NeighbourhoodWatch exists to help local communities coordinate fast, noisy, high-priority emergency alerts with minimal operational overhead.

Doc status: Latest (rolling). See Versions.

Product goals

• Extremely simple onboarding and use under stress
• Reliable alert fan-out (push notifications)
• Minimal data storage (PII-minimising by default)
• Secure, server-verified admin actions
• Low maintenance architecture (managed services + Cloudflare edge)

Users & roles

• Member (standard user):

  • Authenticates
  • Joins groups by invite code
  • Registers device push token
  • Triggers incident alerts for their group

• Manager:

  • Creates groups
  • Creates invite codes
  • Broadcasts messages
  • Pauses/bans members

Principles

Data minimisation

• Do not store home addresses.
• Avoid storing exact coordinates where possible.
• Prefer coarse location buckets (e.g. a zone id / geohash bucket) over exact latitude/longitude.
• Address is stored on-device only, and transmitted only as an encrypted payload when an alert is triggered.

Security-first permissions

• Every privileged action is verified server-side.
• Client UI is not trusted for authorization decisions.

Operational simplicity

• Push fan-out and authorization logic lives in the Cloudflare Worker API.
• Firebase provides Auth + Firestore + FCM primitives.

Non-goals (by design)

• Continuous location tracking
• Storing exact addresses
• Social features, feeds, or “engagement” loops
• Medical advice, emergency triage, or replacing emergency services

Glossary

• Group: a neighbourhood safety group with a coarse zoneId.
• Invite code: short code used to join a group.
• Incident: an emergency event triggered by a member.