sMoment Privacy Policy

1. Introduction

Welcome to the Privacy Policy for sMoment ("we", "us", or "our"). sMoment is a mindfulness and breathing app designed to help you reflect, breathe, and build healthy mental habits while maintaining full control over your personal data.

sMoment operates on a local-first principle: all your data is stored on your device. There is no cloud sync, no account creation, and no remote data storage. This Privacy Policy explains how we collect, use, store, and protect your information when you use our app.

Please read this policy carefully to understand how we treat your information.

Data Controller

The data controller responsible for your personal data is:

Anthony Eli Rasch - sapplify
PO Box 004
91501 Nové Mesto nad Váhom
Slovakia

Email: contact@sapplify.com

2. Data Collection

sMoment collects only the data you actively enter. All data is stored locally on your device.

Mindfulness Data You Enter

The core functionality of sMoment involves tracking mindfulness information that you actively provide:

• Journal Entries: Entry text, mood selection, reflection prompt, date and time, and optional session duration and breathing technique
• Breathing Sessions: Technique used, duration, cycles completed, completion status, and timestamp
• Settings & Preferences: Sound preferences, notification settings, theme mode, preferred breathing technique, haptic feedback, session mode and duration, and stealth mode preferences

Purchase Information

If you purchase sMoment Pro, the following is stored locally on your device:

• Pro status: Whether you have purchased Pro
• Purchase date: When the purchase was made
• Purchase token: A purchase identifier from the App Store or Play Store

Feedback Data (Optional, User-Initiated)

If you choose to submit feedback through the app, the following data is sent to our server:

• Message: Your feedback text
• Feedback type: Bug report, feature request, or general feedback
• App version: The version of sMoment you are using
• Device information: Device model and operating system version (e.g., "iPhone (iPhone14,5)", "iOS 16.5")
• Locale: Your device language setting
• Email address: Only if you voluntarily provide it for follow-up

Feedback is submitted to api.sapplify.com over an encrypted HTTPS connection. This is the only data that leaves your device (apart from purchase verification handled by Apple/Google).

What We DO NOT Collect

• We DO NOT use analytics or tracking services
• We DO NOT display advertisements
• We DO NOT sell or share your data with third parties
• We DO NOT collect location data
• We DO NOT access your contacts, photos, or other personal files
• We DO NOT require an account or collect login credentials

3. Legal Basis for Processing

Under the General Data Protection Regulation (GDPR) and applicable data protection laws, we process your personal data based on the following legal grounds:

Contract Performance

We process your data when necessary to provide you with the sMoment service:

• Storing your journal entries and breathing sessions locally on your device
• Managing your app settings and preferences
• Processing purchase status for Pro features

Consent

We process certain data only with your explicit consent:

• Sending notifications (you enable this in settings)
• Submitting feedback (you initiate this action and choose what to include)
• Exporting or sharing your data (you initiate this action)

You can withdraw consent at any time by disabling the relevant features.

Legitimate Interest

We may process limited data based on our legitimate interests:

• Ensuring security and preventing fraud
• Responding to support inquiries submitted via the feedback feature

Legal Obligations

We may process data when required by law, such as responding to valid legal requests from authorities.

4. Local Data Storage

sMoment stores all your mindfulness data locally on your device. Your data never leaves your device unless you explicitly export it or submit feedback.

Strictly Necessary Storage

Under the EU ePrivacy Directive, the local storage technologies we use are strictly necessary for providing the mindfulness service you requested. A journaling and breathing app cannot function without storing your entries and sessions locally. Therefore, no separate consent is required for this storage, and we do not display a "cookie consent" pop-up for these essential functions.

Local Storage Technologies

• SQLite Database: Your journal entries, breathing sessions, and purchase status are stored in a local database (smoment_journal.db) on your device
• Shared Preferences: Non-sensitive app settings like sound preferences, theme, notification settings, preferred breathing technique, session configuration, and stealth mode preferences

Benefits of Local-Only Storage

5. Purchases & Payments

sMoment offers an optional one-time in-app purchase:

• sMoment Pro (Lifetime): Unlocks additional breathing techniques, extended session history, and custom session durations. This is a one-time purchase that does not require an account.

All payments are processed through the Apple App Store, Google Play Store, or Huawei AppGallery.

