If you use Sapplify Account with an app
This policy applies in addition to the Privacy Policy of each Sapplify app you use. Your app's policy describes what the app does on your device. This policy describes what we do with the data your Sapplify Account sends to our servers. Both apply at the same time.
1. Introduction
In short: This policy covers the data tied to your Sapplify Account: your sign-in identity, your profile, and the data that flows to our servers when you use Sapplify Sync. It layers on top of each app's own Privacy Policy.
A Sapplify Account is a single identity that works across every Sapplify app. Once signed in, you can subscribe to Sapplify Sync to keep your data backed up and available across your devices.
This Privacy Policy explains what data your Sapplify Account holds, who processes it on our behalf, how long we keep it, and the rights you have over it. It does not replace each app's own Privacy Policy: each app's policy continues to govern what that app does locally on your device.
By creating a Sapplify Account, you confirm that you have read and understood this policy.
2. Data Controller
The data controller responsible for your personal data is:
Anthony Eli Rasch - sapplify
PO Box 004
91501 Nove Mesto nad Vahom
Slovakia
ICO: 56665032
General inquiries: contact@sapplify.com
Privacy and data protection: privacy@sapplify.com
Data Protection Officer
Sapplify operates at a scale that does not require the designation of a Data Protection Officer under Article 37 GDPR. For any data protection inquiry, contact privacy@sapplify.com.
3. Definitions
- Sapplify Account: the identity you create with us and use to sign in across Sapplify apps.
- Sapplify Sync: the suite-wide subscription that backs up and syncs your data across devices for the apps you have signed into.
- Sub-processor: a third party that processes personal data on our behalf, under contract.
- Entitlement: our record that an active subscription or lifetime purchase grants you access to Sync.
- Personal Data: any information relating to an identified or identifiable person.
- Sensitive Personal Data: a subset of Personal Data that receives stronger protection under GDPR Article 9, such as data concerning health.
- Auth Provider: Apple, Google, or our email/password sign-in (provided by Supabase).
- Sync Data: the per-app data your account holds on our servers when Sync is active.
4. What Data Your Sapplify Account Collects
Your Sapplify Account holds six categories of data on our servers.
Identity and profile
- Email address (always required)
- Display name (optional)
- Auth provider identifiers (Sign in with Apple user identifier, Sign in with Google subject ID) when you use those providers
- Preferred language
- Account creation and last-update timestamps
Authentication and session data
- Hashed passwords (managed by Supabase Auth; we never see the plaintext)
- Active session tokens (JWTs) issued to your signed-in devices
- Sign-in event timestamps and IP addresses, retained transiently by Supabase Auth for security investigations
Cross-app sync data
If you have an active Sapplify Sync subscription and you have signed into a Sapplify app, that app uploads your data to our servers. Each Sapplify app describes the exact shape of its data in its own Privacy Policy:
- sWeight: weight entries and body measurements
- sCycle: cycle events
- sMoment: mood, journal, and breathing entries
- sLists: lists and list entries
- sTrain: training sessions and exercises
- sBudget: budget entries
You only have data on our servers for an app if you have signed into that app while Sync is active. Apps you have never signed into hold no data for your account.
Subscription and entitlement records
- Your Sync subscription status (active, in trial, in grace period, on hold, cancelled, expired, or lifetime)
- The store you bought through (Apple App Store, Google Play) and the store product identifier
- Receipt-validation metadata returned by Apple and Google, used to confirm the subscription is still valid
- Subscription lifecycle events (renewals, cancellations, holds) received from Apple App Store Server Notifications and Google Real-time Developer Notifications
Legal acceptance log
- Which version of which Sapplify legal document you accepted
- Timestamp of acceptance
- The Sapplify app from which you accepted
This log is append-only and is used to demonstrate, if asked, that you accepted the policies in force at the time you signed up or re-signed in.
AI feature data (conditional)
If you use AI features inside a Sapplify app, the content of your prompts and the AI responses are processed by Anthropic on our behalf (see Sub-processors) and stored in your account so the AI can recall context for follow-up questions. No Sapplify Sync app uses AI features at the time of writing, but the schema is part of the shared account database.
What Sapplify Account does NOT collect
- We do NOT collect your real name, postal address, or government identification.
