Privacy Policy

App: Snug: Sleep & Wake Alarm · Developer: Moleku · Effective: 2026-01-19

This Privacy Policy explains what information we collect when you use Snug: Sleep & Wake Alarm ("App"), how we use it, and the choices you have. Questions? Email moleku@proton.me.

1) Data Controller

The data controller responsible for your personal data is:

Moleku
Email: moleku@proton.me

For EU/UK residents, you may also contact us regarding any data protection concerns at the email above.

2) Information We Collect

a) Account Information

If you create an account, we collect:

Email address (if using email/password sign-up)
Authentication identifiers from Sign in with Apple or Google Sign-In (we receive a unique ID and, if you choose to share it, your name/email)

You can use the App without creating an account, but some features like cloud sync require one.

b) Sleep & Alarm Data

Alarm times and settings you configure
Sleep schedule preferences
Sleep sounds and wake-up sound preferences

c) Health Data (Optional)

With your explicit permission, the App may read and write data to Apple HealthKit (iOS) or Google Fit (Android):

Sleep analysis data (bedtime, wake time, sleep stages if available)
Time in bed

Apple HealthKit: Data obtained through HealthKit is used solely to provide the App's core sleep tracking functionality to you. We will not use or disclose to third parties information obtained through HealthKit for advertising, marketing, or other use-based data mining purposes other than improving health management or for the purpose of health research. We do not sell data obtained through HealthKit to advertising platforms, data brokers, or information resellers.

Google Fit: Data obtained through Google Fit APIs is used solely to provide the App's core sleep tracking functionality. We comply with Google Fit Developer and User Data Policy requirements.

Important: Health data is stored locally on your device and synced only through Apple Health or Google Fit's own systems. We do not upload health data to our servers. We do not sell health data. We do not use health data for advertising or marketing purposes.

e) Push Notifications

With your permission, we may send push notifications for:

Bedtime reminders
Alarm notifications
Sleep goal reminders

You can disable push notifications at any time in your device's Settings.

d) Analytics & Diagnostics

We use Firebase Analytics to understand how the App is used:

App events (e.g., alarm set, alarm dismissed, feature usage)
Device info (e.g., device model, OS version, app version, language)
Crash data (e.g., stack traces and error details via Firebase Crashlytics)

Analytics data is collected in aggregate and is not linked to your identity unless you have an account and have not opted out.

3) How We Use Your Information

Provide the service: Power alarms, sync settings across devices, restore purchases
Improve the App: Understand usage patterns, fix bugs, develop new features
Customer support: Respond to your inquiries

We do not sell your personal information. We do not use your data for targeted advertising.

4) Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), United Kingdom, and Switzerland, we process your data based on the following legal grounds:

Contract performance: Processing necessary to provide the App's services (account management, alarm functionality, cloud sync)
Consent: For optional features like HealthKit/Google Fit integration, push notifications, and analytics (where required by law). You can withdraw consent at any time.
Legitimate interests: For crash reporting, security, fraud prevention, and App improvement, where our interests don't override your rights

5) Cloud Sync

If you create an account, your alarm settings and preferences are synced to our secure servers so you can access them across devices. This includes:

Alarm configurations
App preferences and settings
Purchase/subscription status

Health data from HealthKit/Google Fit is not synced to our servers.

6) Data Sharing

We share data only with:

Firebase (Google): Analytics and crash reporting. See Firebase Privacy.
Apple/Google: For authentication (Sign in with Apple, Google Sign-In) and payment processing (in-app purchases)

We do not share your data with data brokers or advertisers.

7) Data Retention

Account data: Retained until you delete your account
Analytics events: Up to 14 months (Firebase default)
Crash logs: Up to 90 days

8) Your Rights

Depending on your location, you may have the following rights regarding your personal data:

All Users:

Access: Request a copy of your personal data
Deletion: Request deletion of your personal data
Opt-out of analytics: Available in App Settings
Health permissions: Manage in your device's Settings

EEA, UK, and Switzerland Residents (GDPR/UK GDPR):

Right to access: Obtain confirmation of processing and a copy of your data
Right to rectification: Correct inaccurate or incomplete personal data
Right to erasure: Request deletion of your personal data ("right to be forgotten")
Right to restrict processing: Limit how we use your data in certain circumstances
Right to data portability: Receive your data in a structured, machine-readable format
Right to object: Object to processing based on legitimate interests
Right to withdraw consent: Withdraw consent at any time for consent-based processing
Right to lodge a complaint: File a complaint with your local data protection supervisory authority

To exercise any of these rights, email moleku@proton.me. We will respond within 30 days (or as required by applicable law).

9) Automated Decision-Making

The App may use automated processing to generate sleep insights, such as:

Sleep quality scores based on your sleep data
Personalized bedtime recommendations
Sleep pattern analysis and trends

These insights are provided for informational purposes only and do not have legal or similarly significant effects on you. You are not required to act on any automated recommendations. If you have concerns about automated processing, contact us at moleku@proton.me.

10) In-App Purchases

Purchases are processed entirely by the App Store (Apple) or Google Play. We do not receive or store your payment information (credit card, billing address, etc.). We only receive confirmation of your purchase status.

11) Children's Privacy

The App is not directed at children under 13 (or 16 in certain EU jurisdictions). We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us to have it removed.

12) International Transfers

Your data may be processed in the United States or other countries where our service providers operate (including Google/Firebase).

For EEA, UK, and Switzerland residents: When we transfer your data outside your region, we rely on:

Standard Contractual Clauses (SCCs) approved by the European Commission
Data Processing Agreements with our service providers
Adequacy decisions where applicable

You can request a copy of the safeguards we use by contacting us.

13) Security

We use industry-standard security measures including encryption in transit (TLS) and at rest. However, no method of transmission or storage is 100% secure. We cannot guarantee absolute security.

14) Do Not Track

Some browsers have a "Do Not Track" (DNT) feature. Because there is no accepted standard for how to respond to DNT signals, the App does not currently respond to DNT browser signals. You can control analytics collection through the App's Settings.

15) Third-Party Links

The App may contain links to third-party websites or services (such as help articles, the App Store, or Google Play). We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies before providing any personal information.

16) California Privacy Rights

California residents have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

Right to know what personal information we collect and how it's used
Right to delete your personal information
Right to correct inaccurate personal information
Right to opt-out of the sale or sharing of personal information (we do not sell or share your data for cross-context behavioral advertising)
Right to limit use of sensitive personal information (we only use sensitive data to provide the service)
Right to non-discrimination for exercising your privacy rights

To exercise these rights, email moleku@proton.me. We will verify your identity before processing your request.

17) Changes to This Policy

We may update this policy. Material changes will be announced in-app or via the app stores. Continued use after the effective date means you accept the updated policy. For significant changes affecting EU/UK users, we will seek fresh consent where required.

18) Contact Us

For privacy inquiries, data requests, or complaints:

Email: moleku@proton.me

We aim to respond to all requests within 30 days.