What We Store Locally

• Pro status: Whether you have purchased Pro
• Purchase date: When the purchase was made
• Purchase token: A purchase identifier from the store for restoration purposes

What We DO NOT Store

• Credit card or payment method details
• Billing address
• Your name or email associated with the purchase

Payment Processing

All payment processing is handled by:

• Apple App Store: For iOS users - Apple Privacy Policy
• Google Play Store: For Android users - Google Privacy Policy
• Huawei AppGallery: For Huawei device users - Huawei Privacy Policy

We never see or store your payment details. Purchase management (refunds, restoration) is handled through your device's store settings.

6. App Permissions

sMoment requests only the minimum permissions necessary to function:

Required Permissions

• Local Storage: To store your journal entries, breathing sessions, and settings in the local database

Optional Permissions

• Internet Access: Required for in-app purchase verification (handled by Apple/Google/Huawei) and the optional feedback feature
• Audio Playback: To play soundscapes and ambient sounds during breathing sessions
• File Access: To export your data to files or import from backup (user-initiated only)
• Notifications: For optional mindfulness reminders (if you enable them in settings)
• Haptic Feedback: For optional tactile feedback during breathing sessions

Permissions We DO NOT Request

• Camera or microphone access
• Contact list access
• Location services
• Background app refresh
• Health or fitness data
• Calendar access

7. Data Sharing

We are committed to keeping your mindfulness data private. Here's how we handle data sharing:

We DO NOT Share Your Data With

• Advertisers or marketing companies
• Data brokers or analytics firms
• Social media platforms
• Any third party for commercial purposes

Limited Data Processing

Your data may be processed by the following providers solely for the purpose of providing the service:

• Apple App Store / Google Play Store / Huawei AppGallery: Processes your purchase when you buy sMoment Pro
• sapplify API server: Receives feedback submissions only when you choose to submit feedback

Automated Decision-Making

We do not use automated decision-making or profiling that produces legal effects or similarly significantly affects you. All data processing is for the purpose of providing the mindfulness service you requested.

User-Initiated Sharing

You have full control over sharing your data:

• Export a full backup of your data in JSON format
• Export journal entries in TXT or PDF format
• Import data from a JSON backup or CSV file
• Share exported files with anyone you choose using your device's share sheet

Legal Requirements

We may disclose your information if required by law, such as in response to a valid court order or government request. We will notify you of such requests when legally permitted.

8. Data Security

We implement multiple layers of security to protect your mindfulness data:

Local Security

Network Security

The limited network communication (feedback submission and purchase verification) uses:

• HTTPS/TLS encryption for all data in transit
• Minimal data transmission — only feedback content and basic device context

Your Responsibility

Since your data is stored locally, its security depends on your device's security. We recommend:

• Protect your device with a PIN, password, pattern, or biometric security
• Regularly update your operating system and apps
• Create regular backups via the data export feature
• Be mindful when sharing exported backup files, as they contain all your data

9. Data Retention & Deletion

Local Data

• Local data remains on your device until you delete it or uninstall the app
• Uninstalling the app removes all local data permanently
• You can delete all data from within the app's Data Control screen
• Free users can access journal and session history from the last 7 days; Pro users have access to up to 10 years of history

Feedback Data

• Feedback submissions are retained on our server for the purpose of improving the app
• You can request deletion of your feedback data by contacting us at privacy@sapplify.com

How to Delete Your Data

Delete All Local Data

Go to Settings > Data Control > Delete All Data. This removes all journal entries, breathing sessions, settings, and purchase status from your device.

Export Before Deletion

We recommend exporting your data before deletion. Go to Settings > Data Control > Export Backup to save a full JSON backup of your data.

Selective Deletion

You can also delete individual journal entries or breathing sessions from within the app.

10. Your Rights

You have full control over your personal data:

Access Your Data

You can view all your data within the app at any time. The export functionality allows you to download a complete copy in JSON, TXT, or PDF format.

Correct Your Data

Edit any journal entry directly within the app.

Delete Your Data

Delete individual entries or all data at once. See the Data Retention & Deletion section for details.

Data Portability

Export your data in standard formats (JSON, TXT, PDF) to transfer to other services or for your own records. Import data from JSON backups or CSV files.

Withdraw Consent

You can:

• Disable notifications at any time in settings
• Choose not to submit feedback
• Delete all local data from the Data Control screen

GDPR Rights (EU Users)

If you are in the European Union, you have additional rights under GDPR including:

• Right to access your personal data
• Right to rectification of inaccurate data
• Right to erasure ("right to be forgotten")
• Right to data portability
• Right to object to processing
• Right to lodge a complaint with a supervisory authority

CCPA/CPRA Rights (California Users)

California residents have the right to:

• Know what personal information is collected
• Request deletion of personal information
• Opt-out of the sale of personal information
• Non-discrimination for exercising privacy rights

We do not sell or share your personal information. We do not "sell" your data as defined by the CCPA, nor do we "share" it for cross-contextual behavioral advertising purposes. We have no advertising in our app and do not monetize your data in any way.

