Privacy Policy

Last Updated: January 16, 2026

Privacy at a Glance

Your privacy matters to us. Vylo uses a local-first approach—most of your data stays on your device. We collect limited personal information you provide during onboarding (name, age, gender, preferences) and usage analytics to improve the app experience. This data is shared with our analytics partners (Mixpanel, Meta, TikTok) to help us understand how users engage with Vylo. You can limit tracking through iOS settings.

1. Introduction

Welcome to Vylo (“we,” “our,” or “us”). This Privacy Policy explains how we collect, use, and share information in connection with our mobile application Vylo (the “App”). We are committed to protecting your privacy and ensuring transparency about our data practices.

By using Vylo, you agree to the practices described in this Privacy Policy. If you do not agree with this policy, please do not use the App.

2. Information We Collect

We collect information in three ways: information stored locally on your device, information you voluntarily provide that we share with analytics partners, and information automatically collected by third-party SDKs.

2.1 Information Stored Locally on Your Device

The majority of your personal data is stored directly on your device using iOS’s local storage mechanisms (UserDefaults and App Groups). This data remains on your device and includes:

  • Onboarding Preferences: Your name (if provided), selected categories, notification preferences, theme choices, and app icon preference.
  • Usage Data: Your daily streak count, favorite affirmations, affirmation viewing history, and onboarding completion status.
  • App Settings: Language preference, notification schedule, selected categories, and theme customization.
  • Widget Data: Affirmations displayed in your Home Screen and Lock Screen widgets are stored in a shared App Group container accessible only by Vylo and its widgets.

You can delete all locally stored data by uninstalling the App from your device.

2.2 Information Shared with Analytics Partners

To improve the app experience and understand how users engage with Vylo, we collect and share the following information with our analytics partners (Mixpanel, Meta/Facebook SDK, TikTok SDK):

Personal Information (Voluntarily Provided)

  • Name: Your first name (if provided during onboarding)
  • Demographics: Age range, gender identity, relationship status, employment status, zodiac sign
  • Preferences: Selected affirmation categories, improvement goals, how you discovered the app
  • Psychographic Data: Familiarity with affirmations, self-care habits, personal intentions

Usage and Behavioral Data

  • Affirmation Interactions: Which affirmations you view, favorite, or share (tracked anonymously by ID)
  • App Usage: Features used, screens viewed, time spent in app, session frequency
  • Engagement Metrics: Daily streak progress, total affirmations viewed/liked, categories explored
  • Subscription Status: Whether you’re a free or premium user, subscription type, trial status
  • App Events: Onboarding completion, paywall views, widget additions, notification enablement

Technical Information

  • Device Information: iOS version, device model, screen size, app version
  • Device Identifiers: Anonymous user ID (generated by analytics SDKs), IDFA/IDFV (only if you grant tracking permission)
  • Network Information: IP address (used to determine approximate location/country)
  • Performance Data: App crashes, load times, errors

2.3 Information We Do NOT Collect

  • No Email Address or Phone Number: We do not collect contact information.
  • No Account Required: You don’t need to create an account or log in to use Vylo.
  • No Precise Location: We do not collect GPS coordinates or precise location data.
  • No Access to Device Data: We do not access your contacts, calendar, photos (except when you choose to save affirmation images), or other personal device data.
  • No Affirmation Content: We do not read or analyze the text content of affirmations you view, only the anonymized IDs.

3. How We Use Your Information

We use the collected information for the following purposes:

  • Personalization: Customize affirmation recommendations based on your selected categories and preferences
  • App Improvement: Understand which features are most valuable and identify areas for improvement
  • Analytics: Measure user engagement, retention, and feature adoption
  • Marketing Attribution: Understand which marketing campaigns effectively reach our target audience
  • Subscription Management: Process payments, manage subscriptions, and provide customer support
  • Performance Optimization: Identify and fix bugs, crashes, and technical issues
  • Legal Compliance: Comply with applicable laws and respond to legal requests

4. Third-Party Services and SDKs

We integrate with the following third-party services to provide essential functionality. Each service may collect data as described below:

4.1 RevenueCat (Subscription Management)

We use RevenueCat to manage in-app subscriptions and purchases. RevenueCat collects:

  • Stable anonymous user identifiers (UUID generated on device, persists across app reinstalls)
  • Purchase transaction information (subscription status, purchase dates, product IDs)
  • Device information (iOS version, device type, country)
  • App Store receipt data

Data Storage: RevenueCat stores this data on their secure servers to enable subscription restoration across devices.

