GlassTime · Privacy Policy

GlassTime has no account system, no sign-in, no profile, and does not collect personal information. This policy describes the small amount of anonymous data we process to keep the app working and to improve it.

If anything below is unclear, write to us at prismlabs@icloud.com.

GlassTime sends a limited set of anonymous events to Firebase Analytics (a Google service) so we can understand how the app is used in aggregate. Each event is identified only by a random session UUID generated on your device.

• Session start, pause, resume, completion, abandonment, and dismissal events
• Selected focus duration (e.g. 15, 25, 45, 60 minutes) and elapsed time
• Progress milestones (e.g. 25%, 50%, 75%)
• App open and background events
• Tip Jar purchase events (product identifier and localized price string only)

We do not collect your name, email, phone number, location, contacts, photos, or any other personal information. We do not use advertising identifiers (IDFA), we do not request App Tracking Transparency permission, and we do not track you across other apps or websites.

GlassTime uses Firebase Crashlytics to detect crashes and performance issues. Crash reports include the stack trace, exception type, thread state, and basic device information (iOS version, model, free disk space). These reports are not linked to your identity.

If you enable the Apple Health integration in Settings, GlassTime writes your completed focus sessions to Apple Health as Mindful Minutes. Apple Health data stays on your device and inside the Apple ecosystem. GlassTime never reads anything from your Health data.

You can revoke Health access at any time from the Apple Health app, under Sharing → Apps → GlassTime.

GlassTime relies on the following services to operate:

• Firebase Analytics (Google): anonymous usage events
• Firebase Crashlytics (Google): crash and performance reports
• Firebase Authentication (Google): anonymous sign-in only, used to authorize requests to our Cloud Functions
• Firebase Cloud Functions and Cloud Tasks (Google): schedules the push notification that completes your Live Activity
• Firebase App Check with Apple App Attest: verifies that requests come from a legitimate, unmodified copy of GlassTime
• Apple Push Notification Service (APNs): delivers the Live Activity completion push at the scheduled time
• Apple StoreKit: handles Tip Jar purchases; we never see your payment details
• Apple HealthKit: write-only, opt-in (mindful minutes)

Each of these services has its own privacy policy. Google's policies cover the Firebase services; Apple's policies cover APNs, StoreKit, and HealthKit.

Anonymous analytics and crash data are retained according to Firebase's default retention policy (currently 14 months for analytics events).

When you start a focus session, your device sends a push token and the session end time to our Cloud Functions so we can schedule the Live Activity completion. The push token is held in a Cloud Tasks queue until it is dispatched (typically within minutes to a few hours, depending on the session length). It is not stored elsewhere.

If you cancel or end a session early, a short-lived tombstone record (containing the session UUID and your anonymous Firebase user ID) is written to Firestore to prevent a duplicate push. This record automatically deletes itself 24 hours after it is created.

Because GlassTime has no account, the simplest way to delete all of your data is to uninstall the app. The app's local storage is removed by iOS, and any future analytics or crash data is no longer generated.

If you live in the European Union, the United Kingdom, Brazil, California, or another jurisdiction with similar privacy laws, you have the right to request access to, correction of, or deletion of any data we may hold that relates to you. Because we do not store personal identifiers, in most cases we cannot link historical analytics data to a specific person. But if you have a question, write to prismlabs@icloud.com and we will respond as quickly as we can.

GlassTime is not directed to children under 13 and does not knowingly collect personal information from children. The app has no account, no social features, and no advertising.

If we make material changes to this policy we will update the effective date at the top of this page and, when appropriate, notify you within the app. We recommend checking back occasionally.

Prism Labs (Turin, Italy) is the controller for the limited data described in this policy. For privacy questions or requests, email prismlabs@icloud.com.