Privacy Policy
This policy describes how the Heads-Up app ("the app", "we", "us"), made by MundaneApps, handles your data. It is written to be truthful and specific about what the app actually does: every claim below is checked against the app's source code before each release (see our release checklist).
1. The short version
- If you never sign in, nothing about you ever leaves your device. Heads-Up works fully offline, forever, with no account.
- If you choose to sign in (optional, Google or Apple), we store the minimum needed to back up and sync your data across your devices: your email, an optional profile, your cadence data, your purchase status, and a device identifier used only to enforce a single-device backup slot on the Pro plan.
- With your consent, we use privacy-friendly analytics (PostHog) and crash reporting (Sentry) to improve the app. Both are off until you opt in, collect no personal data (no name, email, or cadence contents), are hosted in the EU, and can be turned off anytime in Settings. We never use them for advertising.
- We do not sell your data.
2. Data collected, by mode
Local-only mode (no sign-in)
Nothing leaves your device. Your cadences, custom tags, notification schedule, theme preference, and app icon choice are stored only in the app's local storage on your device (and, if you use the home-screen widget, briefly in the OS's widget storage on that same device).
To save you a step, the optional "region" field in your profile is pre-filled using your SIM/carrier country if available, or your device's language/locale setting otherwise. This is a coarse, two-letter country code only (e.g. "US", "IN"), read directly on-device via the operating system, never a phone number or precise location, and no separate permission is required to read it. This happens whether or not you ever sign in; the value only leaves your device if you sign in and it syncs as part of your profile. You can change it at any time.
Signed-in mode (optional)
When you choose to sign in with Google or Apple, we additionally process:
| Data | Purpose |
|---|---|
| Email address (from your sign-in provider) | Account identification; transactional email (see §6) |
| Optional profile: name, gender, occupation, region (region may be pre-filled from your SIM/carrier country or device locale, see above) | Shown back to you in the app; not used for any other purpose |
| Cadence data (titles, schedules, tags, notes) | Cloud backup and, on our Pro+ plan, cross-device sync |
| Purchase/subscription status | Determining your plan tier (Free / Pro / Pro+) |
| A device identifier and a device label you can edit | Enforcing the Pro plan's single-device backup slot, and detecting when you've switched devices |
| Consent record: policy version and timestamp | Evidence that you accepted this policy and our Terms of Service |
We do not collect your birth date, phone number, or precise location. We do not collect age or any data intended to identify whether you are a minor. See §8.
3. Analytics & crash reporting (optional, consent-based)
With your explicit opt-in consent, Heads-Up uses two services to understand how the app is used and to fix crashes:
- PostHog (product analytics): anonymous, aggregated usage events (for example: onboarding completed, a cadence created, the paywall viewed). Data is hosted in the European Union.
- Sentry (crash reporting): diagnostic reports when the app crashes or errors, including a stack trace and device/OS details. Data is hosted in the European Union.
Both are disabled by default. We ask once, during onboarding, and you can change your choice at any time in Settings → Privacy → "Share usage & crash data." When off, neither SDK is initialised and nothing is sent.
Neither service receives your name, email address, or the contents of your cadences. If you are signed in, events are tagged with the same anonymous account identifier used for sync (never your email). We do not use these tools for advertising or cross-app tracking, and we do not build an advertising profile of you.
4. Where your data is hosted
Signed-in data is hosted on Supabase, in the European Union (Frankfurt region). Cadence and profile data at rest lives in that region.
5. Who we share data with (sub-processors)
We use a small number of service providers to run the app's optional cloud features. None of them receive more data than they need, and none may use your data for their own purposes.
| Sub-processor | What they receive | Purpose |
|---|---|---|
| Supabase | Everything in the "Signed-in mode" table above | Database hosting, authentication |
| Your Google account info (if you sign in with Google), and your app-store purchase data (Play Store) | Sign-in; subscription billing | |
| Apple | Your Apple ID info (if you sign in with Apple, currently unavailable, see §11), and your app-store purchase data (App Store, once launched) | Sign-in; subscription billing |
| RevenueCat | Your purchase/subscription status and an anonymous purchaser id | Subscription management across stores |
| Resend | Your email address, for the specific transactional emails listed in §6 | Sending those emails |
| PostHog (EU Cloud) | Anonymous product-usage events and an opaque user id, only if you opt in | Product analytics to improve the app |
| Sentry (EU region) | Crash/error diagnostics (stack trace, device/OS metadata, opaque user id), only if you opt in | Crash reporting and stability |
We do not sell any of this data, and we do not share it with anyone for advertising purposes.
6. Transactional email
If you sign in, we send you email only for account events you triggered or that affect your account directly:
- Welcome: once, when you first sign in.
- Account deleted: confirming a deletion you (or someone with access to your sign-in) initiated, and reminding you of the recovery window (§7).
- Subscription lapsed: when your Pro/Pro+ subscription ends, explaining that your cloud backup will be removed in 30 days unless you resubscribe.
- Purge warning: about 7 days before an unclaimed deleted account is permanently purged, so you have a last chance to recover it.
These are transactional, not marketing, emails: we don't send newsletters or promotional email, and there is no separate marketing list to opt out of.
7. Retention: how long we keep your data
| What happened | Cloud content | Deletion marker | Your device |
|---|---|---|---|
| You sign out | Untouched | None | Untouched |
| You delete one cadence | Removed from our servers within 30 days | Kept until you delete your account | Removed immediately |
| Clear all data → This device only | Untouched (re-downloads next sync) | None | Wiped |
| Clear all data → Everywhere | Removed immediately | Kept until you delete your account | Wiped |
| Subscription lapses | Removed 30 days after lapsing | Kept | Untouched |
| You delete your account | Everything permanently deleted 30 days after you delete, unless you restore first | Deleted with the account | Untouched |
In plain terms: content you delete is removed from our servers within 30 days, immediately if you use Clear All Data. Anonymous deletion markers (just an id and a "this was deleted" flag, no content) are kept so a device that comes back online later can't resurrect something you deleted; those markers are erased when your account is deleted.
8. Children
Heads-Up is not directed at children and is intended for users 18 and older (see our Terms of Service). We do not knowingly collect data from children, and we do not collect age or birth-date information from anyone, at any age.
9. Your rights
Regardless of where you live, you can:
- Access and export your data: in the app (export from Settings) or by emailing us (§10).
- Delete your data: in the app, "Clear all data" removes your cadences (locally, or everywhere, your choice, see §7); "Delete account" removes your cloud account on the 30-day schedule in §7. You can also request deletion by email, or via mundaneapps.com/delete-account if you no longer have the app installed.
- Correct your profile at any time in Settings.
- Withdraw consent by signing out (which stops all further cloud processing; local data keeps working) or deleting your account. You can also withdraw analytics/crash-reporting consent independently at any time in Settings → Privacy, without signing out. This stops all further analytics and crash collection immediately.
If you are in the EU/EEA or UK, these rights are provided under the GDPR / UK GDPR. If you are in India, they are provided under the DPDP Act. We extend the same rights to users everywhere, regardless of location.
10. Contact
Questions, requests, or concerns about this policy: info@mundaneapps.com.
11. Changes to this policy
We may update this policy as the app changes. For a material
change, the in-app policy version (currently 2026-07) is
bumped, and signed-in users see a one-time notice the next time they open
the app, with a link to review the change before continuing. Typo-level
or clarifying edits do not trigger a new notice. This page always shows
its current version and effective date.