Until you delete your account or unregister the device |
| Topic subscriptions | Until you delete your account or unregister the device |
| Access tokens | 7 days |
| Refresh tokens | 30 days |
| MCP tokens | Up to 30 days (or no expiry for CI/automation use cases) |
| Infrastructure logs | 2 years |
| Payment records | Per Stripe’s retention policy |
| Kinde account data | Until you delete your Kinde account |
8. Your Rights
Under UK data protection law, you have the right to:
- Access — request a copy of the personal data we hold about you.
- Rectification — ask us to correct inaccurate data.
- Erasure — ask us to delete your data (see Account Deletion below).
- Restriction — ask us to limit how we process your data.
- Portability — receive your data in a structured, machine-readable format.
- Objection — object to processing based on legitimate interest.
- Complaint — lodge a complaint with the Information Commissioner’s Office (see Contact below).
To exercise any of these rights, email privacy@pushpu.sh. We will respond within 30 days.
9. Account Deletion
You can request account deletion by emailing privacy@pushpu.sh or using the delete option in the iOS app.
When you delete your account:
- Your device tokens and topic subscriptions are deleted immediately.
- Any remaining messages expire within 30 days (or sooner if they have already reached their TTL).
- Access and refresh tokens expire naturally (7 and 30 days respectively).
- Infrastructure logs containing your IP address are retained for up to 2 years.
- Your Kinde account is separate. To delete it, contact us at support@pushpu.sh and we will request deletion on your behalf, or contact Kinde directly.
Account deletion is completed within 30 days of your request.
10. Children
Pushpush is not intended for anyone under the age of 16. We do not knowingly collect data from children. If we become aware that a user is under 16, we will delete their account and associated data promptly.
11. Cookies and Similar Technologies
The Pushpush iOS app does not use cookies. It does not include any analytics SDKs, advertising identifiers, or tracking technologies.
During sign-in, the app opens a Safari-based OAuth flow. Safari may retain session cookies from Kinde. These cookies are managed by Safari and are not accessible to the Pushpush app.
The MCP OAuth flow may also store session cookies in your browser during authentication. These are used solely for the authentication process.
The Pushpush API does not set cookies.
12. Security
- All data in transit is encrypted with TLS.
- Data at rest in Firestore is encrypted by Google Cloud.
- Auth tokens are stored in the iOS Keychain.
- Pushpush does not store passwords. Authentication is delegated to Kinde.
- JWTs are signed with HMAC-SHA256.
- No analytics, crash reporting, or advertising SDKs are included beyond Apple’s built-in mechanisms.
13. Data Breaches
In the event of a personal data breach that poses a risk to your rights:
- We will notify the Information Commissioner’s Office within 72 hours of becoming aware of the breach.
- We will notify affected users without undue delay.
14. Changes to This Notice
If we make material changes to this privacy notice, we will notify you by email (via Kinde) or through an in-app notice. The “Last updated” date at the top will always reflect the most recent revision.
15. Contact
For any privacy-related questions or requests:
Email: privacy@pushpu.sh
To lodge a complaint with the UK supervisory authority:
Information Commissioner’s Office (ICO) Website: ico.org.uk Helpline: 0303 123 1113