Privacy Policy — EIA Inventories
Last updated:
This privacy policy describes how the EIA Inventories app handles your information.
What we collect
Nothing personally identifiable. The app does not ask for your name, email, phone number, location, contacts, or any other personal data. It has no account system and no analytics SDK, and today it shows no ads and embeds no third-party advertising trackers. If that changes, see Advertising below.
What we store on your device
The app uses Android SharedPreferences / iOS NSUserDefaults to persist these
settings locally:
- The historical range (3, 5, or 10 years) you’ve chosen
- Whether prior-year overlay lines are shown by default
- Per-series chart-mode (compressed seasonal vs raw timeseries) overrides
- Whether you’ve opted in to data-update notifications
- A local cache of the most recent EIA inventory data so the app opens quickly and works briefly while offline
This data lives only on your device. Uninstalling the app removes it.
Notifications
If you opt in to “Notify me when EIA publishes new data” in Settings, the app uses two paths in parallel:
- Periodic background fetch. Your device wakes the app every few hours, fetches the public snapshot from GitHub, and shows a local notification if the data is newer than the last one you saw. No data leaves your device — the fetch is the same one the app makes anyway, with no identifying headers.
- Firebase Cloud Messaging (push). Your device subscribes to a single topic
eia-updates. The publisher (a GitHub Action we run) broadcasts to the topic when new data is committed. Subscribing to a topic is a standard device-to-Firebase operation.
Both paths dedup against the same local marker so you receive at most one notification per data release.
Firebase processes the push delivery on Google’s infrastructure. Refer to Google’s privacy documentation for what FCM stores. We send only a broadcast payload describing the release itself — the report type, the latest data period, and the week-over-week change — with no user identifiers.
Network requests
When you open the app or pull-to-refresh, it sends an HTTPS request to a small proxy server we operate. The proxy:
- Receives the standard HTTP request your device sends: your IP address, the request URL, and the User-Agent string.
- Forwards a query to the U.S. Energy Information Administration (EIA) Open Data API (api.eia.gov) and returns the response.
The proxy caches EIA’s response so that all users share one upstream request per series per hour.
Advertising
The app shows no ads today. If we introduce advertising in a future version, the following will apply, and we will update this policy’s effective date:
- We may use a third-party ad network (for example, Google AdMob) to display ads in the app.
- Ad networks may access a mobile advertising identifier (Apple’s IDFA or Google’s Advertising ID) and basic device / usage information to deliver and measure ads.
- On iOS, we will present Apple’s App Tracking Transparency (ATT) prompt before any tracking tied to that identifier. If you decline, you will see only non-personalized ads.
- You can limit ad personalization at any time in your device settings (iOS: Settings → Privacy & Security → Tracking and Apple Advertising; Android: Settings → Google → Ads).
- We will update our App Store “App Privacy” and Google Play “Data safety” disclosures to match before any ads ship.
Children
The app is not directed at children under 13. It does not knowingly collect data from anyone.
Data sources
All data is sourced from EIA, a U.S. federal agency, and is in the public domain. We do not modify or repackage EIA’s numbers — we only display them.
Changes to this policy
If we change this policy, the updated version will be linked from the app’s About screen. Continued use after a change indicates acceptance.
Data collection summary
A short summary of the current version’s App Store / Google Play data-safety disclosures (see Advertising for how these would change if ads are added):
| Category | What applies |
|---|---|
| Personal info collected | None |
| Identifiers | Today, Device/Other IDs only when you opt in to notifications — Firebase mints a per-install token at subscription; the app never reads, logs, or transmits it (purpose: push delivery; optional). An advertising identifier may also apply if ads are added — see “Advertising”. |
| Diagnostics / crash logs | None |
| App activity / browsing history | None |
| Location | None |
| Contacts / messages / photos | None |
| Tracking across apps | No |
| Data sold to third parties | No |
| Data encrypted in transit | Yes (HTTPS only) |
| Network access required | Yes (to fetch public EIA data) |
Contact
For privacy questions, contact support@babydogam.com.