Sugarledge App Privacy Policy Effective Date: April 6, 2026

This Privacy Policy describes how Sugarledge Stone Quarry ("we," "us," or "our") collects, uses, and discloses information when you use our mobile application, Sugarledge App (the "App").

1. Information We Collect We collect various types of information in connection with the App, which may include personal data. The types of information we collect depend on how you use our App and the features you interact with.

a. Information You Provide Directly:

● Account Information: When you create an account, we collect information such as your name, email address, phone number, and unique user identifier provided by your chosen authentication method (e.g., Apple Sign-In).

● Communications: When you contact us for support or other inquiries, we collect the content of your communications and any contact information you provide.

● Orders: Basic App functionality involves the user selecting items for purchase orders and specifying transport type, either delivery or pickup, at checkout. We will require a delivery address if the mode of transportation selected is delivery and detailed or general job information connected to the order.

b. Information Collected Automatically: We use Google Firebase, a platform provided by Google, to power our App's backend services and analytics. Firebase SDKs automatically collect certain information from your device and your use of the App. This may include:

● Identifiers:

○ User ID: A unique identifier generated by Firebase for your authenticated user account.

○ App Instance ID: A unique identifier for your app installation.

○ Device ID: Information about your device, such as device model, operating system version, and app bundle ID.

○ Push Notification Tokens: We collect device identifiers (specifically, Firebase Instance IDs / FCM Tokens) to route transactional push notifications to your specific device.

○ Advertising Identifier (IDFA): We do not collect advertising identifiers.

● Usage Data:

○ Product Interaction: Information about how you interact with the App, such as app launches, taps, clicks, scrolling information, time spent in the App, screen views, sessions, and interactions with authentication flows (e.g., sign-in attempts).

○ App Performance Data: Information about the performance of our App on your device (e.g., crash logs, performance metrics like latency).

● Device Information: Device model, operating system, language, time zone, app version.

● Network Information: IP address (used for coarse location detection and security, typically masked or aggregated).

c. Information from Third-Party Identity Providers (e.g., Apple Sign-In): When you choose to sign in to our App using a third-party identity provider (e.g., Apple Sign-In), we receive certain information from that provider as part of the authentication process.

● Apple Sign-In: If you sign in with Apple, we receive your unique Apple user identifier. Depending on your privacy settings in Apple, we may also receive your name and either your real email address or a private relay email address (@privaterelay.appleid.com). We do not collect your phone number through Apple Sign-In.

2. How We Use Your Information We use the information we collect for the following purposes:

● To Provide and Maintain the App: To operate, maintain, and improve the functionality of the App, including user authentication, account management, and delivering core services.

● To Personalize Your Experience: To tailor content, features, and user interface elements based on your preferences and usage patterns.

● For Analytics and Understanding Usage: To monitor and analyze trends, usage, and activities in connection with our App, to improve its design, features, and performance.

● For Communication: To send you important updates, notifications, and respond to your inquiries and support requests. This includes using FCM Tokens to deliver transactional push notifications (e.g., order updates).

● For Security and Fraud Prevention: To protect the security and integrity of our App and prevent fraudulent activities.

● To Comply with Legal Obligations: To meet our legal obligations and enforce our terms of service.

3. How We Share Your Information We may share your information in the following circumstances:

● With Service Providers: We use third-party service providers, primarily Google Firebase, to perform functions on our behalf. These service providers have access to your information only to perform these tasks and are obligated not to disclose or use it for any other purpose. This includes sharing Firebase Instance IDs with Google / Firebase Cloud Messaging (FCM), which acts as the routing infrastructure to deliver messages to Apple (APNs) and Android devices.

● Google Firebase: We use various Firebase services. For detailed information on how Google processes data through Firebase, please refer to their privacy policies:

○ Google Privacy Policy: https://policies.google.com/privacy

○ Firebase Privacy and Security: https://firebase.google.com/support/privacy

● For Legal Reasons: We may disclose your information if required to do so by law or in the good faith belief that such action is necessary to (a) comply with a legal obligation,

(b) protect and defend our rights or property, (c) act in urgent circumstances to protect the personal safety of users of the App or the public, or (d) protect against legal liability.

● Business Transfers: In connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business by another company, your information may be transferred.

● With Your Consent: We may share your information with your explicit consent or at your direction.

4. Data Retention We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. When we no longer need to process your personal data, we will either delete or anonymize it. Our system actively prunes and deletes stale device tokens from our database when a device is no longer registered. Firebase Authentication retains logged IP addresses for a few weeks and other authentication information until you initiate deletion of the associated user. Firebase Analytics data retention can be configured, and you can delete user data at a user level.

5. Your Data Protection Rights & Opt-Outs Depending on your location, you may have the following rights regarding your personal data:

● Right to Access: You have the right to request copies of your personal data.

● Right to Rectification: You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.

● Right to Erasure (Right to Be Forgotten): You have the right to request that we erase your personal data under certain conditions.

● Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data under certain conditions.

● Right to Object to Processing: You have the right to object to our processing of your personal data under certain conditions.

● Right to Data Portability: You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.

● Right to Withdraw Consent: If we are relying on your consent to process your personal data, you have the right to withdraw that consent at any time.

● Push Notification Opt-Out: You can revoke push notification permissions at any time via your iOS or Android system settings, which will instantly prevent further messages.

To exercise any of these rights, please contact us using the contact details provided below.

6. Children's Privacy Our App is not intended for use by anyone under the age of 18. We do not knowingly collect personally identifiable information from children under 18. If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact us, and we will take steps to remove that information from our servers.

7. External Links & Documents Our App may contain links to download external documents, such as ASTM test reports in PDF format hosted on third-party websites. We are not responsible for the privacy practices, tracking, or content of these external sites.

8. Security of Your Information We strive to use commercially acceptable means of protecting your Personal Information. However, no method of transmission over the internet or method of electronic storage is 100% secure and reliable, and we cannot guarantee its absolute security. Firebase provides robust security features, but ultimate security also depends on your implementation and security practices.

9. Changes to This Privacy Policy We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Effective Date" at the top. You are advised to review this Privacy Policy periodically for any changes.

10. Contact Us If you have any questions or suggestions about our Privacy Policy, please do not hesitate to contact us at:

● Email: spencer@sugarledgestone.com

● Email: bryce@sugarledgestone.com