Applicability
This Privacy Policy explains how this mobile application and any related mobile features, content, and support functions (collectively, the “Services”) handle personal information. It applies when you download, access, use, or otherwise interact with the Services.
This Policy is intended for a mobile app distribution context, including App Store publication. Some sections may apply only in certain jurisdictions, when specific features are enabled, or when the Services process particular categories of information. Where a feature is not currently offered, the related provision should be read as applying only if and when that feature becomes available.
Identity of the Controller
For the purposes described in this Policy, the data controller responsible for deciding how personal information is processed is Galois Field Limited.
If a local law uses a different term, such as “business,” “controller,” or a similar concept, that term should be understood consistently with the role described above.
Information We Collect About You
The information we collect depends on how you use the Services, which features you enable, what permissions you grant, and which third-party tools are integrated into the product.
Information you provide directly
You may provide information when you create an account, complete onboarding, make a purchase, contact support through the method identified at the end of this Policy, respond to surveys, or submit content through the Services. Depending on how you use the app, this information may include your name, email address, login credentials, profile details, preferences, billing-related information, messages to support, feedback, survey responses, and any content or materials you choose to submit through the Services.
Information collected automatically
When you use the Services, certain information may be collected automatically from your device or app session. This may include device model, operating system version, app version, language settings, general region, network diagnostics, timestamps, crash information, usage events, subscription state, identifiers made available by the platform, and similar technical data needed to operate, secure, and improve the Services.
Information from app stores, payment processors, and partners
If you subscribe, start a trial, restore purchases, or otherwise complete an in-app purchase, we may receive transaction-related details from Apple, Google, or another platform operator. These records may include subscription product identifiers, purchase status, renewal status, country or storefront, and limited verification details needed to confirm whether a purchase is valid.
If the Services rely on hosting, analytics, attribution, customer support, content delivery, authentication, or fraud-prevention providers, we may also receive information from those providers in connection with the services they perform on our behalf.
Sensitive permissions and optional features
If the Services request access to photos, camera, microphone, location, contacts, calendars, health information, Bluetooth, motion data, files, or similar sensitive device resources, the request will depend on the product feature involved and the permissions you choose to grant. We access such information only when needed to provide the relevant feature and only to the extent permitted by your device settings and applicable law.
Why We Process Personal Data
We process personal information to provide the Services, operate the app as requested, maintain accounts and subscriptions, personalize the user experience, protect the integrity of the product, respond to requests, comply with law, and support legitimate business operations connected to the app.
Examples of these purposes may include:
- delivering the core features of the Services and any paid functionality;
- setting up and maintaining user accounts, preferences, and session state;
- verifying purchases, subscriptions, renewals, cancellations, refunds, and restoration requests;
- monitoring usage, stability, diagnostics, and service performance;
- detecting abuse, fraud, unauthorized use, security incidents, and policy violations;
- improving product design, onboarding, retention, monetization, and support workflows;
- sending transactional notices, service announcements, and legally required communications;
- complying with tax, accounting, consumer protection, regulatory, and law-enforcement obligations; and
- enforcing contractual rights, preventing harm, and defending legal claims.
Where the Services include experiments, recommendations, or feature flags, personal information may also be used to evaluate product changes and improve relevance, provided that such use is permitted by applicable law.
Legal Grounds for Processing
Where a legal basis is required, we generally rely on one or more of the following grounds:
- performance of a contract, including when processing is necessary to provide the Services you request, manage your account, or fulfill a subscription transaction;
- legitimate interests, including operating, securing, improving, and supporting the Services, provided those interests are not overridden by your rights;
- consent, where a feature depends on optional permissions, marketing consent, or other processing that requires your agreement; and
- compliance with legal obligations, including tax, accounting, recordkeeping, regulatory, and law-enforcement requirements.
If consent is the legal basis for a particular activity, you may withdraw that consent through device settings, app permissions, or other controls available to you, although doing so may affect certain features.
