Privacy Policy

Last Updated: May 13, 2026

Mindrot ("Mindrot," "we," "us," or "our") respects your privacy. This Privacy Policy explains what personal data we collect when you use the Mindrot mobile app, why we collect it, who we share it with, how long we keep it, and the rights you have over it. It is written to meet the EU General Data Protection Regulation (GDPR), the UK GDPR, and the California Consumer Privacy Act (CCPA/CPRA). If you do not agree with this policy, please do not use the app.

If you have any questions, or want to exercise any of your rights, contact us at [email protected]. We respond to privacy requests within 30 days (one month).

1. Who we are

Mindrot is a screen-time and digital well-being app for iOS and Android. It is operated by Launchroom (the "controller" of your personal data under GDPR). You can reach us at [email protected]; contact us at that address if you need our postal address for a formal request. If you are in the EEA or UK and we are required to designate a representative, the representative's details are available on request at the same address.

2. A note on Apple Screen Time data

Mindrot uses Apple's Screen Time APIs (Family Controls, ManagedSettings, DeviceActivity) to block apps, apply limits, and show you usage reports. Because of how Apple designed these APIs, the detailed breakdown of which apps you use, for how long, and when stays on your device. We cannot read it, we cannot send it to our servers, and we never see it. Any chart, total, or app list you see in Mindrot is rendered on your device by Apple's own report component; the underlying numbers never leave the phone. The same is true on Android for the on-device usage data the app reads.

3. The data we collect

We collect only what the app needs to work and to be improved. Categories:

  • Anonymous app identifier: A random identifier (a UUID) generated on first launch and stored on your device. It is not your name, Apple ID, phone number, or advertising ID. It lets us count installs and attach analytics and crash reports to a consistent but anonymous profile.
  • Profile information: A display name and avatar. The display name is auto-generated on first launch; you can change it at any time in Settings. We do not ask for, store, or transmit your email address, real name, or contact details.
  • App activity and usage events: Things you do inside Mindrot: opening the app, starting and completing focus sessions ("Detox"), creating and honoring schedules, interventions shown, leaderboard activity, XP and streaks, and which features you use. This is activity inside Mindrot itself, not the Apple Screen Time data described above.
  • Subscription status: Whether you have an active Mindrot subscription, which plan, and renewal or expiry, handled through our payments provider RevenueCat. We do not receive or store your card details; Apple and Google handle payment.
  • Crash and diagnostic data: If the app crashes or misbehaves, we receive crash logs and diagnostic information (stack traces, device state, app version) so we can fix it. Some performance and network telemetry is collected to keep the app stable.
  • Device and technical data: Device model, operating system version, app version, language and region setting, and a push notification token. The push token is stored on your device and used to schedule local notifications; it is not currently transmitted to us.
  • Session replay (limited): We use PostHog's session replay to understand how the app's screens are used. Text, text inputs, and images are masked, and the Apple Screen Time report views are masked, so the replay shows interaction patterns, not your content. Replay is sampled and may be off entirely depending on our settings.

We do not collect your contacts, photos, precise location, health data, browsing history, messages, or the contents of other apps. We do not use Apple's App Tracking Transparency identifier (IDFA), and we do not track you across other companies' apps or websites for advertising.

4. Why we use your data, and our lawful basis

Under GDPR we must have a lawful basis for each purpose. Ours are:

  • To provide the app (Article 6(1)(b), performance of a contract): Running focus sessions and schedules, blocking apps, showing your stats, the leaderboard, XP, streaks, and quests, and remembering your settings.
  • To manage your subscription (Article 6(1)(b), contract): Checking whether you have access to paid features and handling restores and refund requests.
  • Analytics, crash reporting, and product improvement (Article 6(1)(f), legitimate interests): Understanding how the app is used and where it breaks so we can make it better. We have weighed this against your interests; the data is pseudonymous, is not used to make decisions about you, and is not used for advertising. You can object to this at any time (see Section 8), and we are working on in-app controls to switch it off.
  • Notifications you have turned on (Article 6(1)(a), consent, or 6(1)(f)): Local reminders, streak nudges, and motivational notifications, controlled by the toggles in Settings. Turn them off there at any time.
  • Legal, safety, and refund handling (Article 6(1)(c) and (f)): Complying with law, handling App Store refund requests (which may involve sharing limited consumption data with Apple), and protecting against fraud and abuse.

