Nudge Privacy Policy

1. Quick Summary

• No user accounts – we do not create or manage cloud profiles.
• No analytics, advertising, or tracking SDKs – we do not serve ads or fingerprint you.
• Data stored locally – reminders and preferences remain on your device.
• Contacts access is read-only – used solely to let you pick contacts for reminders; we do not upload or sync your address book.
• Notifications are local – scheduled on-device; content is generated by the app.
• Easy removal – delete reminders in-app or uninstall to remove all locally stored data.

2. Scope

This policy applies to the Nudge mobile application distributed via Apple’s App Store and Google Play. It does not cover third-party websites or services you may access (e.g., your phone dialer or SMS app).

3. Data We Access (But Do Not Transmit)

Nudge may access certain data categories strictly for core functionality. Unless explicitly noted otherwise, this data does not leave your device.

• Contacts: Retrieved only when you choose a contact for a reminder. We do not modify, export, or transmit contact data.
• Reminder Content: Names, frequency choices, times, and reminder type (Call/Text) are stored locally in a SQLite database.
• Notification Scheduling Data: Timezone and selected times used to configure local notifications.
• Preferences: Theme (light/dark/high contrast) and related UI settings stored locally (e.g., via shared preferences).

Apple App Privacy Label classification: These data types are not collected in the sense defined by Apple because they are not sent off-device nor used for tracking or analytics.

4. Data We Do Not Collect

• Account identifiers (email, username)
• Precise or coarse location
• Usage analytics or crash reports sent to external servers
• Advertising identifiers / IDFA
• Payment or transaction data
• Health, financial, biometric, or sensitive data categories

5. Purposes of Access & On-Device Use

• Contacts: Populate a picker so you can select who to call or text.
• Reminder Data: Enable scheduling and display of upcoming nudges.
• Notifications: Deliver timely prompts to reach out to someone.
• Preferences: Persist theme and accessibility settings for user experience continuity.

We do not use any data for advertising, profiling, or cross-app tracking.

6. Storage & Security

Data is stored locally using platform-provided secure storage mechanisms (SQLite and key-value preference files). We do not maintain external servers for user data. Standard OS sandboxing protects the app’s local database. Because data never leaves the device, exposure risk is limited to local device compromise.

7. Third-Party Packages (Local Use Only)

Nudge relies on open-source Flutter plugins to implement core features. These libraries operate on-device and are not used to transmit personal data from Nudge:

• contacts_service – Accesses device contacts for selection (read-only).
• flutter_local_notifications – Schedules local notifications; no external push service.
• sqflite – Local SQLite database for reminders.
• shared_preferences – Stores lightweight settings.
• path_provider – Locates safe filesystem paths.
• permission_handler – Facilitates permission requests.
• url_launcher – Opens phone dialer or SMS composer (system apps).
• google_fonts – Loads font assets; no user tracking actions initiated by Nudge.

Each third-party package is used within its declared purpose and not leveraged for data harvesting.

8. Permissions Explanation

• Contacts: Required to let you choose people for reminders. Without it, you can’t select contacts.
• Notifications: Required to deliver scheduled reminder alerts.

You can revoke permissions anytime in your device Settings. Revoking contacts permission will disable contact selection; revoking notification permission stops reminder alerts.

9. Tracking & Advertising

Nudge does not use the Advertising Identifier (IDFA), fingerprinting techniques, or cross-app tracking. No data is shared with advertising networks. Consequently, the App Tracking Transparency (ATT) prompt is not displayed because tracking is not performed.

10. Children’s Privacy

Nudge is not directed to children under 13. We do not knowingly collect personal information from children. If you believe a child has provided local data and wishes to remove it, you can delete reminders or uninstall the app.

11. Data Retention

• Reminders & Preferences: Persist until you delete them in-app or uninstall Nudge.
• Contacts Data: Queried dynamically; not copied beyond necessary identifier fields for display and association.

If you uninstall Nudge, all locally stored data is removed as part of OS app removal.

12. User Controls & Deletion

• Delete specific reminders directly inside the app.
• Revoke permissions in device Settings for contacts or notifications.
• Uninstall the app to remove all local data.

13. International & Regulatory Notes

Because Nudge does not transmit personal data to external servers, typical regulatory data subject rights (GDPR access/export requests) are inherently satisfied by on-device control. We do not process or transfer data internationally.

14. Changes to This Policy

We may update this policy to reflect feature adjustments or legal changes. Material changes will update the “Last Updated” date. Continued use after an update signifies acceptance of the revised policy.

15. Contact

Questions or concerns?

• Email: support@nudgeapp.example (replace with your real support email)
• Optional landing page: https://example.com/nudge

Do not use the placeholder domain in production—update before submission to App Store Connect.

16. App Privacy Label Guidance (For Submission)

When answering Apple’s App Privacy questionnaire, you can (based on current functionality) indicate:

• Data Collection: Select “No” for categories you only access on-device (Contacts, Identifiers, Usage) since nothing is transmitted off the device.
• Contact Info / Contacts: Mark as accessed locally but not collected (not transmitted).
• Tracking: “No” – Nudge does not link data across apps/sites or use IDFA.
• Analytics: “No” – No external analytics SDK.

Verify these answers remain accurate if you add remote sync, crash reporting, or analytics later.

17. API Usage & Privacy Manifest

Nudge uses standard iOS APIs for contacts access and local notifications. These are declared via permission prompts and plugin privacy manifests (where provided). Nudge does not invoke sensitive “required reason” APIs for fingerprinting. If future versions add such APIs, the app’s privacy manifest and this policy will be updated accordingly.

18. Limitations & User Responsibility

If you include personal or sensitive information in reminder text fields, it will be stored locally in plain form within the app’s sandboxed database. Avoid placing confidential information (e.g., passwords, financial numbers) into reminder notes.