- We do NOT collect payment card details. All billing is handled by Apple or Google.
- We do NOT collect device location.
- We do NOT operate analytics, advertising, or behavioral tracking on signed-in users.
- We do NOT sell or share your data with advertisers or data brokers.
5. Legal Basis for Processing
Under the General Data Protection Regulation (GDPR) and equivalent laws, we process your personal data on the following legal bases:
Contract (Article 6(1)(b))
We need to process your account identity, authentication, profile, subscription state, and Sync data to deliver the Sapplify Account and Sync services you have asked for. Without this processing, the services cannot work.
Legitimate interest (Article 6(1)(f))
- Fraud prevention and abuse detection
- Service security (intrusion detection, secret rotation)
- Investigating bugs and incidents
- Retaining short-lived security logs
You can object to processing based on legitimate interest. See Section 12 for how.
Consent (Article 6(1)(a))
Some processing relies on your explicit consent: providing a display name, opting into optional notifications, and using AI features. You can withdraw consent at any time; doing so does not affect processing already carried out.
Special category data (Article 9(2)(a))
Some Sapplify apps process health data (for example, sWeight weight entries, sCycle cycle events, sMoment mood entries). When you enable Sync in such an app while signed in, you give explicit consent to having that health data processed on our servers for the purpose of syncing it across your devices.
Legal obligation (Article 6(1)(c))
We may process and retain data where required by law, for example, tax records or responses to lawful requests from authorities.
Automated decision-making and profiling
We do not use automated decision-making or profiling that produces legal effects concerning you or similarly significantly affects you under Article 22 GDPR. AI features in Sapplify apps provide informational suggestions only; they do not take actions, change your data, or make decisions on your behalf.
6. Sub-processors
The following sub-processors process your Sapplify Account data on our behalf under written contracts. Each entry links to that sub-processor's own privacy policy.
| Sub-processor | Role | Location | Privacy policy |
|---|---|---|---|
| Supabase | Authentication, primary database (Postgres), Edge Functions, encrypted backups, transactional email transport | European Union (Frankfurt) | supabase.com/privacy |
| Apple | Sign in with Apple; App Store billing for Sync; App Store Server Notifications | Global | apple.com/legal/privacy |
| Sign in with Google; Google Play Billing for Sync; Real-time Developer Notifications via Google Cloud Pub/Sub | Global | policies.google.com/privacy | |
| Resend | Transactional email delivery (sign-up confirmation, password reset, billing notices) | United States, with Standard Contractual Clauses for EU transfers | resend.com/legal/privacy-policy |
| Anthropic | AI inference. Conditional: only invoked if you use AI features inside a Sapplify app. | United States, with Standard Contractual Clauses for EU transfers | anthropic.com/legal/privacy |
We will tell you when we add or change sub-processors. Material changes (a new processor, a change in role) trigger a re-acceptance gate the next time you sign in.
7. Data Residency and International Transfers
Your primary account database, including profile, entitlements, and Sync data, lives in Supabase's European Union region (Frankfurt, Germany). That is where the data sits at rest.
Some sub-processors operate globally. When data leaves the EU to reach them, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission as the legal basis for the transfer.
- Apple and Google handle authentication and billing globally; the transfer is necessary to perform the contract you have with each store.
- Resend is headquartered in the United States; transfers covered by SCCs.
- Anthropic (only if you use AI features) is in the United States; transfers covered by SCCs in Anthropic's data processing addendum.
8. Data Retention
How long we keep your data depends on what happens to your account.
| Event | What happens to your data |
|---|---|
| Account is active | Profile, entitlement, and Sync data are kept for as long as your account exists. |
| Sync cancellation (you cancel, your subscription lapses, or you are refunded) | Server-side Sync data is preserved. If you re-subscribe later, your data is still there. Your entitlement record is marked cancelled. |
| Account deletion (you delete from inside any Sapplify app) | Immediate hard-delete across every Sapplify app schema, your profile, your entitlement record, and your authentication record. No grace period, no recovery. |
| Encrypted backups | Supabase-managed encrypted backups age out within 7 days of the deletion. After 7 days, no copy of your data remains on our systems. |
| Tax and billing records | Anonymized aggregate records are kept as required by Slovak tax law (typically 10 years). They contain no personal data after account deletion. |
9. Security
We take security seriously, but no online service is risk-free. Here is what we do, and where the limits are.
