Privacy Policy — Time of My Life

1. Introduction

Time of My Life ("we", "our", "us") is committed to protecting your privacy.

This Privacy Policy explains how we collect, use, store, and safeguard information when you use our mobile application ("the App").

By using the App, you consent to this Privacy Policy.

2. Information We Collect

2.1 Information You Provide

We collect information you voluntarily provide, such as:

• Email address
• App settings and preferences
• Self-reported wellness inputs

2.2 Data Accessed With Your Permission

We only access sensitive data after you explicitly grant permission.

Digital Behavior Data

• App usage duration
• Screen time
• Phone pickups
• Notifications

Apple Health Data (Optional)

Accessed through Apple HealthKit (only with your consent):

• Heart rate
• HRV
• Sleep analysis
• Steps and activity data
• Workout summaries

We fully comply with Apple HealthKit rules.

Oura Ring Data (Optional)

If you connect your Oura account:

• Readiness score
• HRV baseline
• Sleep score
• Activity & recovery metrics

Access is controlled entirely by your Oura OAuth permissions.

2.3 Data We Generate

We generate:

• Personalized wellness insights
• Trend patterns
• Digital behavior analysis

These insights are not shared with third parties.

3. How We Use Your Information

We use your data to:

• Provide personalized insights and wellness analytics
• Support integrations (HealthKit, Oura, wearables)
• Deliver optional AI-guided recommendations
• Improve app performance and functionality
• Maintain internal system safety and monitoring

5. Legal Basis for Processing (GDPR)

For EU/EEA users, we process data under:

• Consent (HealthKit, Oura, wellness data)
• Legitimate interest (improving app functionality)

You may withdraw consent at any time by revoking permissions.

6. Data Retention

We retain:

• Account data until deletion
• Health/Oura data only while integrations are connected
• AI conversations only if you choose to save them
• Backups only if cloud sync is enabled

When you delete your account:

• All associated data is permanently deleted within 30 days
• HealthKit and Oura connections are automatically revoked

7. Data Security

We protect your data using:

• Encryption in transit: TLS 1.3
• Encryption at rest: AES-256
• Strict access controls
• Secure authentication
• Regular security reviews

No system is 100% secure, but we take all reasonable precautions.

8. International Data Transfers

If data is processed outside your home region:

• We use compliant service providers
• Transfers follow GDPR Standard Contractual Clauses (SCCs)
• Appropriate safeguards are used

9. Data Breach Notification

If a data breach occurs:

• We will notify affected users without undue delay
• EU users are notified in accordance with GDPR
• We will communicate the scope, impact, and mitigation steps

10. Third-Party Integrations

10.1 Apple HealthKit

We comply fully with Apple's HealthKit policies:

• Health data is used only for app features
• Never for advertising or marketing
• Never shared or sold

10.2 Oura Ring

Integration is optional and strictly permission-based.

We comply with Oura's data usage policies:

• Only authorized data is accessed
• Oura data is never used for marketing or AI training
• Oura data is never shared with third parties

10.3 AI Providers (e.g., OpenAI)

If you use AI features:

• Your prompts may be sent to a secure AI provider
• We do not store conversations unless you choose to save them

11. Your Rights

You may:

• ✅ Access your data
• ✅ Export your data
• ✅ Delete your account
• ✅ Revoke permissions (HealthKit, Oura)
• ✅ Opt out of optional features

To exercise rights, email:

12. Children's Privacy

The App is not intended for children under 13.

We do not knowingly collect information from children.

13. Updates to This Policy

We may update this Privacy Policy from time to time.

Significant changes will be announced within the App.

14. Contact Us