Privacy Policy

Effective date: June 8, 2026 (revised from May 6, 2026)

DonzHit LLC ("DonzHit," "we," "us," or "our") operates the DonzHit.me website and mobile application (collectively, the "Service"), a community observation platform that enables users to document and share their personal observations of traffic and road-safety incidents. This Privacy Policy explains what information we collect, how we use it, and your rights regarding your data.

1. Information We Collect

Category	Data	Source
Account information	Google account name, email address, profile picture URL. Profile pictures are fetched from Google and displayed within the app alongside your posts and comments; they are not independently stored on DonzHit servers beyond session caching.	Google Sign-In (at account creation / login)
Incident Reports	Videos and photographs you upload; title, description (your personal observation of the incident), event type, road usage type, state, city, neighborhood, date/time of incident; GPS coordinates from your device or EXIF metadata. GPS coordinates may be precise (exact location) or approximate (nearby area), at your option. Precise coordinates can identify a specific address; we recommend using approximate GPS for locations you consider sensitive.	Provided by you when submitting a report
Street Talk Posts	Title, body text, and optional location (state, city, neighborhood) of community posts you publish	Provided by you within the app
Engagement data	Reactions (emoji responses) and comments (including threaded replies) you post on Incident Reports and Street Talk Posts	Provided by you within the app
Moderation flags	When you report a post: the flag reason category and optional free-text note (max 500 characters)	Provided by you when flagging content
AI-generated analysis	A machine-generated text description produced by our on-premises AI vision model when analyzing your uploaded media for content moderation. This text is retained internally and is not displayed publicly. We do not use submitted media to train, fine-tune, or improve any AI model.	Automatically generated when you submit an Incident Report
Push notification token	Firebase Cloud Messaging (FCM) device token used to send you in-app notifications (e.g., report approval)	Automatically generated by your device; registered when you sign in
Advertising identifiers	Mobile advertising ID (IDFA on iOS, GAID on Android) used by Google AdMob to serve and measure ads, subject to your consent preferences	Automatically collected by Google AdMob SDK
Cookies & web tracking	When you visit donzhit.me, cookies and similar tracking technologies are placed by Firebase, Google Analytics, and Google AdMob. These may include session cookies (expire when you close your browser) and persistent cookies (remain until deleted). See Section 9 for details.	Automatically collected when you visit the website
Usage data	App version, device platform, crash reports	Automatically collected via Firebase

2. How We Use Your Information

To operate the Service: storing and displaying approved Incident Reports and Street Talk Posts, enabling reactions, comments, and location-based filtering.
To moderate content: reviewing submitted Incident Reports before they are made publicly visible; reviewing flagged Street Talk Posts and comments.
To analyze submitted media: running uploaded images and video through an on-premises AI vision model to determine whether the content meets our guidelines. The resulting analysis text is used for moderation decisions and retained as described in Section 3. We do not use submitted media to train, fine-tune, or improve any AI model.
To power location-based search: AI-generated analysis text is indexed together with the GPS coordinates of each approved report to enable incident discovery and geographic search features within the Service. This data is not sold or shared with third parties.
To host video content: approved video reports may be uploaded to YouTube (unlisted) for reliable streaming.
To send push notifications: notifying you of report approvals, comments, and other Service activity via Firebase Cloud Messaging.
To serve advertising: displaying third-party ads via Google AdMob. Ad personalization is subject to your consent and device advertising settings.
To improve the Service: analyzing usage patterns and crash data to fix bugs and add features. We may also use aggregated, de-identified data (data that cannot reasonably identify you) for analytics, reporting, and product improvement, including publishing aggregate statistics about incident trends by region.
To authenticate users: verifying identity via Google Sign-In to enable report submission, Street Talk, and engagement features.

3. AI Content Analysis & Internal Search

When you submit an Incident Report, the uploaded media is automatically analyzed by an on-premises AI vision model operated solely by DonzHit on privately owned hardware. No uploaded media is transmitted to any third-party AI service for this purpose.

No AI training. We do not use submitted media — images, video, audio, or any derivative thereof — to train, fine-tune, evaluate, or improve any AI model, whether our own or a third party's.

Biometric data. The AI model does not extract, retain, or derive biometric identifiers (including facial geometry, voiceprints, or retinal scans) from submitted media. Analysis is limited to scene classification and content description. In compliance with the Texas Capture or Use of Biometric Identifier Act (Tex. Bus. & Com. Code § 503.001) and similar state laws, we do not capture or use biometric identifiers for any purpose.

Automated decision-making. The AI analysis may result in automatic approval or routing of your submission to a manual staff review queue, without human review at the initial stage. This automated decision is based solely on whether the content appears to meet our community guidelines. You may request human review of any automated decision by contacting us at privacy@donzhit.com.

Retention of analysis text. The AI-generated analysis text ("AI Summary") is retained alongside your submission record. It is visible to DonzHit administrators and is not included in data returned to regular users of the Service.

