Privacy Policy

• Account data: email, authentication identifiers (via Firebase Authentication, Sign in with Apple, Google Sign-In).
• Usage data: screen views, events, session length, app version, device model, OS, crash logs (Firebase Analytics & Crashlytics).
• App-generated content: any entries, preferences, answers, or content you create inside an app, stored in Cloud Firestore.
• Subscription data: purchase receipts, entitlement status, plan type (processed by RevenueCat and the platform stores — Apple App Store, Google Play).
• Marketing data: if you join a waitlist, we store your email and locale.
• Cookies & similar technologies: on our websites, after consent, we use Google Analytics 4 for anonymised usage statistics.

• to provide and maintain the services you request;
• to authenticate accounts and secure access;
• to process purchases, manage subscriptions, and prevent fraud;
• to diagnose crashes and improve reliability;
• to analyse aggregated usage and product performance (with your consent for non-essential analytics);
• to communicate service updates and respond to your inquiries;
• to comply with legal obligations.

• Contract (Art. 6(1)(b)): to deliver the app and subscription services.
• Consent (Art. 6(1)(a)): for non-essential analytics cookies, marketing emails, and optional features.
• Legitimate interest (Art. 6(1)(f)): security, fraud prevention, product improvement.
• Legal obligation (Art. 6(1)(c)): record-keeping required by Slovak law.

We rely on the following processors who act on our behalf under Data Processing Agreements:

• Google LLC / Google Ireland Ltd. — Firebase (Auth, Firestore, Analytics, Crashlytics, Cloud Functions, Hosting, Remote Config).
• RevenueCat, Inc. — subscription lifecycle, receipt validation.
• Apple Inc. — App Store purchases, Sign in with Apple, ASN v2 receipts.
• Google LLC — Google Play Billing, RTDN, Sign-In.
• Anthropic, PBC — AI features (where applicable), processed via our Cloud Functions.

Transfers of data outside the EEA are protected by Standard Contractual Clauses and, where applicable, the EU-US Data Privacy Framework.

• Account data: kept while your account is active + up to 12 months after deletion.
• Analytics: aggregated for 14 months (GA4 default).
• Crash logs: 90 days.
• Waitlist emails: until you unsubscribe or we launch the product.
• Subscription records: 10 years (Slovak accounting law).

Under GDPR you have the right to:

• access your personal data (Art. 15);
• rectify inaccurate data (Art. 16);
• erase your data (Art. 17);
• restrict or object to processing (Art. 18, 21);
• receive your data in a portable format (Art. 20);
• withdraw consent at any time (Art. 7(3));
• lodge a complaint with the Slovak Data Protection Authority (Úrad na ochranu osobných údajov SR, dataprotection.gov.sk).

To exercise any right, email theprincipleguy@gmail.com. We respond within 30 days.

Our apps are not directed at children under 16. If we learn that we have collected data from a child under 16 without verifiable parental consent, we will delete it promptly.

We use industry-standard protections (TLS in transit, Firestore rules, access control, encryption at rest via Google Cloud). No transmission over the Internet is 100% secure; we cannot guarantee absolute security but work to mitigate risk.

We may update this policy to reflect changes in law or our services. Material changes will be announced via the app or on the relevant landing page with a revised “Last Updated” date.

Principle Guy s.r.o.
Krtíšská cesta 288/34, 991 06 Želovce, Slovakia
IČO: 56561792 · DIČ: 2122343718
Email: theprincipleguy@gmail.com