5. Who we share data with

We do not sell your personal data and we do not share it with advertisers or data brokers. There is no Mindrot-operated server and no central account database; the in-app leaderboard you see is generated on your device. We do use a small number of trusted service providers ("processors") who handle data on our instructions:

  • Google / Firebase (United States): Analytics, crash reporting (Crashlytics), and remote configuration. Privacy policy: firebase.google.com/support/privacy and policies.google.com/privacy. Sub-processors: cloud.google.com/terms/subprocessors.
  • Mixpanel (United States): Product analytics: app usage events tied to the anonymous identifier, display name, XP, and streak. Privacy policy: mixpanel.com/legal/privacy-policy. Sub-processors: mixpanel.com/legal/subprocessor-list.
  • PostHog (European Union): Product analytics and session replay, stored in the EU. Privacy policy: posthog.com/privacy. Sub-processors: posthog.com/subprocessors.
  • RevenueCat (United States): Subscription management. May share limited app-usage information with Apple to help Apple decide on a refund request you make. Privacy policy: revenuecat.com/privacy. Sub-processors: listed in Annex 3 of revenuecat.com/dpa.
  • Apple and Google: As the app stores and payment processors, and (for Apple) for refund decisioning as described above and in our Terms of Use.

We may also disclose data if required by law, to enforce our Terms, or to protect the rights, safety, and property of users or the public.

6. International data transfers

Some of our processors are in the United States (Google/Firebase, Mixpanel, RevenueCat), so the data described above is transferred there. PostHog data is stored in the European Union. Where data leaves the EEA or the UK, we rely on appropriate safeguards: the European Commission's Standard Contractual Clauses (with the UK Addendum where relevant) and, where the recipient is certified, the EU-US Data Privacy Framework. We have a Data Processing Agreement (or have accepted the equivalent Data Processing Addendum) in place with each US processor. We can provide our transfer assessment on request at [email protected].

7. How long we keep data

  • On your device: Your profile, settings, focus session history, schedules, stats, leaderboard cache, and quests are stored locally. Focus session history older than about 90 days rolls off automatically. Everything is removed when you choose "Delete Account" in the app or when you uninstall.
  • After "Delete Account": We erase the personal data we hold about you and stop associating new activity with you.
  • With our processors: Firebase Crashlytics retains crash diagnostics for 90 days. Mixpanel retains analytics events for 2 years (its free-plan default). PostHog retains analytics events for 1 year and session recordings for 30 days (the most conservative option we could pick). RevenueCat retains subscription records for the lifetime of your subscription so restores and refunds keep working. Firebase Analytics is disabled in Mindrot, so there is no analytics retention with Google. Where we ask processors to delete data on your behalf, we forward the request in line with our agreements with them and follow up where the law requires us to.

8. Your rights

If you are in the EEA or the UK, you have the right to: access the personal data we hold about you; have inaccurate data corrected; have your data erased; restrict or object to processing (including objecting to analytics processing carried out on the basis of our legitimate interests); receive your data in a portable, machine-readable format; and withdraw any consent you have given, without affecting processing already carried out. You also have the right to lodge a complaint with your local data protection supervisory authority.

  • In the app: Edit your display name in Settings. Use "Delete Account" in Settings to erase your on-device data.
  • By email: Email [email protected] for access, portability, correction, restriction, objection, or deletion. We reply within 30 days. Because there is no account login, we may ask for the anonymous app identifier shown in Settings so we can locate the right records.

California residents: you have the right to know what personal information we collect and how we use and disclose it, to request its deletion, and not to be discriminated against for exercising these rights. We do not "sell" or "share" personal information as those terms are defined under the CCPA/CPRA. Make a request at [email protected].

9. Children

Mindrot is intended for users aged 16 and over (or the minimum age of digital consent in your country, which is between 13 and 16 in the EEA). We do not knowingly collect personal data from children below that age without verified parental consent. If you are a parent or guardian and believe a child has provided us with personal data, contact us at [email protected] and we will delete it.

10. Security

The anonymous app identifier is stored in the device keychain. Other on-device data is stored in the app's sandboxed storage with the operating system's default protection. Data in transit to our processors is encrypted with TLS. As described in Section 2, Apple Screen Time data is processed on your device. No method of storage or transmission is completely secure, but we take reasonable measures to protect your data. We do not collect or store user email addresses, so the risk of email-based account compromise is not applicable to Mindrot.

11. Changes to this policy

We will update this policy when our data practices change. Material changes will be noted in the changelog below and reflected by the "Last Updated" date above. Continued use of the app after a change means you accept the updated policy.

12. Contact

Questions, requests, or complaints: [email protected]. Our Terms of Use are available here.

Changelog

  • May 13, 2026: Rewritten for GDPR and UK GDPR completeness: added lawful bases per purpose, international transfer mechanisms, the full list of data-subject rights, the processor list (now including PostHog and session replay), retention periods, and a CCPA section; minimum age raised to 16; clarified the effect of "Delete Account"; removed all references to email collection because Mindrot no longer asks for or stores user email addresses. Disclosed per-processor retention (Crashlytics 90 days, Mixpanel 2 years, PostHog events 1 year and session replay 30 days, RevenueCat for the subscription lifetime), noted that Firebase Analytics is disabled, added pointers to each processor's published sub-processor list, and recorded that Data Processing Agreements are in place with each US processor.
  • March 10, 2026: Initial version.