App Privacy Policy

Last updated: June 26, 2025

1. Introduction

At Monk, we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application.

By using Monk, you consent to the data practices described in this Privacy Policy. If you do not agree with this Privacy Policy, please do not use our App.

Contact Information:

  • Email: hello@monktag.com
  • Website: monktag.com

2. Information We Collect

2.1 Personal Information

When you create an account, we collect:

  • Name (first name)
  • Email address
  • Initial screen time assessment (self-reported hours)
  • Newsletter subscription preference
  • Account creation date

2.2 Device and Usage Information

  • Device type and operating system version
  • App usage and interaction data within Monk
  • Session durations and timing
  • Focus session statistics and streaks
  • Emergency unblock token usage

2.3 App Group and Session Data

IMPORTANT: We do NOT collect information about which specific apps you choose to block. Apple's privacy framework prevents us from accessing this information.

We only collect:

  • Names of app groups you create (e.g., "Work Focus", "Social Media Break")
  • Session start and end times
  • Duration of focus sessions
  • Daily, weekly, and historical usage patterns
  • Whether Screen Time permissions are enabled

2.4 NFC Tag Information

  • NFC tag unique identifiers (UIDs)
  • Tag assignment and ownership status
  • Tag scanning events and timestamps

We do NOT collect:

  • Crash logs or diagnostic data
  • App performance metrics
  • Error logs for analytics purposes
  • System-level diagnostic information

3. How We Use Your Information

We use your information for the following purposes:

3.1 Core App Functionality

  • Providing focus session management
  • Managing app group names and session tracking
  • Managing NFC tag associations
  • Tracking your progress and statistics
  • Managing emergency unblock tokens

3.2 Account Management

  • Creating and maintaining your user account
  • Authenticating your identity
  • Syncing data across your devices
  • Providing customer support

3.3 App Improvement

  • Analyzing usage patterns to improve features
  • Developing new features based on user behavior
  • Optimizing app performance through usage data

3.4 Communication

  • Sending important app updates (if opted in)
  • Providing customer support responses
  • Sending security notifications

We do NOT use your information for:

  • Advertising or marketing to third parties
  • Selling or sharing with data brokers
  • Creating user profiles for external purposes
  • Tracking across other apps or websites
  • Crash reporting or diagnostic analytics

4. Data Storage and Security

4.1 Data Storage

Your data is securely stored using Supabase, a trusted cloud database provider that complies with industry security standards including SOC 2 Type II certification and GDPR compliance.

Data Location: Your data is stored in secure data centers with robust physical and digital security measures.

4.2 Security Measures

  • All data transmission is encrypted using TLS/SSL
  • Database access is restricted and monitored
  • Regular security audits and updates
  • No storage of sensitive authentication tokens on device
  • Secure API endpoints with proper authentication

4.3 Local Storage

Some data is cached locally on your device for performance:

  • Emergency unblock token count
  • User preferences and settings
  • Recent session statistics
  • App group configurations

This local data is stored in secure app containers and is not accessible by other apps.

5. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following limited circumstances:

5.1 Service Providers

  • Supabase (database hosting) - processes data according to strict data processing agreements
  • Apple (for App Store functionality and Screen Time integration)
  • Essential technical service providers under confidentiality agreements

5.2 Legal Requirements

We may disclose your information if required by law, court order, or government request, or to:

  • Protect our legal rights
  • Enforce our Terms of Service
  • Protect user safety or security
  • Investigate fraud or abuse

5.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred, but only under equivalent privacy protections.

6. Your Rights and Choices

6.1 Access and Control

You have the right to:

  • Access your personal information
  • Correct inaccurate information
  • Delete your account and associated data
  • Export your data in a portable format
  • Withdraw consent for data processing

6.2 Data Deletion

To delete your account and all associated data:

  • Use the "Delete Account" feature in the app settings under "My Account"
  • Contact us at privacy@monktag.com
  • Data will be permanently deleted within 30 days

When you delete your account, we permanently remove:

  • Your personal profile information
  • All session history and statistics
  • NFC tag associations
  • App group configurations
  • All locally stored data

6.3 Communication Preferences

You can opt out of non-essential communications at any time through app settings or by contacting us.

6.4 European Users (GDPR Rights)

If you are located in the European Union, you have additional rights under GDPR:

  • Right to portability
  • Right to rectification
  • Right to erasure ("right to be forgotten")
  • Right to restrict processing
  • Right to object to processing
  • Right to lodge a complaint with supervisory authorities

7. Children's Privacy

Monk is designed for users aged 13 and above. We do not knowingly collect personal information from children under 13 years of age.

If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information immediately.

Parents who believe their child has provided personal information to us should contact us at privacy@monktag.com.

8. Apple Screen Time Integration

Monk integrates with Apple's Screen Time framework to provide app blocking functionality:

8.1 Permissions Required

  • Screen Time permission (to block apps during focus sessions)
  • Family Controls access (for app restriction features)

8.2 Data Processing

  • We do not access your overall Screen Time data or usage statistics
  • We only control apps during active focus sessions that you initiate
  • We do not know which specific apps you have selected to block
  • We only store the names of app groups you create (e.g., "Work Apps")
  • No data is shared with Apple beyond standard app functionality
  • Screen Time settings remain under your control

8.3 Data Scope

Due to Apple's privacy design, we only access the minimum data necessary for session management and cannot see your individual app usage patterns or which specific apps are in each group.

9. Cookies and Tracking

Monk does not use cookies, advertising trackers, or cross-app tracking technologies.

We do not:

  • Track you across other apps or websites
  • Use advertising identifiers or device tracking
  • Implement third-party analytics that track personal behavior
  • Share data with advertising networks
  • Collect crash reports or diagnostic data for analytics

Any technical identifiers used are solely for app functionality and are not used for tracking purposes.

10. International Data Transfers

Your data may be processed in countries other than your country of residence. We ensure appropriate safeguards are in place for international transfers:

  • Standard Contractual Clauses for EU data transfers
  • Adequacy decisions where applicable
  • Equivalent privacy protections in all processing locations

Data is primarily processed within the European Economic Area and the United States under appropriate transfer mechanisms.

11. Data Retention

We retain your information for as long as necessary to provide our services and comply with legal obligations:

  • Account information: Until account deletion
  • Session data: Stored indefinitely for historical statistics (until account deletion)
  • App group configurations: Until account deletion
  • Support communications: 3 years maximum

Upon account deletion, all personal data is permanently removed within 30 days, except where retention is required by law.

Note: We do not retain crash logs, performance data, or diagnostic information as we do not actively collect this data.

12. Updates to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of material changes by:

  • Posting the updated policy in the app
  • Sending an in-app notification
  • Updating the "Last updated" date

Continued use of the app after changes constitutes acceptance of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

  • Email: privacy@monktag.com
  • Website: monktag.com/privacy
  • Address: Las Palmas de Gran Canaria, Canary Islands, Spain

For EU users, you may also contact our Data Protection Officer at: dpo@monktag.com

We will respond to your inquiry within 30 days.