Disclosure and Recipients
We may share personal information with service providers, contractors, and professional advisers that help us operate the Services, including providers for cloud hosting, infrastructure, analytics, attribution, customer support, fraud prevention, identity verification, communications, payment administration, and similar operational needs. These parties are expected to process information only as needed to perform services for us, subject to contractual and legal safeguards.
We may also disclose information when necessary to comply with law, respond to lawful requests, protect the rights or safety of users or others, investigate misuse, support a merger or financing transaction, or enforce our agreements and internal policies. If the business is reorganized, sold, or involved in an investment or asset transfer, relevant information may be disclosed as part of that process subject to appropriate protections.
Where service providers, infrastructure, personnel, or platform operators are located outside your country, personal information may be transferred internationally. Such transfers may involve jurisdictions that do not provide the same level of statutory protection as your home jurisdiction. When required, we use contractual measures, internal policies, technical controls, and other legally recognized safeguards designed to protect transferred information.
Security Measures
We use administrative, technical, and organizational measures that are designed to protect personal information against unauthorized access, destruction, alteration, loss, misuse, or disclosure. These measures may include access controls, environment segregation, encryption in transit, credential management, logging, provider due diligence, and role-based restrictions appropriate to the nature of the information processed.
No internet or mobile service can be guaranteed to be completely secure, and no safeguard eliminates all risk. For that reason, you should keep your device protected, maintain current software, safeguard account credentials, and use care when submitting information through any digital service.
Data Retention Periods
We retain personal information for as long as reasonably necessary for the purposes described in this Policy, including to provide the Services, maintain business and financial records, honor purchases and refunds, resolve disputes, detect abuse, comply with law, and enforce our agreements.
Retention periods vary depending on the type of information, the feature involved, whether an account remains active, whether a subscription or payment record must be preserved, and whether the information is needed for safety, legal, or operational reasons. When information is no longer required, we will delete, anonymize, aggregate, or otherwise de-identify it where feasible, subject to backups, technical constraints, and legal retention duties.
How to Exercise Your Data Protection Rights
Depending on your jurisdiction, you may have rights to request access to personal information, correction of inaccurate information, deletion, restriction, portability, objection to certain processing, or withdrawal of consent where consent is the basis for processing.
You may also have rights to appeal a decision, complain to a regulator, or request additional information about disclosures, retention, automated decision-making, or data portability. To exercise rights or make a privacy-related request, use the information in the Contact Us section at the end of this Policy.
Before responding, we may need to verify your identity, confirm your relationship to the Services, and understand the scope of your request. We may limit or decline a request where permitted by law, including when we cannot verify identity, when an exemption applies, or when the request is manifestly unfounded, excessive, or inconsistent with legal obligations.
Links and Integrated Services
The Services may contain links to websites, content, payment flows, login tools, or integrations offered by third parties. Their privacy practices are governed by their own terms and notices rather than this Policy.
We encourage you to review the privacy information provided by third-party services before submitting information to them or enabling integrated features.
Information About Children
The Services are not directed to children under 13 unless expressly stated otherwise in product materials. We do not intend to knowingly collect personal information from children in violation of applicable law.
If you believe a child has provided personal information through the Services without the required authorization, use the information in the Contact Us section at the end of this Policy so that we can review the situation and take appropriate steps.
Tracking and Advertising Choices
The Services may use cookies, SDKs, local storage, pixels, log files, or similar technologies to remember settings, support analytics, measure campaign performance, prevent fraud, and improve functionality across sessions and devices. On mobile platforms, this may include identifiers or permissions governed by Apple or Google platform rules.
Where applicable, you can manage advertising and tracking preferences through device settings, permission prompts, or platform controls such as Apple’s App Tracking Transparency framework. Disabling tracking may affect analytics, attribution, personalization, or certain app features.
Updates
We may revise this Privacy Policy from time to time to reflect product changes, legal developments, operational updates, or new data practices. If we make material changes, we may provide additional notice where required by law or where the product design makes that appropriate. The version then in effect will apply when you continue to use the Services after the updated Policy becomes effective.
Contact Us
You may contact us at any time for more information about this Privacy Policy and any prior versions. If you have any questions about our Services, please contact us at: support@galoisfield.com