Sensitive Personal Information: Your mindfulness and journal data may be considered "Sensitive Personal Information" under California law. We only use this information for the purpose of providing the sMoment mindfulness service that you requested. We do not use your sensitive personal information for any secondary purposes.

11. Children's Privacy

sMoment is intended for users who are at least 13 years old. We do not knowingly collect personal information from children under 13. In some EU member states, the minimum age for consenting to data processing may be higher (up to 16 years) in accordance with local law under GDPR Article 8.

• Since sMoment stores all data only locally and does not require an account, we cannot determine a user's age
• Parents or guardians should supervise app usage and help set up appropriate settings
• If we discover we have collected data from a child under 13 (e.g., through the feedback feature), we will delete it promptly

If you believe a child under 13 has provided us with personal information, please contact us at contact@sapplify.com.

12. International Users

sMoment is available to users worldwide. Since all data is stored locally on your device, there are no cross-border data transfers during normal app usage.

Feedback Submissions

If you choose to submit feedback, the data is transmitted to our API server. We apply the same high standards of data protection regardless of your location.

Supported Languages

sMoment currently supports 15 languages:

• English
• German (Deutsch)
• French (Français)
• Italian (Italiano)
• Spanish (Español)
• Portuguese (Português)
• Dutch (Nederlands)
• Polish (Polski)
• Czech (Čeština)
• Slovak (Slovenčina)
• Turkish (Türkçe)
• Russian (Русский)
• Japanese (日本語)
• Chinese (中文)
• Korean (한국어)

13. Data Breach Notification

We take data security seriously. In the unlikely event of a data breach affecting the limited personal information we hold (feedback submissions), we will:

Notification Process

• Assess the breach: Immediately investigate the scope and impact
• Notify authorities: Report to relevant data protection authorities within 72 hours as required by GDPR Article 33
• Notify affected users: Inform you without undue delay if the breach poses a high risk to your rights and freedoms, as required by GDPR Article 34
• Provide details: Inform you of the nature of the breach, potential consequences, and measures taken

What We Will Communicate

• Description of the breach and data involved
• Likely consequences of the breach
• Measures taken or proposed to address the breach
• Recommendations for protecting yourself
• Contact information for follow-up questions

Your Local Data

Data stored only locally on your device is not affected by server-side breaches. Since sMoment stores nearly all data locally, your journal entries, breathing sessions, and settings are inherently protected from remote breaches.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, add new features, or comply with legal requirements.

How We Notify You

When we make material changes, we will notify you by:

• Posting an in-app notification when you next open sMoment
• Updating the "Last updated" date at the top of this policy
• Updating the privacy policy in app store descriptions

Your Continued Use

Your continued use of sMoment after changes are posted constitutes your acceptance of the updated Privacy Policy. If you do not agree with the changes, you should stop using the app.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your data.

15. Governing Law

This Privacy Policy and any disputes arising from it are governed by the laws of the Slovak Republic, without regard to conflict of law principles. This does not affect your mandatory consumer protection rights under EU law, which may provide additional protections regardless of the governing law.

Jurisdiction

For users in the European Union, any disputes shall be subject to the jurisdiction of the courts in Slovakia, unless mandatory consumer protection laws in your country of residence provide otherwise.

EU Users

If you are located in the European Union, you have the right to lodge a complaint with your local data protection supervisory authority if you believe we have violated your data protection rights.

As we are based in Slovakia, our lead supervisory authority is:

Úrad na ochranu osobných údajov Slovenskej republiky
(Office for Personal Data Protection of the Slovak Republic)
Hraničná 12
820 07 Bratislava 27
Slovak Republic
Website: dataprotection.gov.sk
Email: statny.dozor@pdp.gov.sk

Dispute Resolution

We encourage you to contact us first at contact@sapplify.com to resolve any concerns or disputes. We are committed to working with you to reach a fair resolution.

16. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your data, please contact us:

General Inquiries: contact@sapplify.com

Privacy & Data Protection: privacy@sapplify.com

We are committed to addressing your privacy concerns and will respond to your inquiry within 30 days.

Data Protection Inquiries

For specific data protection requests (access, deletion, correction of feedback data), please email us with:

• A clear description of your request
• Any relevant details to help us locate your data (e.g., the email address you included with feedback)