DoomGuardTerms of Service

Legal

Privacy Policy

Effective: 3 March 2026 · PARTICULAS EPICAS, LDA · Portugal

The short version

DoomGuard uses Apple's Screen Time API to deliver nudges. By design, Apple does not give us access to which apps you use, how long you use them, or any of your usage data — that information never leaves your device. Our backend only knows you exist. Everything else stays on your iPhone.

1. Who we are

DoomGuard is developed and operated by PARTICULAS EPICAS, LDA, a company incorporated under Portuguese law. We are the data controller for all personal data described in this policy.

Contact us at: doomguard.dev@gmail.com

The supervisory authority for data protection in Portugal is the CNPD (Comissão Nacional de Proteção de Dados) — cnpd.pt.

2. What we collect and why

Account information

When you sign in with Apple, we receive your Apple-provided name and email address (which may be a private relay address). We store this to create and manage your account.

Lawful basis: Contract performance.

Apple refresh token

We store an encrypted Apple authorization token solely to revoke it when you delete your account. This is required by Apple's Sign In with Apple guidelines. We never use it for any other purpose.

Lawful basis: Legal obligation (Apple Developer Program requirements).

Device names

To sync your settings across your devices, we store a list of your device names (e.g., “My iPhone 15”). We do not store device identifiers or advertising IDs.

Lawful basis: Contract performance.

Nudge counts and session data

We sync aggregate daily counts of nudges and sessions across your devices so you can see your progress. These are anonymous counters — they do not contain any app names or usage details.

Lawful basis: Contract performance.

Subscription status

We use RevenueCat to manage in-app subscriptions. RevenueCat receives purchase lifecycle events (trial started, renewed, cancelled) and stores a subscription state linked to your account. See RevenueCat's Privacy Policy.

Lawful basis: Contract performance.

Web and in-app analytics

We use PostHog to understand how you interact with our marketing website and the DoomGuard iOS app. PostHog operates on EU servers.

  • On the web: We use PostHog in cookieless mode. No persistent cookie or local storage identifier is placed on your device. Events are attributed using a session-scoped identifier only.
  • In the iOS app: We track feature usage (e.g., screen views, personas applied, schedules saved) to improve the product. These events are associated with your DoomGuard account to help us understand how different user segments (e.g., free vs premium) use the app.

No advertising identifiers (IDFA) are collected. IP addresses are processed transiently for geo-location and are not stored.

Lawful basis: Legitimate interest (improving our product). See PostHog's Privacy Policy.

3. What we never collect

  • Which apps you guard (Apple's API does not expose this to us)
  • Your screen time in minutes or hours
  • Which websites you visit
  • Your location
  • Your contacts, photos, or camera
  • Advertising identifiers (IDFA or equivalent)
  • Any biometric or health data

4. Third-party processors

We use the following sub-processors. We do not sell your data to any third party.

SupabaseDatabase and authentication infrastructurePrivacy Policy ↗
RevenueCatSubscription and in-app purchase managementPrivacy Policy ↗
PostHog (EU)Analytics (web and iOS app)Privacy Policy ↗
AppleSign In with Apple authenticationPrivacy Policy ↗

5. Your rights (GDPR)

As a resident of the EU/EEA, you have the following rights regarding your personal data:

Access

Request a copy of your data

Rectification

Correct inaccurate data

Erasure

Request deletion of your data

Portability

Receive your data in a portable format

Restriction

Limit how we process your data

Objection

Object to processing based on legitimate interest

To exercise any of these rights, email doomguard.dev@gmail.com. We will respond within 30 days.

6. Account deletion

You can delete your account directly from within the DoomGuard app (Settings → Delete Account). This will permanently delete your account and all associated data from our servers, including your Apple refresh token. RevenueCat purchase records will also be removed upon request.

Deletion is permanent and cannot be undone.

7. Data retention

We retain your data for as long as your account is active. If you delete your account, we delete all associated personal data within 30 days, except where retention is required by law (e.g., transaction records for tax purposes, which are retained for up to 7 years under Portuguese law).

8. Children

DoomGuard is rated 9+ on the App Store. We do not knowingly collect personal data from children under 13 years of age. If you believe a child under 13 has provided us with personal data, please contact us and we will delete it promptly.

9. Changes to this policy

We may update this policy to reflect changes in our practices or applicable law. We will notify you of significant changes via a notice in the app. Continued use of DoomGuard after changes are posted constitutes acceptance of the updated policy.