Privacy Polic
Last Updated: November 23, 2025Introduction
Brainheal ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application Brainheal (the "App").
Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the App.
Information We Collect
1. Screen Time Data
What we collect:
- App usage duration and frequency
- Screen time statistics for installed applications
- Application categories and names
- Historical usage data (up to 30 days)
How we collect it:
- Through Apple's ScreenTime API with your explicit permission
- Data is processed locally on your device
- Historical averages are calculated on-device
How we use it:
- To display your daily screen time statistics
- To calculate usage trends and progress metrics
- To provide personalized insights about your phone usage
- All processing happens on your device; we do not transmit this data to our servers
Storage:
- Screen time data is cached locally in App Groups
- Data remains on your device and is not uploaded to external servers
- You can delete this data by uninstalling the app
2. Account and Authentication Data
What we collect:
- Unique user identifier generated by our authentication system
- Account creation timestamp
How we collect it:
- When you create an account through our authentication flow
- Managed through Firebase Authentication
How we use it:
- To create and manage your account
- To authenticate your access to VPN services
- To manage your subscription status
3. VPN Usage Data
What we collect:
- VPN connection status (connected/disconnected)
- Connection timestamps
What we do NOT collect:
- Your browsing history
- Websites you visit
- Content of your internet traffic
- DNS queries
- IP addresses of websites you access
How we use it:
- To provide VPN connectivity services
- To manage bandwidth limitations as per your subscription
- To maintain service quality and performance
4. Subscription and Payment Information
What we collect:
- Subscription status (active/inactive)
- Subscription plan type (weekly, monthly, annual)
- Purchase confirmation from App Store
How we use it:
- To verify your subscription status
- To enable premium features (VPN, unlimited sessions)
- To process subscription renewals and cancellations
Note: We do not collect or store payment card information. All payments are processed securely through Apple's App Store.
5. Analytics Data
What we collect:
- App usage events (screens viewed, buttons clicked)
- Feature usage statistics
- Onboarding completion rates
- Session duration and frequency
- Error logs and crash reports
- User flow and navigation patterns
How we collect it:
- Through Firebase Analytics
- Automatically tracked when you interact with the app
How we use it:
- To understand how users interact with the app
- To improve app features and user experience
- To identify and fix bugs and errors
- To measure feature adoption and effectiveness
- To optimize onboarding flow and reduce drop-offs
Events we track:
- Onboarding step views and completions
- Subscription view presentations and conversions
- VPN connection toggles
- Screen time data views
- Button clicks and user interactions
- Purchase flows (starts, completions, failures)
- Session starts and ends
6. Device Information
What we collect:
- Device type (iPhone/iPad)
- Operating system version
- App version
- Device language and region settings
How we collect it:
- Automatically collected by Firebase and the App
- Standard mobile app data collection
How we use it:
- To ensure app compatibility
- To provide appropriate app features for your device
- To debug and resolve technical issues
Third-Party Services
We use the following third-party services that may collect information:
Firebase (Google)
- Services used: Authentication, Analytics, Cloud Services
- Privacy Policy: https://firebase.google.com/support/privacy
- Data collected: User authentication data, analytics events, crash reports
RevenueCat
- Services used: Subscription management and payment processing
- Privacy Policy: https://www.revenuecat.com/privacy
- Data collected: Subscription status, purchase confirmations, product identifiers
Digital Ocean
- Services used: VPN server hosting
- Privacy Policy: https://www.digitalocean.com/legal/privacy-policy
- Data collected: VPN connection metadata only (no browsing data)
Apple ScreenTime API
- Services used: Screen time data access
- Privacy Policy: https://www.apple.com/legal/privacy/
- Data collected: App usage statistics processed locally on device
How We Use Your Information
We use the information we collect to:
1. Provide Core Services:
- Display screen time statistics and insights
- Provide VPN connectivity with bandwidth management
- Manage user accounts and authentication
2. Improve User Experience:
- Analyze app usage patterns
- Optimize features and performance
- Fix bugs and technical issues
- Enhance onboarding flow
3. Manage Subscriptions:
- Verify subscription status
- Enable premium features
- Process purchases and renewals
4. Communicate with You:
- Send service-related notifications
- Respond to customer support inquiries
Data Retention
- Screen Time Data: Stored locally on your device; up to 30 days of historical data
- Account Data: Retained while your account is active; deleted upon account deletion
- Analytics Data: Retained by Firebase according to their data retention policies
- VPN Connection Logs: Temporary connection metadata deleted after session ends
- Subscription Data: Retained as long as required for tax and legal compliance
Data Security
We implement appropriate technical and organizational security measures to protect your information:
- Encryption: All data transmitted between the app and our servers is encrypted using industry-standard protocols (HTTPS, TLS)
- VPN Security: WireGuard protocol with strong encryption
- Authentication: Secure Firebase Authentication
- Local Storage: Screen time data encrypted in device keychain and app groups
- Server Security: VPN server protected with firewall rules (iptables) and secure access controls
However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by:
- Updating the "Last Updated" date at the top of this Privacy Policy
You are advised to review this Privacy Policy periodically for any changes.
Data Not Collected
For transparency, here's what we explicitly DO NOT collect:
- VPN Browsing Data: We do not log, monitor, or store:
- Websites you visit
- DNS queries
- Browsing history
- Internet traffic content
- IP addresses of destination servers
- Personal Content:
- Messages or communications
- Photos or media files
- Contact lists
- Location data (GPS)
- Biometric data
- Cross-App Tracking:
- We do not track your activity across other apps or websites
Your Choices
Screen Time Data
- You can revoke Screen Time permissions at any time through iOS Settings
- The app will not function without Screen Time access as it's core to the service
VPN Service
- You can disconnect from VPN at any time
- Connection is user-controlled, not automatic
Contact Us
If you have questions or concerns about this Privacy Policy, please contact us at:
Email: brainhealapp@gmail.com
By using Brainheal, you acknowledge that you have read and understood this Privacy Policy and agree to its terms.