Privacy Policy

1. Introduction

This Privacy Policy describes how Little Things ("we," "our," or "us") collects, uses, and protects your information when you use the Little Things Gratitude Journal mobile application ("App"). We are committed to protecting your privacy and ensuring the security of your personal information.

2. Information We Collect

2.1 Personal Information You Provide

During Onboarding:

• Display name
• Gender (optional)
• Personal goals and intentions
• Areas you'd like to improve
• How you found our app
• Selected wellness focus areas

Content You Create:

• Gratitude journal entries
• Emotional check-in responses
• Journal reflections and responses to prompts
• Selected emotions and feelings
• App preferences and settings

2.2 Automatically Collected Information

Device and Usage Information:

• Device type and operating system version
• App version and build number
• Usage patterns and feature interactions
• Crash reports and error logs
• Session duration and frequency of use

Technical Information:

• IP address (temporarily for security)
• Device identifiers (for app functionality)
• Timezone and locale settings
• Push notification preferences

2.3 Subscription and Payment Information

• Subscription status and history
• Payment information (processed by Apple, not stored by us)
• Trial usage and conversion data
• RevenueCat customer identifiers

3. How We Use Your Information

3.1 Primary Uses

To Provide App Services:

• Store and sync your gratitude entries across devices
• Personalize your app experience
• Provide progress tracking and history
• Send reminder notifications (if enabled)
• Display your selected backgrounds and preferences

To Improve Our Services:

• Analyze app usage to enhance features
• Identify and fix technical issues
• Develop new features and improvements
• Understand user engagement patterns

3.2 Subscription Management

• Process and manage your subscription
• Send trial expiration reminders
• Handle subscription changes and cancellations
• Provide customer support for billing issues

3.3 Communication

• Send important app updates and notifications
• Respond to your support requests
• Provide technical assistance
• Share feature announcements (if opted in)

4. Legal Basis for Processing (GDPR)

We process your personal information based on:

• Contract Performance: To provide the app services you've subscribed to
• Legitimate Interest: To improve our app and provide customer support
• Consent: For optional features like personalized notifications
• Legal Obligation: To comply with applicable laws and regulations

5. Information Sharing and Disclosure

5.1 We Do Not Sell Your Data

We never sell, rent, or trade your personal information to third parties for marketing purposes.

5.2 Service Providers

We share limited information with trusted service providers:

5.3 Legal Requirements

We may disclose information if required by law or to:

• Comply with legal processes or government requests
• Protect our rights and prevent fraud
• Ensure user safety and security
• Enforce our Terms of Service

5.4 Business Transfers

If we're involved in a merger, acquisition, or sale, your information may be transferred as part of that transaction with equivalent privacy protections.

6. Data Security

6.1 Security Measures

6.2 Data Breach Response

In the unlikely event of a data breach:

• We will notify affected users within 72 hours
• We will report to relevant authorities as required
• We will take immediate steps to secure the breach
• We will provide guidance on protective actions

7. Your Privacy Rights

7.1 Access and Control

7.2 Legal Rights (Where Applicable)

• Right to Access: Request a copy of your personal data
• Right to Rectification: Correct inaccurate personal data
• Right to Erasure: Request deletion of your personal data
• Right to Portability: Receive your data in a machine-readable format
• Right to Object: Opt out of certain data processing activities
• Right to Restrict: Limit how we process your data

7.3 Exercising Your Rights

To exercise these rights:

• Use the in-app data management features
• Contact us at thelittleappcompany@gmail.com
• We will respond within 30 days
• Identity verification may be required

8. Data Retention

8.1 Retention Periods

8.2 Subscription Data

• Subscription history: Retained for tax and legal requirements (typically 7 years)
• Payment information: Not stored by us (handled by Apple)
• Support communications: Retained for 3 years

9. Children's Privacy

9.1 Age Requirements

• The App is designed for users aged 13 and older
• We do not knowingly collect data from children under 13
• Parental consent required for users under 18

9.2 Parental Rights

If you believe your child has provided personal information:

• Contact us immediately at thelittleappcompany@gmail.com
• We will delete the information promptly
• We will take steps to prevent future collection