What we do
- All network traffic between your devices and our servers uses TLS 1.2 or higher.
- Data at rest is encrypted using Supabase-managed AES-256.
- Row-level security policies in our database isolate each user's data so one user cannot read another user's rows.
- Service-role database keys are kept only in server-side environment variables and never bundled into Sapplify apps.
- All sign-in events, subscription events, and account-deletion events are logged for security investigations.
What we do NOT claim
No end-to-end encryption
Sapplify Sync is not end-to-end encrypted. Your data is encrypted in transit and at rest, but Sapplify-side service-role access could in principle read the contents (we do not, except as needed to operate the service). Do not use Sync to store information that requires end-to-end encryption.
What you can do
- Choose a strong, unique password.
- Lock your device with PIN, password, or biometric authentication.
- Revoke the Sapplify OAuth grant in your Apple or Google account if a device is lost.
- Sign out of devices you no longer use.
10. Data Breach Notification
If a security incident exposes personal data we hold about you, this section describes how we respond.
What could be affected
Because the primary copy of your account data lives on our servers in Supabase's EU region, a server-side incident could in principle expose:
- your email address, profile fields, and auth-provider identifiers;
- the contents of your synced data for the Sapplify apps you have signed into;
- your subscription and entitlement records.
The following are not stored on our servers and therefore cannot be exposed by a breach on our side:
- your password (Supabase Auth holds only a hash);
- your payment card details (Apple or Google holds them);
- local-only data on devices where Sync is not active.
Notification process
If we become aware of a personal data breach on our servers or at one of our sub-processors:
- We will notify the Slovak Office for Personal Data Protection within 72 hours of becoming aware, as required by Article 33 GDPR, unless the breach is unlikely to result in a risk to your rights.
- If the breach is likely to result in a high risk to your rights and freedoms, we will notify you directly without undue delay, as required by Article 34 GDPR. Notification is sent to the email address on your Sapplify Account.
The notification will tell you, in plain language: what happened, what data was affected, the likely consequences, what we have done about it, and what you can do to protect yourself.
What you can do
- Change your Sapplify Account password if you use email/password sign-in.
- Sign out of all devices and sign back in to invalidate session tokens.
- If you are concerned, delete your Sapplify Account (see Section 13).
To date, we have not experienced a personal data breach affecting Sapplify Account users.
11. Sharing and Disclosure
We do not sell your data
- We do NOT sell your data to anyone.
- We do NOT share your data with advertisers, marketers, data brokers, or social-media platforms.
- We do NOT use your data to train cross-customer AI models.
- We do NOT send marketing or promotional emails through your Sapplify Account. The only emails we send are transactional (sign-up confirmation, password reset, billing notices).
Who actually sees your data
Only the five sub-processors listed in Section 6, and only for the roles described there. No other third party has access to your account data.
Legal and law-enforcement requests
We may disclose data if required by a valid court order, statute, or law-enforcement request that meets the legal standards of Slovakia or the European Union. We will notify you when permitted to do so. As of the date of this policy, we have received no such request.
12. Your Rights
You have comprehensive rights over your account data. The exact list depends on where you live.
GDPR rights (European Union and European Economic Area)
- Right of access (Art. 15): ask us what personal data we hold about you.
- Right to rectification (Art. 16): have inaccurate data corrected.
- Right to erasure (Art. 17): have your data deleted. The fastest way is to delete your Sapplify Account from inside any Sapplify app.
- Right to restriction (Art. 18): limit how we process your data while a dispute is resolved.
- Right to data portability (Art. 20): receive your data in a machine-readable format. See note below.
- Right to object (Art. 21): object to processing based on legitimate interest.
- Right to withdraw consent (Art. 7): withdraw consent at any time for processing that relies on consent.
- Right to lodge a complaint: with the Slovak Office for Personal Data Protection (see Section 17) or your local supervisory authority.
UK GDPR rights (United Kingdom)
UK users have the same rights as EU users under UK GDPR. Complaints can be lodged with the Information Commissioner's Office at ico.org.uk.
CCPA and CPRA rights (California)
- Right to know what personal information we collect and how we use it.
- Right to delete your personal information.
- Right to correct inaccurate information.