Privacy Policy: https://www.revenuecat.com/privacy

4.2 Mixpanel (Analytics)

We use Mixpanel to understand how users interact with the App and improve the user experience. Mixpanel receives:

  • Personal Information: Name, age range, gender, relationship status, employment status, zodiac sign, improvement goals, selected categories (as described in Section 2.2)
  • Usage Analytics: Screens viewed, features used, buttons clicked, time spent in app
  • Engagement Data: Affirmations viewed/favorited (counts and IDs), streak progress, subscription status
  • Device Information: iOS version, device model, screen size, app version
  • Session Data: Session start/end times, session duration, days since install

Data Storage: Your data is stored on Mixpanel’s EU servers (European data residency) in compliance with GDPR.

Retention: Mixpanel retains event data for the duration of your subscription with them, typically indefinitely unless you request deletion.

Privacy Policy: https://mixpanel.com/legal/privacy-policy/

4.3 Meta/Facebook SDK (Attribution & Analytics)

We use Meta’s SDK (formerly Facebook SDK) for advertising attribution and analytics. Meta automatically collects:

  • Device Identifiers: IDFA/IDFV (only if you grant tracking permission via App Tracking Transparency prompt), anonymous device fingerprints
  • App Events: App installs, app launches, registrations, purchases, content views, affirmation interactions
  • Device Information: iOS version, device model, carrier, timezone, language
  • Network Information: IP address (used to determine country/region)
  • Behavioral Data: Pages viewed, features used, subscription events, affirmations favorited

Automatic Event Collection: Meta SDK automatically logs certain events (app installs, app activations, purchases) even without explicit tracking permission, though with limited data.

Purpose: This data helps us measure advertising campaign effectiveness and optimize our marketing spend.

Privacy Policy: https://www.facebook.com/privacy/policy/

4.4 TikTok Business SDK (Attribution)

We use the TikTok Business SDK to measure the effectiveness of TikTok advertising campaigns. The TikTok SDK collects:

  • Device Identifiers: IDFA/IDFV (if you’ve granted tracking permission), anonymous device IDs
  • App Events: App installation, first app launch, registration completion, trial starts, purchases
  • Device Information: iOS version, device model, screen resolution, carrier
  • Retention Metrics: App launch frequency, days since install
  • Payment Events: Subscription purchases (automatically tracked)

Automatic Tracking: The SDK automatically tracks installs, launches, retention, and payments when enabled.

Privacy Policy: https://www.tiktok.com/legal/privacy-policy

4.5 Apple Services (Notifications & Widgets)

When you enable notifications, we use Apple’s User Notifications framework to schedule local notifications on your device. These notifications are generated and delivered entirely on your device—we do not send push notifications from a server.

Widgets use iOS’s WidgetKit framework and access affirmation data stored in a shared App Group container on your device. No widget data is transmitted to our servers or third parties.

5. How We Share Your Information

We share your information in the following circumstances:

  • Analytics Partners: Personal and usage data is shared with Mixpanel, Meta SDK, and TikTok SDK as described in Section 4.
  • Subscription Provider: Purchase data is shared with RevenueCat to manage subscriptions.
  • Legal Requirements: We may disclose information if required by law, court order, or government request.
  • Business Transfers: If Vylo is acquired or merged, your information may be transferred to the new owner.

We do NOT sell your personal information to data brokers or third parties for their own marketing purposes.

6. Your Privacy Choices and Controls

6.1 App Tracking Transparency (ATT)

When you first open Vylo, iOS will ask for permission to track your activity across apps and websites owned by other companies. This permission controls whether the Meta SDK and TikTok SDK can access your device’s Advertising Identifier (IDFA).

  • If you grant permission: Meta and TikTok can use your IDFA for advertising attribution and measurement.
  • If you deny permission: Meta and TikTok cannot access your IDFA, but may still collect limited anonymized data.

To change this setting: Go to iOS Settings → Privacy & Security → Tracking → Vylo

6.2 Limit Ad Tracking

You can limit advertising tracking system-wide:

iOS Settings → Privacy & Security → Apple Advertising → Turn off “Personalized Ads”

6.3 Analytics Opt-Out

To limit analytics collection:

  • Deny the App Tracking Transparency prompt when first opening Vylo
  • Avoid providing personal information during onboarding (name, demographics) by skipping those screens

Note: Currently, there is no in-app toggle to fully disable analytics. Disabling tracking will limit data collection but not eliminate it entirely.

6.4 Delete Your Data

  • Local Data: Uninstalling the app will delete all locally stored data on your device.
  • Analytics Data: To request deletion of data stored by our analytics partners, contact us at nathan.douziech@gmail.com. We will forward your request to Mixpanel, Meta, and TikTok.