10. International Data Transfers

10.1 Cross-Border Processing

Your data may be processed in countries other than your residence:

• We use service providers with global infrastructure
• All transfers comply with applicable privacy laws
• Appropriate safeguards are in place for international transfers

10.2 Adequacy Decisions and Safeguards

• EU Standard Contractual Clauses for GDPR compliance
• Privacy Shield (where applicable)
• Data Processing Agreements with all service providers

11. California Privacy Rights (CCPA)

11.1 California Consumer Rights

If you're a California resident, you have the right to:

• Know what personal information we collect
• Delete your personal information
• Opt out of sale (we don't sell data)
• Non-discrimination for exercising your rights

11.2 Categories of Information

• Identifiers: Name, device ID, customer ID
• Personal Characteristics: Gender, preferences (if provided)
• Commercial Information: Subscription status, purchase history
• Usage Data: App interactions, feature usage
• Device Information: Device type, OS version, app version

12. Cookies and Tracking

12.1 Local Storage

The App uses local device storage for:

• App preferences and settings
• Offline content access
• Performance optimization
• Crash prevention and error handling

12.2 Analytics

We use privacy-focused analytics to understand:

• Which features are most useful
• Technical performance issues
• User engagement patterns
• App stability and reliability

12.3 No Third-Party Tracking

• We don't use advertising cookies
• No cross-app tracking or profiling
• No social media tracking pixels
• No behavioral advertising networks

13. Third-Party Integrations

13.1 Apple Services

• App Store Connect: App distribution and payment processing
• StoreKit: Subscription management
• Push Notifications: Reminder notifications (optional)
• CloudKit: No personal data stored in iCloud

13.2 Third-Party Privacy Policies

We recommend reviewing the privacy policies of our service providers:

• [Supabase Privacy Policy]
• [RevenueCat Privacy Policy]
• [Superwall Privacy Policy]
• [Apple Privacy Policy]

14. Data Minimization

14.1 Collection Principles

• We collect only data necessary for app functionality
• Optional information is clearly marked as such
• You can use core features with minimal data sharing
• Regular review and deletion of unnecessary data

14.2 Purpose Limitation

• Data is used only for stated purposes
• No secondary use without explicit consent
• Clear opt-in for any new data uses
• Transparent communication about data practices

15. Updates to This Privacy Policy

15.1 Policy Changes

• We may update this policy to reflect app changes
• Material changes will be prominently communicated
• Continued use constitutes acceptance of updates
• Previous versions archived and available upon request

15.2 Notification Methods

• In-app notifications for significant changes
• Email notification (if you've provided email)
• App Store update notes
• Website posting of updated policy

16. Contact Information

16.1 Privacy Questions

For questions about this Privacy Policy or your data:

• Email: thelittleappcompany@gmail.com
• In-App: Use the "Contact Support" feature
• Mail: 4974 Bancroft Ave. Saint Louis MO 63109
• Website: www.littlethingsapp.com

16.2 Data Protection Officer

If you're in the EU and have privacy concerns:

• DPO Email: thelittleappcompany@gmail.com
• Response Time: 30 days maximum
• Escalation: Contact your local data protection authority

16.3 Supervisory Authorities

EU residents may contact their local data protection authority:

• Find your authority at: ec.europa.eu/justice/data-protection
• Right to lodge complaints about our data practices
• Independent investigation and resolution

17. Special Considerations

17.1 Mental Health Content

• Your journal entries may contain sensitive personal information
• We treat all content with the highest level of security
• Content is never used for advertising or commercial purposes
• Professional counseling disclaimers apply to app content

17.2 Widget Data

• Limited data is shared with iOS widgets for functionality
• Widget data is stored in secure shared app storage
• No personal content is displayed in widgets
• Users control widget background preferences

17.3 Offline Functionality

• Core features work without internet connection
• Data is stored securely on your device
• Sync occurs when connection is restored
• No offline data is shared with third parties

18. Compliance and Certifications

We maintain compliance with:

• General Data Protection Regulation (GDPR)
• California Consumer Privacy Act (CCPA)
• Children's Online Privacy Protection Act (COPPA)
• Apple App Store Privacy Requirements
• SOC 2 Type II (through service providers)