- Right to opt out of sale or sharing. (We do not sell or share for cross-context behavioral advertising.)
- Right to non-discrimination for exercising your rights.
- Right to limit the use of sensitive personal information. Our local-first architecture and the absence of secondary uses inherently satisfy this for the data we hold.
LGPD rights (Brazil)
Brazilian users have rights equivalent to GDPR's, including confirmation, access, correction, anonymization, deletion, data portability, and information about sharing. Contact us at privacy@sapplify.com to exercise them.
How to exercise your rights
Portability note
Sapplify does not yet offer a single "download all my account data" button. Each Sapplify app has its own data-export feature (CSV). For an account-wide portability export, email privacy@sapplify.com and we will assemble it manually.
For access, rectification, restriction, objection, or any other right, email privacy@sapplify.com. We respond within 30 days, extendable to 60 days for complex requests with notice.
13. Deleting Your Sapplify Account
You can delete your Sapplify Account from inside any Sapplify app (Settings > Account > Delete account). When you confirm, we immediately hard-delete:
- your account record in our authentication system,
- your profile (display name, language preference),
- all data tied to your account in every Sapplify app schema you have signed into (sWeight, sCycle, sMoment, sLists, sTrain, sBudget),
- your entitlement record and subscription event history,
- your legal-acceptance log.
Encrypted backups of our database age out within 7 days of the deletion. After 7 days, no copy of your data remains on our systems.
Two things are NOT removed by account deletion
- Local data on your devices. Each Sapplify app keeps a local copy on your device. Uninstall the app, or use the app's in-app "Delete all data" option, to remove it.
- Your App Store or Google Play subscription. Deleting your Sapplify Account does not cancel the subscription billed by the store. To stop future charges, cancel separately in your store's subscription settings.
See also our public Account Deletion guide for step-by-step instructions.
14. Children's Privacy
Age requirement
Sapplify Account is intended for users aged 16 and older. By creating an account, you confirm that you meet this requirement.
In jurisdictions where a higher minimum age applies to processing personal or health data, that higher age applies.
If you are a parent or guardian and believe a child under 16 has created a Sapplify Account, contact us at privacy@sapplify.com and we will delete the account.
15. Cookies and Web Tracking
The Sapplify Account sign-in flow happens inside Sapplify apps, not in a web browser. The Account flow itself does not set cookies on your device.
The Sapplify marketing website (sapplify.com) has its own Privacy Policy that covers cookies and analytics on the site itself.
Global Privacy Control
Because the Sapplify Account flow does not place tracking cookies or share data for cross-context behavioral advertising, there is nothing for Global Privacy Control (GPC) or Do Not Track signals to opt out of. We honor these signals by default.
16. Changes to This Policy
We may update this Privacy Policy when our practices change, when we add or remove sub-processors, or when the law requires.
Material changes
Material changes (a new sub-processor, a change in data flows, a change in retention) update the policy version. The next time you sign in to any Sapplify app, you are asked to read and re-accept the updated policy before continuing. Your acceptance is recorded server-side.
Non-material changes
Typo fixes, contact-information changes, and reformatting ship silently with an updated "Last updated" date at the top of this page.
Version history
Each version is dated. Earlier versions are available on request at privacy@sapplify.com.
17. Governing Law and Supervisory Authority
This Privacy Policy is governed by the laws of the Slovak Republic, without regard to conflict of law principles.
Lead supervisory authority
We are based in Slovakia. Our lead data-protection supervisory authority is:
Urad na ochranu osobnych udajov Slovenskej republiky
(Office for Personal Data Protection of the Slovak Republic)
Hranicna 12
820 07 Bratislava 27
Slovak Republic
Website: dataprotection.gov.sk
Email: statny.dozor@pdp.gov.sk
EU and EEA users may also lodge complaints with their local supervisory authority.
18. Contact Us
For questions about this Privacy Policy or to exercise any of the rights described in Section 12:
Privacy and data protection: privacy@sapplify.com
General inquiries: contact@sapplify.com
Postal:
Anthony Eli Rasch - sapplify
PO Box 004
91501 Nove Mesto nad Vahom
Slovakia
For data-subject rights requests tied to your Sapplify Account, include the email address on the account in your message so we can verify your identity. We respond within 30 days.