7. Data Retention

  • Local Data: Stored on your device until you uninstall the app or clear app data.
  • RevenueCat Data: Retained as long as needed to manage your subscription and comply with financial regulations (typically 7 years).
  • Mixpanel Data: Retained indefinitely unless you request deletion.
  • Meta SDK Data: Retention determined by Meta’s data policies (typically up to 2 years for advertising data).
  • TikTok SDK Data: Retention determined by TikTok’s data policies (typically up to 18 months for attribution data).

8. Children’s Privacy

Vylo is intended for users aged 18 and older. We do not knowingly collect information from children under 13 (or under 16 in the European Economic Area). If we learn that we have inadvertently collected information from a child, we will take steps to delete such information. If you believe a child has provided information to us, please contact us at nathan.douziech@gmail.com.

9. Data Security

We take reasonable measures to protect your information:

  • Device Security: Your local data is protected by your device’s security features (passcode, Face ID/Touch ID).
  • Encryption in Transit: Data transmitted to third-party services uses industry-standard HTTPS/TLS encryption.
  • Secure Storage: Analytics partners (Mixpanel, RevenueCat) store data on secure, encrypted servers.
  • Access Controls: We limit access to personal information to employees and partners who need it to provide services.

Recommendations: Use a strong passcode, enable biometric authentication, keep iOS updated, and only download Vylo from the official Apple App Store.

10. International Data Transfers

Your information may be transferred to and processed in countries outside your own:

  • Mixpanel: Data stored on EU servers (European data residency) in compliance with GDPR.
  • RevenueCat: Data processed in the United States with appropriate safeguards.
  • Meta/Facebook: Data may be transferred globally to Meta’s data centers.
  • TikTok: Data may be transferred to Singapore, United States, or other TikTok data centers.

These services use Standard Contractual Clauses (SCCs) and other legal mechanisms to comply with GDPR and international data protection laws.

11. Your Privacy Rights

11.1 European Economic Area (EEA) – GDPR Rights

If you are in the EEA, you have the following rights under GDPR:

  • Right to Access: Request a copy of the personal information we hold about you.
  • Right to Rectification: Correct inaccurate or incomplete personal information.
  • Right to Erasure (“Right to be Forgotten”): Request deletion of your personal information.
  • Right to Restriction: Request that we limit how we use your information.
  • Right to Data Portability: Receive your personal information in a machine-readable format.
  • Right to Object: Object to our processing of your personal information.
  • Right to Withdraw Consent: Withdraw consent for data processing at any time.

To exercise these rights, contact us at nathan.douziech@gmail.com. We will respond within 30 days.

Legal Basis for Processing: We process your data based on (1) your consent (for analytics), (2) contractual necessity (for subscriptions), and (3) legitimate interests (for app improvement).

11.2 California – CCPA/CPRA Rights

If you are a California resident, you have the following rights under CCPA/CPRA:

  • Right to Know: Request disclosure of what personal information we collect, use, and share.
  • Right to Delete: Request deletion of your personal information (subject to exceptions).
  • Right to Opt-Out of Sale/Sharing: We do not “sell” your information, but we do “share” it with analytics partners for advertising purposes. You can opt out by denying the ATT prompt.
  • Right to Correct: Request correction of inaccurate personal information.
  • Right to Limit Use of Sensitive Personal Information: We do not use sensitive personal information for purposes other than providing the app.
  • Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.

To exercise these rights, contact us at nathan.douziech@gmail.com with the subject line “CCPA Request”.

11.3 Other Jurisdictions

If you reside in a jurisdiction with specific privacy laws (Brazil’s LGPD, Canada’s PIPEDA, etc.), you may have additional rights. Contact us at nathan.douziech@gmail.com for assistance.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or service features. When we make material changes, we will:

  • Update the “Last Updated” date at the top of this policy
  • Notify you through an in-app message or notification
  • Post the updated policy on our website

Your continued use of Vylo after changes are posted constitutes your acceptance of the updated Privacy Policy. If you do not agree to the changes, please stop using the app and uninstall it.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

We will respond to privacy inquiries within 30 days.

14. Data Protection Officer

For users in the European Economic Area, if you have questions about how we handle your data or wish to exercise your GDPR rights, you can contact our Data Protection Officer at:

Email: nathan.douziech@gmail.com

Subject Line: “GDPR Request – Vylo”

15. Commitment to Transparency

At Vylo, we believe that your wellness journey is deeply personal, and we are committed to being transparent about how we use data to improve your experience. While we collect certain information to understand user needs and measure app performance, we strive to minimize data collection and respect your privacy choices.

We use analytics to make Vylo better—to understand which affirmations resonate, which features are helpful, and how we can serve you more effectively. Your trust is important to us, and we’re committed to earning it every day.

Thank you for choosing Vylo to support your daily self-care practice.

Scroll to Top