Privacy Policy

Effective date: 31 October 2025
Entity: Digital Breeze Limited (New Zealand)
Privacy contact: privacy@digitalbreeze.io
Support: support@digitalbreeze.io

Plain‑English summary

• We collect name & email, user content, usage/diagnostics, and security logs (which might include IP address).
• We don’t sell your data and don’t share it for cross‑context behavioral advertising. No third‑party ads/analytics SDKs.
• Data is hosted on infrastructure operated by us and our service providers in the United States.
• You can delete your account in‑app.

The details below control if there is any difference from this summary.

1) Who we are & how to contact us

Digital Breeze Limited (“we”, “us”, “our”) is a company organized in New Zealand.
Privacy: privacy@digitalbreeze.io
Support: support@digitalbreeze.io

2) What we collect

We collect the minimum information needed to operate the app:

Account data

• Name and email address (including a private relay address if you use Sign in with Apple).
• Authentication materials (e.g., hashed identifiers, session tokens).

User content

• Data you enter in our apps and related content you create or upload in the app.

Usage & diagnostics

• Device/OS/app version and characteristics, performance and crash diagnostics, feature interactions, timestamps.

Security & logs

• Server and application logs that may include IP address, request identifiers, and error traces for security, fraud prevention, and troubleshooting.

We do not collect your contacts, photos, precise location, or advertising identifiers unless a feature explicitly requests them and you choose to enable it.

3) Why we collect it (purposes)

• Provide, maintain, and improve the app and its sync features.
• Authenticate accounts (guest, Apple, email/password) and support account linking.
• Process subscriptions and entitlements via Apple’s App Store.
• Secure the service, prevent abuse, and debug issues.
• Communicate service‑related notices (e.g., material policy changes, important service messages).

4) How we share information

We do not sell personal information. We do not share personal information for cross‑context behavioral advertising.

We share personal information only with:

• Hosting and infrastructure providers that operate under our instructions, to run the service in the United States.
• Apple, when you use Sign in with Apple (for identity) and when you purchase subscriptions (for payment processing and entitlements). Apple processes this information under its own terms and privacy policy.
• Legal/safety recipients if required by law or to protect rights, safety, and security.

5) Where we process data (international transfers)

Personal information is stored and processed in the United States. If you access the service from another country, your information will be transferred to the United States. We apply reasonable contractual, technical, and organizational safeguards for such transfers.

6) Retention

We retain personal information only for as long as reasonably necessary to fulfill the purposes described above or to comply with legal, accounting, or reporting obligations. When deciding how long to keep data, we consider the nature of the data, the risks, our operational needs, and legal requirements. When retention is no longer necessary, we delete or de‑identify the information.

7) Your choices & rights (general)

• Delete your account: available in‑app. Deletion removes personal information from active systems; limited backups and system logs may persist for a short period for security, continuity, and legal compliance before being overwritten or deleted.
• Access/Correction: contact privacy@digitalbreeze.io to request a copy of or to correct your personal information.
• Marketing: we do not send marketing emails or push notifications by default. If that changes, you can opt out at any time.

8) Children

The service is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided personal information, contact privacy@digitalbreeze.io and we will delete it.

9) Security

We use reasonable administrative, technical, and physical safeguards appropriate to the nature of the data, including encryption in transit, restricted access, key/secret management, monitoring, and rate limiting. No method of transmission or storage is 100% secure, but we work continuously to protect your information.

10) Changes to this policy

We may update this Privacy Policy from time to time. We will post the updated version here and update the Effective date. For material changes, we may also provide in‑app notice.

11) Regional addenda

These addenda apply in addition to the sections above when the referenced laws cover you.

A. New Zealand (Privacy Act 2020)

We handle personal information in accordance with New Zealand’s Privacy Act 2020 and applicable Codes of Practice. You may request access to and correction of your personal information by contacting privacy@digitalbreeze.io.

B. United States — California (CPRA/CCPA)

• Categories collected: identifiers (name, email), user content, internet/activity information (usage), diagnostics, and log data (including IP address).
• Sources: directly from you and your devices.
• Purposes: as described above (provide service, security, diagnostics, subscriptions).
• Sale/Sharing: we do not sell or share personal information (as these terms are defined under California law). We do not use or disclose sensitive personal information to infer characteristics.
• Retention: we do not retain personal information for longer than reasonably necessary for the disclosed purposes.
• Your rights: access/know, correction, deletion, portability, and to be free from discrimination for exercising your rights. Submit requests to privacy@digitalbreeze.io. We will verify your request as required by law and respond within statutory timeframes. You may use an authorized agent per California law.

C. European Economic Area & United Kingdom (applies if/when the service is offered there or you access from there)

• Controller: Digital Breeze Limited is the controller of personal data processed in connection with the service.
• Legal bases: performance of a contract (to provide the service), legitimate interests (security, diagnostics, improvement), compliance with legal obligations (tax/accounting), and consent where required (e.g., certain notifications or optional features).
• Your rights: access, rectification, erasure, restriction, objection, and portability. You may also lodge a complaint with your supervisory authority. Contact privacy@digitalbreeze.io to exercise rights.
• Children’s consent: if we offer the service in your country, we follow the local digital‑consent age (typically 13–16). Users under that age must have verifiable parental consent.
• Transfers: when we transfer personal data to the United States, we rely on appropriate safeguards (e.g., standard contractual clauses) and implement additional measures as needed.