Internal search index. DonzHit maintains a proprietary internal search index that aggregates AI-generated analysis text together with the GPS coordinates associated with each approved report. This index is used exclusively to power location-based features of the Service, including incident discovery and geographic search. The GPS coordinates used are those you provided or that were derived from your submission at the time of upload. This indexed data is not sold, licensed, or shared with third parties.

4. Information We Share

We do not sell your personal information. We share information only in these circumstances:

Publicly visible content: Approved Incident Reports (including submitted media, location, and report details) and Street Talk Posts (including title, body, and optional location) are visible to all users of the Service. Your email prefix (the part before "@") is associated with your Street Talk Posts, comments, and reactions. Published Incident Reports represent user observations and do not constitute verified facts, legal findings, or official records.
Service providers: We use Google Cloud (storage, database), YouTube (video hosting), Google Maps (location display), Firebase (analytics, push notifications, app distribution), and Google AdMob (advertising) to operate the Service. These providers process data on our behalf under their own privacy policies.
Legal process and law enforcement: See Section 5 below.
Business transfers: If DonzHit LLC is acquired, merged, or its assets are transferred, your information may be transferred as part of that transaction. We will notify you via a prominent notice on the Service before your data becomes subject to a different privacy policy.

5. Law Enforcement & Legal Process

DonzHit LLC may disclose your information, including submitted media and associated metadata, in the following circumstances:

Valid legal process: We will comply with lawful requests from government authorities, including subpoenas, court orders, and search warrants issued by a court of competent jurisdiction. We review all such requests and will object to requests we believe to be overly broad or otherwise improper.
User notification: Where permitted by law and practicable, we will attempt to notify the affected user before disclosing their data in response to legal process, so that the user may seek a protective order or other legal remedy. We may be prohibited by law or court order from providing such notice in some circumstances.
Emergency disclosures: We may disclose information without legal process, without prior notice, and without your consent if we have a good-faith belief that doing so is necessary to prevent imminent death or serious physical injury to any person.
Protection of rights: We may disclose information as necessary to enforce these policies, protect the rights and property of DonzHit LLC, or protect the safety of our users and the public.

Because DonzHit.me documents traffic and road-safety incidents, submitted media may be relevant to civil or criminal proceedings. By submitting an Incident Report, you acknowledge that the media may be subject to legal process and that DonzHit LLC may be required to produce it.

6. Third Parties Depicted in Submitted Media

Incident Reports may capture images or video of individuals — pedestrians, drivers, bystanders — who did not submit content to the Service and who have not consented to its collection or publication. By submitting an Incident Report, you represent and warrant that you had lawful authority to capture and submit the media, including compliance with all applicable recording laws (see Section 7).

Requests for removal by depicted individuals. If you are an individual depicted in media published on the Service and you wish to request its removal, contact us at privacy@donzhit.com with: (a) your name and contact information; (b) a description of the content and a link or sufficient identifying information to locate it; and (c) a statement explaining the basis for your removal request (e.g., privacy, safety, or other legal grounds). We will review removal requests and respond within 30 days. Removal from DonzHit.me does not affect copies already distributed to third-party platforms such as YouTube.

Copyright claims. If you believe submitted content infringes your copyright, use the DMCA process described in our Terms of Service.

No biometric collection from third parties. As described in Section 3, our AI model does not extract biometric identifiers from any person depicted in submitted media.

7. Audio Recording Notice

Videos submitted to the Service may contain audio, including recorded conversations or ambient sound. Recording laws vary significantly by jurisdiction. Many U.S. states — including California, Florida, Illinois, Maryland, Massachusetts, Michigan, Montana, Nevada, New Hampshire, Oregon, Pennsylvania, and Washington — require the consent of all parties to a conversation before it may be recorded ("all-party" or "two-party" consent states). Recording a conversation without required consent may be a criminal offense and may expose the recorder to civil liability.

You are solely responsible for ensuring that any audio included in your submitted media was captured in compliance with all applicable federal, state, and local recording laws. DonzHit LLC does not review submitted media for audio consent compliance and accepts no liability for recordings made in violation of applicable law. If you are uncertain whether your recording was lawful, we recommend removing or muting the audio track before submitting.

8. Third-Party Services

Service	Purpose	Privacy Policy
Google Sign-In	Authentication	policies.google.com/privacy
Google Cloud (GCS & Firestore)	Media storage & database	cloud.google.com/terms/cloud-privacy-notice
Google Maps	Map display	policies.google.com/privacy
YouTube	Video hosting	policies.google.com/privacy
Firebase (Analytics & FCM)	Analytics, crash reporting & push notifications	firebase.google.com/support/privacy
Google AdMob	In-app advertising	policies.google.com/privacy

9. Cookies & Web Tracking

When you visit donzhit.me, the following types of cookies and similar tracking technologies may be placed on your browser or device:

Essential cookies: Required for the website to function (e.g., session state). These cannot be disabled.
Analytics cookies: Placed by Firebase and Google Analytics to measure page visits, user flows, and app performance. These help us understand how the Service is used.
Advertising cookies: Placed by Google AdMob to serve and measure advertisements. These may track your activity across other websites and apps to deliver personalized ads, subject to your consent choices.

