Embedded Files
Privacy Policy (ReflAct)
Privacy Policy (ReflAct)
Effective Date: 2026-02-04
Last Updated: 2026-02-
ReflAct (“we,” “our,” or “the Service”) respects your privacy and is committed to protecting your personal data. This Privacy Policy explains what information we collect, how we use it, how we protect it, and the choices you have.
By using ReflAct, you agree to the practices described in this policy.
1. Information We Collect
1. Information We Collect
1) Account Information
1) Account Information
When you sign in, we may collect:
Your email address (or identity provider identifier)
A unique user ID (UID) used to store your data securely
We do not collect your password when using third-party login providers (e.g., Apple, Google, Microsoft).
2) User Content (Mind Logs, Reflections, Actions)
2) User Content (Mind Logs, Reflections, Actions)
ReflAct is designed for personal reflection and self-improvement. Depending on how you use the app, you may store:
Mind logs (your written thoughts, emotions, reflections)
Action logs (tasks, completion status, reasons for missing, notes)
App-generated insights (including AI-assisted summaries, analytics, or reports)
3) Device & Usage Information (Limited)
3) Device & Usage Information (Limited)
We may collect limited technical information for stability and performance, such as:
App version
Device type and OS version
Crash logs and diagnostic events (if enabled)
We do not collect detailed tracking data for advertising.
4) Purchases & Subscription Data
4) Purchases & Subscription Data
If you subscribe to premium features, purchases are handled through the Apple App Store / Google Play and subscription infrastructure (e.g., RevenueCat).
We may receive:
Subscription status (active/inactive)
Product identifiers (monthly/yearly)
Purchase and entitlement information
We do not receive your full payment card details.
2. How We Use Your Information
2. How We Use Your Information
We use your information to:
Provide core app functionality (saving and displaying your logs)
Sync your data across devices
Provide premium subscription access
Generate optional AI-based insights and monthly summaries
Improve app stability, reliability, and performance
Respond to support requests
We do not sell your personal data.
3. Data Storage and Encryption
3. Data Storage and Encryption
1) Encrypted Storage of Your Content
1) Encrypted Storage of Your Content
ReflAct stores your private content (such as mind logs and action logs) in an encrypted form when syncing to the cloud.
This means that when viewing the data directly in our database, the content appears as encrypted text rather than readable plain text.
2) Master Key Storage for Automatic Sync
2) Master Key Storage for Automatic Sync
To enable seamless multi-device sync without requiring a password on each device, ReflAct uses a master encryption key that is stored securely in our cloud infrastructure.
Important:
Because the master key is stored on our servers, it is technically possible for the Service operator to decrypt user content under specific circumstances.
We recognize that this is a privacy trade-off. We chose this design to prioritize:
reliable device-to-device synchronization
user convenience
reduced risk of data loss when switching devices
3) Access Principle
3) Access Principle
Although decryption is technically possible, our policy is:
We do not routinely access your private content.
Access to decryption capability is restricted to the minimum necessary.
We treat your private content as confidential and protected.
4. When We May Access User Content
4. When We May Access User Content
ReflAct is designed so that your content remains private by default. However, we may access or decrypt content only when necessary, such as:
User Support Requests
If you contact us for help resolving a technical issue (e.g., data recovery), we may need to access certain data to assist you.Security, Abuse, or Fraud Prevention
If required to protect the Service, investigate abuse, or prevent fraud.Legal Requirements
If required by law, court order, or government request, we may be obligated to provide data within our control.
We aim to minimize access and only do so when necessary.
5. AI Features and Processing
5. AI Features and Processing
ReflAct may provide optional AI-assisted features, such as:
monthly summaries
behavioral insights
emotion/action pattern analysis
When these features are used:
data may be processed to generate insights
the processing may involve external AI service providers
We take steps to minimize data exposure and use secure transmission.
We do not use your private content to train public AI models without explicit consent.
6. Data Retention
6. Data Retention
We retain your data as long as:
your account is active, or
it is needed to provide the Service.
You may request deletion of your account and associated data at any time.
7. Your Choices and Controls
7. Your Choices and Controls
You can:
edit or delete your logs inside the app
sign out at any time
request deletion of your account and cloud data
Please note:
deleting the app from your device does not automatically delete cloud data.
if you want your cloud data removed, you must request account deletion or use in-app deletion tools (if available).
8. Data Sharing
8. Data Sharing
We do not sell your personal data.
We may share limited information with trusted service providers only to operate the Service, such as:
authentication providers (Apple, Google, Microsoft)
subscription management (e.g., RevenueCat)
cloud infrastructure (e.g., Firebase)
analytics and crash reporting (if enabled)
These providers are only allowed to process data as needed to provide their services.
9. Children’s Privacy
9. Children’s Privacy
ReflAct is not intended for children under the age of 13 (or the minimum legal age in your country).
We do not knowingly collect data from children.
10. Security
10. Security
We take reasonable technical and organizational measures to protect your data, including:
encryption for synced content
access controls
secure transport (TLS)
monitoring and service reliability practices
However, no system is 100% secure, and we cannot guarantee absolute security.
11. International Users
11. International Users
If you use ReflAct outside the country where our servers are located, your data may be transferred and processed internationally.
We take steps to ensure data is handled securely.
12. Changes to This Policy
12. Changes to This Policy
We may update this Privacy Policy from time to time.
If changes are significant, we will notify users through the app or on our website.
13. Contact Us
13. Contact Us
If you have questions about this Privacy Policy or your data, contact us:
Email: allbitceo@gmail.com
Page updated
Google Sites
Report abuse