Privacy Policy

Last Updated: May 20, 2026

1. Introduction

This Privacy Policy explains how the MindFlow application ("App", "we", "us", or "our") collects, uses, and protects your information when you use our cognitive training tools, including guided lessons, mini-games, daily practice, and progress tracking. We are committed to protecting your privacy and being transparent about our data practices.

2. Information We Collect

2.1 Information You Provide Directly

Training and profile inputs:

  • Onboarding choices such as training goal (recall, focus, speed, or all), language preferences, and notification settings
  • Baseline mini-game results used to shape your starting skill profile
  • Lesson and game session results, including scores, accuracy, and completion status
  • Feedback or support messages you send to us
  • Account or sign-in details if you use features that require authentication

Note: Much of this information is processed and stored on your device. If a feature sends data to our servers, we use it only as described in this Policy and in the App.

2.2 Information Collected Automatically

Device information:

  • A device identifier where needed for analytics, account linking, or security
  • Device model and manufacturer
  • Operating system version
  • App version

Usage analytics:

  • App launch events and session duration
  • Feature usage patterns (for example screens used and actions taken)
  • Crash reports and error logs
  • Performance metrics

Technical data:

  • Timestamps and status of certain operations
  • Network connectivity signals
  • Diagnostics needed to maintain reliability

2.3 Information We May Not Collect

Unless you provide it or a feature requires it, we do not aim to collect:

  • Government-issued identification numbers
  • Precise GPS location by default
  • Your contacts or address book
  • Photos or camera data, except when you explicitly use a feature that needs them
  • Microphone recordings, except when you explicitly use a feature that needs audio

3. How We Use Your Information

3.1 Primary purposes

Service delivery:

  • Deliver structured cognitive lessons (theory, mini-game challenge, and summary) and free-play training modes
  • Run daily practice sessions and mini-games such as sequence recall, focus reaction, focus tracking, and dual-task challenges
  • Track your lesson progress, XP, streaks, skill radar (recall, focus, speed), and achievements
  • Personalize training difficulty and recommendations based on your goals, baseline, and performance
  • Process subscriptions and premium features when offered

App functionality:

  • Save your preferences
  • Improve reliability and performance
  • Provide customer support when you contact us

3.2 Analytics and improvement

App analytics:

  • Understand how the App is used in aggregate
  • Identify stability issues and popular features
  • Improve user experience

Crash reporting:

  • Collect crash reports and error logs
  • Diagnose and fix technical issues

4. Data Storage and Security

4.1 Local storage

Your data on device:

  • Training progress, lesson completion, game scores, XP, streaks, and related preferences may be stored locally
  • A local database (for example SQLite via Drift) or secure preferences may hold training history and app settings
  • Lesson theory and bundled training content are stored in the App package; they are not content you upload
  • Data may persist until you delete it or uninstall the App

Example locations (may vary by version):

  • Progress and profile data in platform preferences (for example SharedPreferences)
  • Local database files under the App's sandbox where applicable

4.2 Cloud storage

If you sign in or use cloud-backed features, certain data (such as account metadata or subscription status) may be stored on Firebase services. We use cloud data only to provide the features you enable.

4.3 Security measures

Data protection:

  • We use reasonable technical and organizational measures to protect information we process
  • Sensitive identifiers may use platform secure storage where applicable
  • Network communications should use HTTPS where supported

Access control:

  • Third parties do not access your on-device personal content unless you use a feature that explicitly involves a provider
  • Analytics and subscription providers receive only the categories of data described in their documentation

5. Third-Party Services

5.1 Firebase (Google)

Services that may be used:

  • Firebase Analytics
  • Firebase Authentication, if account features are enabled
  • Firebase Remote Config
  • Firebase Cloud Messaging, if notifications are enabled
  • Cloud Firestore or Cloud Functions, if cloud sync or backend features are enabled

Categories of data:

  • Usage and diagnostic events
  • Crash artifacts
  • Device and app metadata
  • Account and subscription-related fields where applicable

5.2 Sentry

Services used:

  • Error monitoring and performance signals

Categories of data:

  • Error logs and stack traces
  • Performance metrics
  • Device metadata for debugging

5.3 Adapty

Services used:

  • In-app subscription and paywall management

Categories of data:

  • Purchase and subscription status
  • Anonymous or account-linked identifiers used for entitlement management

5.4 Other providers

If we add providers (for example cloud backup or AI-assisted features), we will describe them in an updated Privacy Policy or in-product notice where required.

6. Data Retention

6.1 Local data

Retention:

  • Local data remains until you remove it or uninstall the App

Your control:

  • Use in-App deletion options where available
  • Uninstall the App to remove local data stored in the App's sandbox

6.2 Analytics and cloud data

Retention:

  • Third-party analytics tools apply their own retention settings
  • We configure services to minimize unnecessary retention where we can
  • Account or subscription records may be retained as needed to provide the service and meet legal obligations

7. Your Rights and Choices

7.1 Access and deletion

Your rights may include:

  • Accessing information we hold about you where applicable laws provide a right of access
  • Requesting correction or deletion, subject to legal exceptions
  • Objecting to or restricting certain processing where applicable laws allow

How to exercise:

  • Use controls in the App when available
  • Contact us using the email in the Contact section
  • See the Support & Data Deletion page for deletion requests

7.2 Privacy settings

Analytics and device controls:

  • Platform settings may limit analytics tracking
  • In-app toggles may be provided where feasible
  • You can disable push notifications in system settings or in the App

8. Children's Privacy

8.1 Age restrictions

General approach:

  • The App is not directed at children under 13
  • We do not knowingly collect personal information from children under 13 without appropriate parental consent as required by law
  • If you believe we have collected such information, contact us so we can delete it

9. International Data Transfers

9.1 Data processing

Service providers:

  • Vendors may process data in countries other than yours
  • Where required, we rely on approved transfer mechanisms

10. Changes to This Policy

10.1 Policy updates

  • We may update this Privacy Policy
  • Material updates may be communicated via the App, email, or our website where appropriate
  • The "Last Updated" date will change when we publish revisions

11. Legal Basis for Processing (EEA/UK Users)

11.1 Lawful bases

Contract and legitimate interests:

  • Providing the App and securing it
  • Improving reliability and usability

Consent:

  • Where required for optional analytics or similar processing
  • Where required for push notifications

12. Data Protection Rights

12.1 Your rights

Depending on your location, you may have rights under laws such as the GDPR or the CCPA, including rights to access, delete, correct, port, or object to certain processing.

Contact us to exercise these rights. We may need to verify your request.

13. Contact Information

13.1 Privacy inquiries

Contact us:

  • Email: karlihasann@gmail.com
  • Website: https://www.hasankarli.dev

Response time:

  • We aim to respond within a reasonable period and within legal deadlines where applicable

13.2 Data protection contact

Privacy contact:

  • Email: hasan@hasankarli.dev
  • Available for privacy-related questions

14. Compliance

14.1 Regulatory awareness

We design our practices to align with applicable privacy laws. Specific requirements depend on your region and how you use the App.

15. Security Measures

15.1 Technical safeguards

  • Encryption in transit where appropriate
  • Access limitations and monitoring for our systems
  • Vendor review for critical services

16. Third-Party Links

16.1 External services

  • Explore articles or external resources may link to third-party sites
  • We are not responsible for third-party privacy practices
  • Review external policies before sharing information

17. Effective Date

This Privacy Policy is effective as of May 20, 2026, except with respect to changes that we describe when we post updates.

By using the MindFlow app, you acknowledge that you have read and understood this Privacy Policy and agree to the collection, use, and disclosure of your information as described herein.