The principles
- We collect the minimum an app needs to do its job — nothing for advertising, ever.
- Your content is yours. Notes, lists, snippets, photos and anything else you create stay under your control and can be deleted from inside the app.
- On-device first. Where a feature can run locally — including AI features — it does. Data leaves your device only when a feature needs it (like sync or cloud AI), and only for that feature.
1. What we collect
It varies by app, but falls into four categories: account information (when an app offers sign-in — typically your email and sign-in method); the content you create (synced only if you enable sync, via iCloud or our sync provider); purchase state (whether a subscription is active — never your card details); and basic diagnostics (crashes and anonymous usage, which you can opt out of in the app's settings where offered).
2. What we never do
We do not sell your data, share it with advertisers or data brokers, or allow third-party AI providers to train their models on your content.
3. Payments
Purchases are processed by Apple (App Store) or Paddle (Paddle.com Market Ltd, our merchant of record for web purchases). Apple shares with us only your entitlement state. Paddle collects the name, email, and billing details needed to take payment and calculate tax, and shares back your entitlement and basic transaction details — not your full card number.
4. Service providers
Our apps run on a small set of infrastructure providers under data-processing agreements: Apple (App Store, iCloud, Sign in with Apple), Paddle (web payments), and per-app providers for sync, authentication, AI processing, crash reporting, analytics, and hosting. Each app's own privacy policy names its exact providers.
5. Retention
We keep your content while your account or app data exists. When you delete your account or data from an app, associated server-side content is removed within 30 days. Diagnostic logs are kept up to 90 days.
6. Your rights
You may access, export, or delete your data from inside each app, and you can email vedran@caffeinatedcode.co for any GDPR / CCPA request — access, correction, deletion, or portability. We respond within 30 days.
7. Children
Our apps are not directed at children under 13, and we do not knowingly collect personal information from anyone under 13.
8. International transfers
Our providers operate in the European Union, the United States, and other countries. Where data leaves the EEA it is protected by standard contractual clauses or equivalent safeguards.
9. Changes
If we materially change this policy we will announce it in-app or on this site and update the effective date above.
10. Contact
Caffeinated Code d.o.o., I. K. Sakcinskog 12, 44000 Sisak, Croatia · vedran@caffeinatedcode.co · +385 91 626 5588
See also our Terms of Service and Refund Policy.