You can control cookies through your browser settings (usually found under "Privacy" or "Security"). Disabling cookies may affect the functionality of the website. For information about opting out of Google Analytics tracking specifically, visit tools.google.com/dlpage/gaoptout. For advertising preferences, see Section 10.

10. Advertising & Consent

The Service uses Google AdMob to display advertisements. On first launch, the app presents a consent dialog (powered by Google's User Messaging Platform) allowing you to choose whether to receive personalized or non-personalized ads. You may change your preference at any time through your device settings:

iOS: Settings > Privacy & Security > Tracking, then toggle DonzHit.me off to opt out of personalized ads.
Android: Google Settings > Ads > Delete advertising ID or opt out of Ads Personalization.

11. Push Notifications

If you grant notification permission, the app registers a Firebase Cloud Messaging token with our servers to deliver push notifications (e.g., when your Incident Report is approved or you receive a new comment). You may disable push notifications at any time in your device's notification settings. Revoking permission does not delete your stored FCM token immediately; it will be refreshed or overwritten on your next sign-in.

12. Data Storage, Security & Breach Notification

Your data is stored on Google Cloud infrastructure located in the United States (us-central1 region). We implement reasonable technical and organizational safeguards — including access controls, encryption in transit, and least-privilege service accounts — to protect your information. However, no method of transmission over the internet or electronic storage is 100% secure.

Security concerns. To report a potential security vulnerability, contact us at security@donzhit.com.

Breach notification. In the event of a data breach that creates a reasonable likelihood of harm to affected individuals, we will notify affected users as required by applicable law, including the Texas Identity Theft Enforcement and Protection Act (Tex. Bus. & Com. Code §§ 521.001 et seq.) and any other applicable state or federal breach notification laws. Notification will be provided by email to your registered address, by in-app notice, or by substitute notice as permitted by law, within the timeframes required by applicable law.

13. Data Retention

We retain your account information and submitted content for as long as your account is active or as needed to operate the Service.

Account deletion. You may request deletion of your account and all associated data by contacting us at privacy@donzhit.com. Upon account deletion: (a) your account profile and authentication data will be deleted; (b) your submitted Incident Reports will be removed from public view and deleted from our database, including any associated AI Summary and search index entries; (c) your Street Talk Posts will be soft-deleted and removed from public view, with associated comments also removed; (d) your reactions and comments on others' content will be deleted; and (e) backup copies may persist for up to 90 days before permanent deletion. We will fulfill deletion requests within 30 days of receipt, subject to any legal retention obligations.

Street Talk Posts. Street Talk Posts you delete yourself within the app are soft-deleted and removed from public view immediately; associated comments are also removed.

YouTube content. Video reports uploaded to YouTube prior to account deletion may remain on YouTube subject to YouTube's own terms. We will make reasonable efforts to remove such videos upon account deletion request, but cannot guarantee removal from YouTube's servers within any specific timeframe.

14. Children's Privacy

The Service is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us at privacy@donzhit.com and we will promptly delete it.

15. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

Access: request a copy of the personal data we hold about you.
Correction: request that inaccurate or incomplete data be corrected.
Deletion: request that your data be deleted (see Section 13 for scope).
Data portability: request a copy of the data you have provided to us in a structured, commonly used, machine-readable format.
Objection / restriction: object to or request restriction of certain processing of your data.
Human review: request human review of any automated decision made about your submitted content by our AI analysis system (see Section 3).

California residents (CCPA / CPRA). If you are a California resident, you have additional rights under the California Consumer Privacy Act and California Privacy Rights Act:

Right to know: the categories and specific pieces of personal information collected about you, the purposes for which it is used, and the categories of third parties with whom it is shared.
Right to opt out of "sharing": we do not sell your personal information. To the extent that our use of Google AdMob constitutes "sharing" for cross-context behavioral advertising purposes under CPRA, you may opt out through your device advertising settings (see Section 10).
Right to limit use of sensitive personal information: GPS coordinates are classified as sensitive personal information under CPRA. We use your GPS data only to operate the Service and power location-based features as described in this policy. We do not use it for inferring characteristics about you or for any other purpose.
Non-discrimination: we will not discriminate against you for exercising your privacy rights.

To exercise any of these rights, contact us at privacy@donzhit.com. We will respond within 30 days (or 45 days where permitted by law).

16. International Users

The Service is intended for users in the United States. If you access the Service from outside the United States, your data will be transferred to and processed in the United States, which may have different data protection laws than your country. By using the Service from outside the United States, you consent to this transfer and processing. If you are located in the European Economic Area, the United Kingdom, or another jurisdiction with data protection laws that restrict international transfers, you should be aware that we do not currently offer data processing agreements or EU Standard Contractual Clauses. We recommend that users in those jurisdictions consult applicable local law before using the Service.

17. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the effective date above and, for material changes, notify users within the app. Continued use of the Service after changes take effect constitutes your acceptance of the revised policy.

18. Contact

DonzHit LLC
Texas, United States
privacy@donzhit.com
security@donzhit.com (security concerns)
dmca@donzhit.com (DMCA notices)