Privacy Policy

Simple Daily Stretch

Effective: 6 June 2026 Last updated: 6 June 2026

This Privacy Policy explains how the mobile application Simple Daily Stretch (on-device name "Simple Stretch", iOS bundle identifier com.saltin.simplestretch) (the "App") collects, uses, and shares information. The App is operated by Sabri Altinkaya, an individual developer ("we", "us", "our").

If you have any questions about this policy or your data, contact us at saltinkaya.dev@gmail.com.

1. Scope

This policy applies to the Simple Daily Stretch mobile app for iOS (and the Android/web builds that share the same codebase). It does not cover any third-party websites or services that the App may link to.

The App is a simple stretching / fitness app. You do not create an account, and we never ask for your name, email address, phone number, or any social login. When you first open the App, it signs you in anonymously in the background (see "Identifiers and the anonymous account" below) so that features such as push notifications and feedback can work.

2. Information we collect

a. Identifiers

  • Anonymous account identifier (Firebase Auth UID). A random identifier created on launch; not tied to your name, email, or any login.
  • App-generated device ID. A random UUID generated on first run and stored on the device, used for push delivery and to distinguish devices. It is not the hardware serial number and is not the Apple advertising identifier (IDFA).
  • Push notification token (FCM / APNs token). If you allow notifications, the App stores a push token (with your anonymous account and device ID) to send reminders and updates.

b. Usage and product-interaction data (analytics)

  • Screens viewed, tabs navigated, buttons tapped.
  • Stretching session events: session previewed/started/completed and duration.
  • Feedback-prompt interactions (shown, option selected, dismissed, submitted).
  • App version and platform (iOS/Android) for these events.

Collected through Google Firebase Analytics.

c. Diagnostics / performance data

Through Microsoft Clarity and Google Firebase, aggregate diagnostic, performance, and interaction data used to find and fix problems and improve the experience. See Section 4.

d. User content you choose to provide (feedback)

  • If you use the in-app feedback feature, we collect the free-text comment you type (up to 500 characters), the option you selected, and the related session (if any), stored with your anonymous account ID, App version, and platform.
  • Providing feedback is optional.

e. Information stored only on your device (not collected by us)

  • Your chosen avatar and nickname (selected from a fixed set of preset characters, e.g. "Calm Bear") and accent color.
  • Your stretch history, streak, and stats.

This is stored locally and is not uploaded to our servers.

f. What we do NOT collect

  • No real name, email, phone number, address, or precise location.
  • No Apple advertising identifier (IDFA); the App contains no advertising SDK.
  • We do not track you across other companies' apps or websites (see Section 6).

3. How we use information

We use the information described above to:

  • Operate the App — anonymous sign-in, push notifications, remember device.
  • Understand and improve the App — feature-usage analysis, performance, bug fixing.
  • Respond to and act on your feedback.
  • Enforce minimum-version / forced-update requirements via Firebase Remote Config (a feature-flag mechanism; no personal data).

Legal bases (GDPR). Where the EU/UK General Data Protection Regulation applies, we process this data on the basis of our legitimate interests in operating, securing, and improving the App, and — where required, such as for push notifications — on the basis of your consent (which you can withdraw at any time by disabling notifications in your device settings).

4. Session recording (Microsoft Clarity)

The App uses Microsoft Clarity, an analytics product that performs session replay and heatmaps. Clarity records your interactions with the App's interface — taps, gestures, scrolling, screens visited — and reconstructs them as anonymized session replays so we can see how people use the App and where they run into trouble.

By default, Clarity's native masking is enabled ("mask all"), designed to obscure on-screen text and input content in these recordings. We do not use Clarity to capture personal identifying information. Clarity is provided by Microsoft; its handling of data is governed by the Microsoft Privacy Statement (see Section 5).

5. Third-party services

Google Firebase (Google LLC)

  • Firebase Analytics — usage / product-interaction analytics.
  • Firebase Authentication — anonymous sign-in (no login credentials).
  • Cloud Firestore — stores your push token / device record and any feedback.
  • Firebase Cloud Messaging (FCM) — push notifications.
  • Firebase Remote Config — remote feature flags / forced-update gate.

Governed by the Google Privacy Policy and the Firebase data-processing terms.

Microsoft Clarity (Microsoft Corporation)

  • Session replay and heatmaps (see Section 4).

Governed by the Microsoft Privacy Statement. See also the Clarity terms.

These providers act as our service providers / processors and may process data on servers located outside your country, including in the United States. Where the GDPR applies, such international transfers are covered by the providers' Standard Contractual Clauses and equivalent safeguards.

6. Data sharing and tracking

  • We do not sell or "share" your personal information (as those terms are defined under the CCPA/CPRA), and we have no actual knowledge of selling the personal information of minors under 16.
  • We share data only with the service providers in Section 5, who process it to provide their services to us.
  • We do not use your data for cross-app/cross-site advertising and do not use Apple's App Tracking Transparency identifier (IDFA). The App does not "track" you as defined by Apple's App Tracking Transparency framework.
  • We may disclose information if required by law or to protect our rights.

7. Data retention

  • Locally stored data (avatar, nickname, streak, history, cached tokens) remains on your device until you delete the App or clear its data.
  • Push token / device records and feedback submissions in Firestore are retained only as long as needed to operate the App and act on your feedback, or until you request deletion (Section 9).
  • Analytics and session-replay data are retained according to Google's and Microsoft's standard retention settings for these products; we do not retain this data for longer than necessary for the purposes described in this policy.

8. Identifiers and the anonymous account

You use the App without registering. The App creates an anonymous Firebase account identified by a random ID, plus a random device ID generated on first launch. These identifiers let the App deliver push notifications, attach your optional feedback, and analyze usage — without knowing who you are. Because there is no login, these identifiers are the only way your data is keyed, and we cannot link them to your real-world identity.

9. Your rights and how to delete your data

Depending on where you live, you may have rights over your personal information.

If you are in the EU/EEA or the UK (GDPR / UK GDPR), you have the right to access, correct, delete, restrict, or object to our processing of your data, and the right to data portability. You also have the right to lodge a complaint with your local data protection authority.

If you are in California (CCPA/CPRA), you have the right to know what personal information we collect and how we use it, the right to delete it, and the right to opt out of its "sale" or "sharing" — though, as stated in Section 6, we do not sell or share your personal information. We will not discriminate against you for exercising these rights.

Because we do not collect your name or email, the practical ways to exercise these rights are:

  • Delete local data: uninstall the App, or clear its data, to remove the on-device profile, history, and cached identifiers.
  • Request server-side deletion or access: email saltinkaya.dev@gmail.com. To help us locate your records (push token / feedback), include the approximate date and any details of feedback you submitted. We will delete or provide the associated device and feedback records. We may be unable to act on a request where we cannot reasonably link the data to you, given the anonymous design described in Section 8.

10. Children's privacy

The App is not directed to children under 13, and we do not knowingly collect personal information from children under 13 (or the equivalent minimum age in your jurisdiction). If you believe a child has provided us information, contact saltinkaya.dev@gmail.com and we will delete it.

11. Changes to this policy

We may update this Privacy Policy from time to time. We will revise the "Last updated" date above and, where appropriate, provide additional notice within the App or through other reasonable means.

12. Contact

Sabri Altinkaya
Email: saltinkaya.dev@gmail.com

For privacy questions or to exercise any of the rights in Section 9, email us at the address above and we will respond within a reasonable timeframe.