The MyMGS app does not process Personally Identifiable Data (PID) for any period of time longer than a few seconds on any remote server.
The MyMGS app processes your email address by sending an SMTP request via Mailgun's server to dispatch an automated verification email. Your email address is never stored in MyMGS' databases or servers, except for the short period of time needed to dispatch the email. No identifier can be used to directly or indirectly map you or your in-app activity to your email address.
The MyMGS app submits data relating to crashes and errors to Firebase Crashlytics in the background. This data is always anonymous and can never be used to identify you.
Since no PID is stored about you, you cannot exercise any Subject Access Rights relating to the verification process.
The MyMGS app allows you to submit anonymous, confidential safeguarding reports, encrypted end-to-end using PGP with 2048-bit RSA. In production releases of the MyMGS app, this data can only be decrypted by a small group of authorised pastoral staff. However, in beta-test releases of the MyMGS app, other developers may be able to decrypt messages for testing purposes. You are advised not to submit real reports using beta versions of the app.
Since these messages do not deliver any PID along with them, they are also regarded as anonymous. Encrypted data is stored in Firebase Firestore, but no identifiers are associated with it.