Privacy Policy

Last updated: February 20, 2026

1. Data Controller

The Data Controller of your personal data is:

(hereinafter referred to as "we", "us", "our" or the "Data Controller")

2. Applicable Legislation

This Privacy Policy is provided in accordance with:

3. What Personal Data We Collect

3.1 Data You Provide Directly

Data Category Specific Data Purpose
Account Registration Data Email address, password (stored in hashed form) Account creation, authentication, and management

3.2 Data Collected Automatically

Data Category Specific Data Purpose
Device Information Device model, operating system version, unique device identifiers, language settings App functionality, compatibility, and troubleshooting
Usage Data App interaction data, features used, session duration, crash logs Improving app performance and user experience
Analytics Data (Firebase) App opens, screen views, in-app events, session data, device model, OS version, app version, language, country (derived from IP) Understanding app usage patterns, measuring feature adoption, and improving user experience via Google Firebase Analytics
Advertising Identifiers IDFA (iOS), Google Advertising ID (Android) Serving personalized advertisements via Google AdMob
Purchase Data Transaction identifiers, subscription status, purchase history (processed via RevenueCat) Managing in-app purchases and subscriptions
Network Information IP address, connection type Security, fraud prevention, and service delivery

3.3 Data We Do NOT Collect

We do not collect: precise geolocation, contacts, photos, health data, financial data (payment processing is handled entirely by Apple/Google and RevenueCat), or any special categories of data as defined in Article 9 GDPR.

4. Legal Basis for Processing (Art. 6 GDPR)

Purpose Legal Basis
Account creation and authentication Performance of a contract (Art. 6(1)(b) GDPR) — necessary to provide the service you requested
In-app purchase management Performance of a contract (Art. 6(1)(b) GDPR) — necessary to fulfil your purchases
Personalized advertising (AdMob) Consent (Art. 6(1)(a) GDPR) — only processed after your explicit consent
Non-personalized advertising Legitimate interest (Art. 6(1)(f) GDPR) — to sustain free features of the app
Analytics and app improvement (Firebase Analytics) Consent (Art. 6(1)(a) GDPR) — only processed after your explicit consent
Security and fraud prevention Legitimate interest (Art. 6(1)(f) GDPR) — to protect our service and users
Legal compliance Legal obligation (Art. 6(1)(c) GDPR) — to comply with applicable laws

5. Third-Party Service Providers (Data Processors)

We use the following third-party services that may process your personal data on our behalf:

5.1 Amazon Web Services (AWS) — Authentication and Infrastructure

5.2 RevenueCat — In-App Purchase Management

5.3 Google Firebase Analytics — Analytics

5.4 Google AdMob — Advertising

5.5 Apple / Google — App Distribution and Payments

6. International Data Transfers

Some of our third-party service providers are located outside the European Economic Area (EEA), primarily in the United States. When personal data is transferred outside the EEA, we ensure that appropriate safeguards are in place, including:

You may request a copy of the applicable safeguards by contacting us at the email address provided in Section 1.

7. Data Retention

Data Retention Period
Account data (email, credentials) Until you delete your account
Purchase/subscription data For the duration of the subscription plus the legally required retention period for tax/accounting purposes (10 years under Italian law, Art. 2220 Civil Code)
Usage and analytics data 12 months from collection
Firebase Analytics data 14 months (default Firebase retention) or 2 months (configurable in Firebase Console)
Advertising data Managed by Google AdMob according to their retention policies
Server logs (IP, access logs) Maximum 12 months

When you delete your account, we will erase or anonymize your personal data within 30 days, except where retention is required by law.

8. Your Rights Under GDPR

Under the GDPR and the Italian Privacy Code, you have the following rights:

How to Exercise Your Rights

Right to Lodge a Complaint

If you believe that the processing of your personal data violates the GDPR or the Italian Privacy Code, you have the right to lodge a complaint with the Italian Data Protection Authority:

9. Consent for Advertising and Tracking

In compliance with the ePrivacy Directive (as implemented in Italy by Art. 122 of the Privacy Code) and the Garante's Guidelines on cookies and tracking tools (June 2021), we request your explicit consent before:

You may grant, deny, or withdraw your consent at any time through the consent dialog within the app. If you deny consent, you will still see advertisements, but they will be non-personalized.

On iOS, we also comply with Apple's App Tracking Transparency (ATT) framework and will present the system tracking authorization prompt before accessing your device's advertising identifier.

10. Children's Privacy

Our app is not directed to children under the age of 16 (the minimum age for consent under Italian implementation of the GDPR, Art. 2-quinquies of the Privacy Code). We do not knowingly collect personal data from children under 16. If we become aware that we have collected personal data from a child under 16 without appropriate consent, we will take steps to delete that information as soon as possible.

11. Automated Decision-Making

We do not engage in automated decision-making or profiling that produces legal effects or similarly significantly affects you, as defined in Article 22 GDPR. Google AdMob may use automated processes to select advertisements; however, this does not produce legal or similarly significant effects on you.

12. Security Measures

We implement appropriate technical and organizational measures to protect your personal data, including:

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

Where changes involve new processing activities that require your consent, we will seek your consent before implementing such changes. We encourage you to review this Privacy Policy periodically.

14. Contact Us

For any questions or requests regarding this Privacy Policy or the processing of your personal data, please contact us at: