DrowZe — Privacy Policy

1. Who we are

DrowZe is operated by Trevix Labs, a sole proprietorship business in Canada.

Contact:

• Email: legal@drowze.ca
• Website: https://drowze.ca

For European users, Trevix Labs acts as the data controller under GDPR.

2. What data we collect and why

2.1 Account data

• What: Email address, Clerk user ID.
• Why: To create and authenticate your account. We use email one-time passcode authentication via Clerk. We do not store passwords.
• Legal basis (GDPR): Contractual necessity — you cannot use the app without an account.
• Retention: Until you delete your account.

2.2 Profile and preferences

• What: Chronotype (morning/evening/intermediate), worker type, target sleep hours, notification preferences, onboarding step, timezone.
• Why: To personalise the shift-aware sleep recommendations. Your chronotype affects bedtime calculations. Your timezone is required for accurate shift-time calculations.
• Legal basis (GDPR): Contractual necessity.
• Retention: Until you delete your account.

2.3 Shift schedule data

• What: Shift templates you create (name, start time, end time, days), scheduled shift instances (dates, times, notes).
• Why: This is the core data the app needs to calculate your sleep windows, bedtime countdowns, nap optimizer recommendations, and mode detection.
• Legal basis (GDPR): Contractual necessity.
• Retention: Until you delete the shifts or your account.

2.4 Sleep session data

• What: Sleep logs you manually enter (bedtime, wake time, duration, quality rating, notes, session type). If you complete wind-down sessions, the completion is logged (session ID, steps completed, duration).
• Why: To calculate your sleep debt, generate your recovery plan, and show your sleep history.
• Legal basis (GDPR): Contractual necessity.
• Retention: Until you delete the sessions or your account. Pro users retain full history; free users see 7 days in the interface but data is retained until account deletion.

2.5 Health data (optional, HealthKit — iOS only)

• What: Sleep data synced from Apple Health: sleep start time, end time, duration, source app.
• Why: To supplement manually logged sessions with data from your Apple Watch, Oura Ring, or other health devices, giving a more complete sleep debt picture.
• How we access it: We only read sleep data from Apple Health. We never write to Apple Health. We never share health data with advertisers, third parties, or RevenueCat.
• Your control: You can revoke HealthKit access at any time in iOS Settings → Privacy & Security → Health → DrowZe.
• Legal basis (GDPR): Explicit consent — you must actively enable this in the app.
• Retention: Synced health sessions are stored in our database until you disable HealthKit sync or delete your account. Disabling sync does not delete previously synced data; account deletion does.

2.6 Nap log data

• What: Planned and actual nap timing, nap type (power/recovery/pre-shift), quality rating.
• Why: To improve nap optimizer recommendations over time and show nap history.
• Legal basis (GDPR): Contractual necessity.
• Retention: Until account deletion.

2.7 Subscription status

• What: Whether your account has an active Pro subscription, plan type (monthly/annual/lifetime), product identifier, expiry date, last verification timestamp.
• Why: To determine which features to show you and to serve Pro features when you are offline or RevenueCat is unreachable.
• Legal basis (GDPR): Contractual necessity.
• Note: We never receive your payment card details. All payment processing is handled by Apple. RevenueCat only provides us with entitlement status.
• Retention: Until account deletion or subscription expiry.

2.8 App events (analytics)

• What: Anonymised events such as which screen opened the paywall, whether onboarding was completed, which features were used. No personally identifiable information is included in event metadata.
• Why: To understand how the app is used so we can improve it. We use this internally only — we do not share analytics data with advertising networks.
• Legal basis (GDPR): Legitimate interest (product improvement).
• Retention: 90 days rolling.

2.9 Device and technical data

• What: Device type, operating system version, timezone offset, app version. IP address is processed transiently by Supabase for authentication requests but is not stored.
• Why: For debugging, crash reporting, and ensuring the app works correctly on your device.
• Legal basis (GDPR): Legitimate interest.
• Retention: 30 days in system logs.

2.10 Advertising identifiers (free tier only)

• What:On the free tier, Google AdMob may access your device's advertising identifier (IDFA on iOS) to show relevant advertisements.
• Why: To generate revenue that keeps the free tier available.
• Your control: You can limit ad tracking in iOS Settings → Privacy & Security → Tracking. Pro subscribers see no ads and AdMob is not initialised for Pro accounts.
• Legal basis (GDPR):Consent — where required by law, we request your consent through Apple's App Tracking Transparency framework before AdMob accesses the IDFA.

3. Third-party services

The following third-party services process your data as part of the app's operation. Each has their own privacy policy.

We do not use:

• Google Analytics or Firebase Analytics
• Facebook SDK or Meta Pixel
• Crashlytics (crashes are logged server-side via Supabase only)
• Any cross-app tracking SDK

4. How we store and protect your data

• All data is stored on Supabase-hosted PostgreSQL databases with AES-256 encryption at rest.
• All data in transit uses TLS 1.2 or higher.
• Row-Level Security (RLS) policies ensure every database query is scoped to the authenticated user — your shift data cannot be accessed by any other user.
• Clerk session tokens are stored encrypted using expo-secure-store (iOS Keychain).
• We do not store payment card numbers, CVV codes, or full payment details anywhere in our systems.

5. Your rights

For all users:

• Access: Request a copy of all data we hold about you. Email legal@drowze.ca.
• Deletion: Delete your account from Profile → Settings → Delete Account. This permanently removes all your data from our systems within 30 days. Note: data may persist in encrypted database backups for up to 90 days before those backups are rotated.
• Portability: Request a JSON export of your shift schedule and sleep history. Email legal@drowze.ca.
• Correction: Update your profile information at any time in the Profile tab.

For EU/UK users (GDPR):

In addition to the rights above, you have the right to:

• Restrict processing: Request that we pause processing of your data while a dispute is resolved.
• Object: Object to processing based on legitimate interest (analytics). You can disable analytics event logging by contacting legal@drowze.ca.
• Withdraw consent: Where processing is based on consent (HealthKit, advertising tracking), withdraw consent at any time in iOS Settings without affecting prior processing.
• Lodge a complaint:With your national data protection authority. In the EU, contact your country's supervisory authority. In the UK, contact the ICO (ico.org.uk).

For California users (CCPA/CPRA):

• Right to know: What personal information we collect and how it is used.
• Right to delete: Request deletion of your personal information.
• Right to opt out of sale/sharing:We do not sell or share your personal information for cross-context behavioural advertising. The "Do Not Sell or Share" right is not applicable as we do not engage in this practice.
• Right to non-discrimination: We will not discriminate against you for exercising your privacy rights.

For Canadian users (PIPEDA):

• You have the right to access your personal information and to challenge its accuracy.
• You may withdraw consent for non-essential data collection (analytics) at any time.
• Contact our Privacy Officer at legal@drowze.ca for any PIPEDA-related requests.

6. Data retention summary

7. Children's privacy

DrowZe is not directed at children under 13 (or under 16 in the EU/UK). We do not knowingly collect personal information from children under these ages. If you believe a child has provided us with personal information, contact privacy@drowze.ca and we will delete it promptly.

8. International data transfers

Supabase stores data in data centres operated by AWS. You can review Supabase's data residency options at supabase.com/docs/guides/platform/regions. Clerk processes authentication data in the United States. RevenueCat processes subscription data in the United States.

For EU/UK users: These transfers are made under appropriate safeguards including Standard Contractual Clauses (SCCs) approved by the European Commission. You can request copies of the SCCs by emailing legal@drowze.ca.

9. Changes to this policy

We will notify you of material changes through an in-app notification and by updating the "Last updated" date above. Continued use of DrowZe after the effective date constitutes acceptance of the revised policy.

10. Contact

Privacy Officer
Trevix Labs
legal@drowze.ca
https://drowze.ca/privacy

For GDPR data subject requests: legal@drowze.ca with subject line "GDPR Request — [your request type]"