Privacy Policy

Feb 8, 2026

๐Ÿ”’ Privacy Policy

Held ("Held," "we," "us," or "our") provides tools to help users protect focused time and reduce digital distractions. This Privacy Policy explains how we collect, use, disclose, and protect information when you use the Held mobile application and related services (the "Service").

By using the Service, you agree to this Privacy Policy.

๐Ÿ“Œ Information We Collect

We may collect:

  • Account information, such as email address, display name, and account ID.

  • Sign-in details through Apple Sign In, Google Sign-In, or email/password.

  • Ritual and focus content you create (for example ritual names, schedules,
    settings, reflections, and personal intent text).

  • Messages you send in coaching/AI conversations.

  • Emergency unlock reasons and other text you enter voluntarily.

  • Support communications if you contact us.

โš™๏ธ How We Use Your Information

We use collected information to:

  • Provide, maintain, and improve Held features.

  • Create and run rituals and focus sessions.

  • Sync your data across devices (if you sign in).

  • Generate progress insights and coaching features.

  • Process subscription status and premium access.

  • Respond to support requests.

  • Protect security, prevent misuse, and enforce our terms.

  • Comply with legal obligations.

๐Ÿ” Sharing Your Information

We share information only as needed to provide the Service, including with:

  • Firebase (Google): authentication and cloud database sync.

  • OpenAI: AI-generated coaching, ritual parsing, and related AI responses.

  • RevenueCat: subscription and entitlement management.

  • Apple/Google authentication providers: when you use their sign-in
    methods.

We may also disclose information:

  • If required by law, legal process, or governmental request.

  • To protect rights, safety, and security.

  • In connection with a merger, acquisition, financing, or asset sale.

We do not sell personal information and do not share personal
information for cross-context behavioral advertising.

AI Features

If you use AI-powered features, we send relevant input and context (for

example, your message text and selected app context such as ritual/schedule/

performance data) to our AI provider to generate responses.

AI outputs may be inaccurate or incomplete and should not be treated as

medical, legal, financial, or other professional advice.

๐Ÿ” Third-Party Services and Data Sharing

We share information only as needed to provide the Service, including with:

  • Firebase (Google): authentication and cloud database sync.

  • OpenAI: AI-generated coaching, ritual parsing, and related AI responses.

  • RevenueCat: subscription and entitlement management.

  • Apple/Google authentication providers: when you use their sign-in
    methods.

We may also disclose information:

  • If required by law, legal process, or governmental request.

  • To protect rights, safety, and security.

  • In connection with a merger, acquisition, financing, or asset sale.

We do not sell personal information and do not share personal
information for cross-context behavioral advertising.

๐Ÿ” Third-Party Services and Data Sharing

Some data is stored locally on your device (including app and extension
shared storage for core functionality).

  • If you sign in, selected data is synced to cloud infrastructure.

  • We retain data as long as needed to provide the Service and for legitimate
    operational/legal purposes.

  • If you delete your account, we will delete or de-identify your account data,
    subject to legal and operational requirements (for example, backups retained
    for limited periods).

๐Ÿ” Security

We use reasonable administrative, technical, and organizational safeguards to

protect personal information. No method of transmission or storage is 100%

secure, and we cannot guarantee absolute security.

Depending on your location, you may have rights to access, correct, delete, or
receive a copy of your personal information, and to limit certain processing.

You can:

  • Update account/profile information in-app (where available).

  • Revoke app permissions in iOS Settings.

  • Delete your account in the app (if signed in).

  • Contact us to request access, correction, deletion, or portability.

California Privacy Notice (CPRA)

California residents may have rights to know, delete, correct, and limit use of
certain personal information. Held does not sell or share personal information
for cross-context behavioral advertising.

To exercise rights, contact: reljadev@gmail.com

๐Ÿ”„ International Data Transfers

Your information may be processed in countries other than your own, including

the United States, where data protection laws may differ. We use appropriate

safeguards where required.

๐Ÿ” Childrenโ€™s Privacy

Held is not directed to children under 13 (or older where required by local

law), and we do not knowingly collect personal information from children below

the applicable age threshold. If you believe a child has provided personal

information, contact us so we can delete it.

๐Ÿ” Changes to This Policy

We may update this Privacy Policy from time to time. If we make material

changes, we will update the โ€œLast Updatedโ€ date and provide additional notice

where required.

๐Ÿ” Contact us

For privacy questions or requests, contact:

Email: reljadev@gmail.com

Create a free website with Framer, the website builder loved by startups, designers and agencies.