Privacy Policy

LoopLess LLC (“we,” “us”) builds LoopLess, a screen-time recovery app that combines Apple’s Screen Time APIs with cognitive-behavioral tools. We minimize data collection, prefer on-device processing, and never sell your personal information or use it for third-party advertising. This policy explains what we collect, how we use it, where it’s stored, how long we keep it, and your rights.

Effective date: August 6, 2025

1. Information We Collect

1.1 Account & Profile (when you create an account or use Community)

Identifiers: username (or display name), optional email, hashed credentials or OAuth identifiers.
Profile content: avatar (if uploaded), streak, rewards image reference.
Community content: posts, comments, reactions, timestamps.

1.2 Screen-Time & Session Data (via Apple Screen Time APIs)

Selected app tokens/labels and bundle IDs for apps you monitor or block.
Usage metrics: per-app duration, session start / end times, daily and weekly totals, device-activity events.
Blocking and limit configuration: schedules, presets, per-app/day limits, shield triggers, early-exit confirmations, completion status.
Rewards & progress: achievements earned, goals met, Mobius rewards unlocked.

LoopLess cannot access content inside other apps (messages, media, browsing, etc.). Apple’s frameworks provide only usage tokens and durations.

1.3 Behavioral Features (optional)

Journaling & CBT entries: predictions, reflections, loop maps, reward-reality checks, experiment outcomes.
Challenge/timer data: active timers, durations, completions, notifications.
Vision Board & goals: text you enter, saved preferences.

1.5 Contacts / Invites (optional)

Only the contacts you select when inviting friends. We do not upload your entire address book.

1.6 Diagnostics & Telemetry

Device model, OS version, app version, basic event logs, crash reports (if you opt-in at the OS level).
No third-party advertising SDKs.

1.7 Support Communications

Messages you send to support, email address, and metadata needed to troubleshoot.

2. How We Use Your Information

Provide core features: monitoring, blocking, schedules, timers, challenges, rewards, and community functions you enable.
Compute metrics and insights (e.g. daily totals, Momentum Index, Impulse Control) to display in reports.
Sync across devices or back up data if you opt into cloud features.
Detect and fix issues, improve reliability and performance.
Comply with legal obligations and enforce terms.

3. On-Device vs Cloud Processing

On-Device (default): screen-time metrics, selections, timers, and behavioral entries are saved locally using App Group storage, Keychain, and iOS Data Protection.
Cloud (optional): if you create an account or enable community/sync, selected data is stored on our servers (e.g. profile, posts, streaks, metrics needed for features).
Media uploads (optional): screenshots or files you choose to upload for progress or support may be stored with our storage provider.

If you are not signed in and do not enable sync, your data remains on-device.

Service providers: hosting, storage, email delivery, error monitoring (all under confidentiality obligations).
Legal or safety requirements.
Business transfers (merger, acquisition, asset sale) with notice and choices.
We do not sell personal information or share it for cross-context behavioral advertising.

5. Data Retention

On-device data: kept until you delete it or uninstall the app.
Server-side account data: retained while your account is active; deleted within 30 days of a deletion request (backups may persist ~35 days).
Logs / diagnostics: typically 90 days unless needed for security or abuse investigations.

6. Security

Encryption in transit (TLS) and at rest on servers.
iOS Data Protection and Keychain for sensitive secrets on device.
Least-privilege access controls and infrastructure monitoring.

No method of transmission or storage is perfectly secure, but we use industry-standard safeguards.

7. Permissions & Frameworks We Use

Apple Screen Time APIs (FamilyControls, DeviceActivity, ManagedSettings) to read usage durations, apply limits/shields, and compute aggregated metrics.
Notifications: reminders for sessions, experiments, reflections (can be disabled in Settings).
Contacts: only when you send invites.
Camera: only for on-device exercise detection; no media stored unless you choose to save it.

8. Your Privacy Rights & Choices

Access / Export your data.
Correct inaccurate information.
Delete your account and data.
Withdraw consent by turning off permissions or cloud sync at any time.
Opt-out of marketing emails via unsubscribe links (we don’t serve in-app ads).

California residents: rights under CCPA/CPRA. EU/UK: rights under GDPR. To exercise rights, email crew@looplessapp.com.

9. Children’s Privacy

LoopLess is not directed to children under 13, and we do not knowingly collect personal information from them. If you believe a child has provided personal data, contact us and we will delete it.

10. International Data Transfers

We may process data in the United States and other countries. Where required, we use appropriate safeguards (e.g. Standard Contractual Clauses) for international transfers.

11. Changes to This Policy

We may update this policy to reflect changes in features or law. We will notify you in-app or by email (if available) and update the effective date.

12. Contact Us

LoopLess LLC
Northbrook, IL 60062, US
crew@looplessapp.com