Privacy Policy

Effective date: 16 September 2025

This Privacy Policy explains how Alexander Zakharov (“we”, “us”, “our”) processes your personal data when you use the malife mobile application and related services.

Controller: Alexander Zakharov, Turmweg 31, 20148 Hamburg, Germany

Email: privacy@malife.app

Target markets: Global

DPO: Not appointed

1. What this policy covers

  • The malife app and any in‑app/website features we operate.
  • It does not cover third‑party websites you may access via links.

We keep this policy clear and practical. Technical terms appear in the Data Flows appendix.

2. Data we process

We only collect what we need to provide the service. We do not sell data or use cross‑app advertising trackers.

Account & Profile

  • What: Name, email address (incl. Apple private relay), avatar, internal user ID (UUID), Firebase Auth UID.
  • Why: Create your account, authenticate you, sync your data across devices.
  • Source: You; sign‑in providers (Apple/Google).
  • Retention: Until account deletion (see §8).

User Content (synced)

  • What: Life Areas, Projects, Tasks, subtasks, tags, notes, journal entries.
  • Attachments: Photos/files/docs uploaded by you (per‑file limit 50 MB).
  • Why: Core functionality (organize and sync your content).
  • Storage: Firebase Firestore (data) & Firebase Storage (files) in EU region (eur3).
  • Retention: Until you delete items or delete your account.

Focus Timer History

  • What: Session durations, streaks, timer preferences.
  • Why: Provide focus features and statistics.
  • Retention: Until deletion or account closure.

Voice Input (dictation)

We use Apple’s Speech framework to transcribe your voice when you add tasks by voice. Where supported on your device/locale, we require on-device recognition so audio does not leave your device. If on-device recognition isn’t supported, iOS may request your permission to use network-based recognition provided by Apple, in which case Apple may process your audio as an independent controller under its own privacy terms (see Siri & Dictation settings). We do not store raw audio; it is used ephemerally for transcription.

  • AI parsing: After transcription, we may send the task text only (never audio, journals, or attachments) to our AI provider to extract fields (see §5).
  • Controls: You can disable speech recognition at Settings → Privacy & Security → Speech Recognition; “Improve Siri & Dictation” may allow Apple to retain samples if you opt in.

Device Permissions

  • Microphone: Only while you actively use voice input; no background recording.
  • Photos/Camera/Files: Access through system pickers to add attachments; we do not scan your library.
  • Location/Contacts/Calendars: Not used.
  • Push notifications: Reminders only; no marketing pushes.

Purchases

  • What: Subscription status and product identifiers.
  • Why: Process your in‑app subscription.
  • Provider: Apple In‑App Purchase.
  • Retention: As needed for purchase history, fraud prevention, and tax compliance.

Diagnostics (planned)

Crash logs/usage analytics via Firebase Crashlytics/Analytics may be introduced later. If/when enabled, we’ll update this policy and the App Store Privacy Details accordingly. For launch, no analytics are collected.

Sensitive & Children’s data

  • Wellness/health‑like data (mood/sleep/energy check‑ins): Disabled.
  • We do not target minors; the app is intended for 13+.
  • The app is not a medical device and does not provide medical advice.

3. Purposes & legal bases (GDPR)

We rely on these legal bases:

  • Contract (Art. 6(1)(b) GDPR): Provide and improve core app functions; account creation; sync; reminders; purchases.
  • Consent (Art. 6(1)(a)): Optional AI parsing and push reminders where required by your platform settings. You may withdraw consent at any time in settings.
  • Legitimate interests (Art. 6(1)(f)): Security, fraud prevention, debugging, and minimal service telemetry. We balance these interests against your rights.

We do not process special categories of data (Art. 9 GDPR).

4. Where your data is stored

  • Primary hosting: Google Firebase (Auth/Firestore/Storage/Functions) in EU region (eur3) with TLS in transit and AES‑256 at rest.
  • Access control: Production access is restricted to the controller (Alexander Zakharov) with MFA.
  • Backups & logs: Service backups are managed by the hosting provider. Operational logs for Cloud Functions are retained for ~30 days.

5. AI features

  • Processing: When you enable AI parsing for tasks, we send the task text only (no attachments or journals) to our AI provider OpenAI to extract structured fields.
  • Minimization: We avoid sending names, emails, or other PII where possible.
  • Retention & training: We request no provider training/retention for this data.
  • International transfer: Requests may be processed in the United States; see §6.

This AI parsing occurs after any Apple transcription and never includes audio.

We currently do not send journal entries or attachments to AI providers.

6. International transfers

When data is processed outside the EEA (e.g., by OpenAI for AI parsing or by Apple/Google during sign‑in/IAP), we rely on appropriate safeguards such as Standard Contractual Clauses (SCCs) and vendor contractual commitments. We also implement technical and organizational measures (encryption, access control, data minimization).

When network-based Apple transcription is used, processing is performed by Apple pursuant to its terms and may involve international transfers managed by Apple.

7. How long we keep data (retention)

  • User content (tasks, projects, journals, attachments): Kept until you delete items or delete your account.
  • AI request logs: Up to 7 days.
  • Operational logs: ~30 days.
  • Purchases: As needed for transaction history, chargebacks, and tax law.
  • Backups: Deleted/overwritten on provider schedules; we aim to ensure purge within 30 days after your deletion request from live systems.

If legal obligations require longer retention (e.g., tax), we keep only what’s necessary.

8. Your controls & rights

In‑app controls

  • Data export: Settings → Profile → Export (JSON of your profile, life areas, projects, tasks, journal entries, and timer settings). Attachments metadata is included; large files can be requested via support.
  • Deletion: Settings → Profile → Delete account. This removes your account and personal data from live systems immediately; provider backups and caches are purged within ~30 days.

GDPR/UK rights

You can request access, rectification, erasure, restriction, portability, or objection via privacy@malife.app. We verify identity and respond within one month. You may lodge a complaint with your local supervisory authority; in Germany, this is your state authority (e.g., Hamburg).

California/US rights

We do not sell or share personal information for cross‑context behavioral advertising. You can request access or deletion at privacy@malife.app.

9. Security

We protect your data with TLS, encryption at rest, least‑privilege access, MFA, secure coding practices, and Firestore Security Rules. If we become aware of a data breach impacting your data, we will notify you and (where required) authorities within 72 hours.

10. Subprocessors (current)

  • Google Firebase (Auth, Firestore, Storage, Functions) — EU (eur3).
  • OpenAI (AI parsing of task text) — US.
  • Apple (Sign‑In, IAP) — independent controller for purchase/auth flows.
  • Apple (Speech recognition, OS-level) — independent controller when network-based transcription is used; see Apple’s Siri & Dictation privacy disclosures.
  • Google (Sign‑In) — jurisdiction varies by Google.
  • ElevenLabs (voice onboarding, currently inactive) — US.

We maintain an up‑to‑date public list (see Appendix C). We will provide Data Processing Addendums including SCCs where required.

11. No ads & no tracking

  • No third‑party ads.
  • No cross‑app tracking.
  • No data sales.

12. Changes to this policy

We will post updates in‑app and change the “Effective date”. Material changes will be communicated prominently.

Contact: privacy@malife.app