PrayCue privacy policy
1. Introduction and scope
This Privacy Policy governs the processing of personal data by TIDYCUSTOMS ("we", "us", "our") in connection with the mobile application PrayCue (the "App"). The App operates on a "local-first" model. Data entered by the user is stored exclusively on the user's device. The developer has no actual access to this data and cannot read, copy, synchronise, or remotely delete it. With regard to data created and stored in the App on the user's device, such data remains under the user's sole control, and its processing takes place exclusively in the user's private environment (so-called personal/household exception). This Policy describes the App's privacy rules and the situations in which data may be processed by third parties or by the developer in a strictly limited scope (e.g. e-mail contact). This Policy applies to all users of the App and describes privacy rules in accordance with: Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR), the Polish Personal Data Protection Act of 10 May 2018, Directive 2002/58/EC, and the Polish Act of 18 July 2002 on the provision of services by electronic means. By using the App, you confirm that you have read this Policy.
2. Data Controller
TIDYCUSTOMS · Bogusław Mitro · NIP: 7342553332 · ul. Ludowa 22, 33-380 Krynica-Zdrój, Poland · E-mail: privacy [at] tidycustoms [dot] net. The developer is the controller only for data that the user provides directly (e.g. in e-mail correspondence for support purposes). Providing such data is voluntary but necessary for handling the request. Data stored locally in the App on the user's device is not accessible to the developer and is not processed by the developer within the meaning of the GDPR.
3. Legal basis for processing
To the limited extent that personal data is processed by the developer (e.g. e-mail contact, technical support), processing takes place on the basis of Article 6(1) GDPR: point (f) (legitimate interest) – for handling correspondence, providing technical support, and pursuing or defending claims; point (c) (legal obligation) – where it is necessary to comply with tax or consumer obligations (e.g. complaints); point (a) (user consent) – for voluntary system notifications (technically handled by the device operating system).
4.1 Data stored locally on the device
The App operates on a "local-first" model. The following data is stored on your device. We, as the developer, have no access to it and do not send it to our servers: the list of apps selected as "prayer triggers" (e.g. Instagram, TikTok, YouTube); prayer statistics (only the count of chosen prayer moments – we never count skips); favourite arrow prayers; history of recently viewed prayers; App preferences (theme, language, hold duration, notification settings). Note: this data may be subject to a system-level device backup (Android Backup) to the user's Google account if that feature is enabled in the operating system settings.
4.2 Accessibility Service
PrayCue uses the Android Accessibility Service solely to detect when you open one of the apps you have selected from your list. The App only receives the package name (e.g. "com.instagram.android") of the launching app – nothing more. PrayCue does NOT read your screen contents, does NOT read messages, passwords, or other apps' data, and does NOT transmit any information from the Accessibility Service externally. Data obtained from the Accessibility Service is used exclusively locally, in volatile memory, to launch the prayer screen. It is not saved, copied, or shared with third parties.
4.3 Data processed by Google Play
The App offers optional premium subscription plans with a 7-day free trial. When you purchase a subscription, the following data is processed by Google Play Billing (operated by Google LLC): subscription status (active, expired, in trial), subscription plan type (monthly or yearly), purchase tokens and transaction identifiers. With regard to payment handling and transaction processing, Google LLC acts as a separate, independent Data Controller. This data is processed by Google in accordance with Google's Privacy Policy (https://policies.google.com/privacy). We have no access to your payment data (card number, billing address). We receive from Google only the technical information about subscription status that is necessary to unlock premium features.
4.4 No additional data collection
The App: does not collect analytics data identifying the user (the developer has access only to aggregated and anonymised statistics provided by Google Play Console, e.g. total install count, country – which do not allow identification of a specific person); does not use crash reporting services that send data externally; does not require creating user accounts in our system; does not use cookies or tracking technologies; does not access location data; does not access contacts, camera, microphone, or files; does not share any data with third parties other than Google Play Billing (payments); does not use advertising SDKs or ad networks.
4.5 Device permissions
Accessibility Service permission (required): used solely to detect when you open one of your selected apps, in order to display the prayer screen. You may revoke this permission at any time in the device settings (the App will then stop displaying arrow prayers before selected apps, but the remaining features will remain available). Notifications permission (optional): used solely to display local notifications (weekly prayer report, trial-end reminder, system warnings when permissions are lost). All notifications are generated locally. Internet permission: used solely for communication with Google Play Billing (subscription verification and purchase processing). No user content (apps list, statistics, favourite prayers) is transmitted over the network.
5. Purposes of processing
We process data (to the limited extent we have access to it, e.g. e-mail) or the App processes data locally for the following purposes: providing the service (enabling the App's core function – an invitation to a short arrow prayer before opening one of your selected apps – local processing); customer support (responding to enquiries sent by e-mail, basis: legitimate interest); personalisation (tailoring the App to your preferences – choice of trigger apps, hold duration, theme, language, notification schedule); local notifications (weekly prayer report, system reminders – solely with your express consent/setting); premium features (verifying subscription status and providing access to premium features).
6. Data recipients and transfers
6.1 Google Play Billing: data relating to the subscription purchase is processed by Google LLC acting as an independent controller. Google processes this data in accordance with its Privacy Policy. Google may transfer data to servers located outside the EEA, subject to appropriate safeguards applied by Google (including Standard Contractual Clauses). 6.2 No other recipients: apart from Google Play Billing, no data is transmitted to our servers, shared with third parties, or processed by external services.
7. Data retention period
All locally stored data remains on your device until: you uninstall the App from your device, you clear the App data in the device settings, or you delete individual items in the App (apps list, favourite prayers, statistics). We have no access to your locally stored data and cannot retrieve or delete it remotely. Correspondence data (e-mail) is retained for the period necessary to handle the request and thereafter until any potential claims become time-barred. Subscription-related data stored by Google is subject to Google's data retention rules.
8. User rights under the GDPR
You have the following rights under Articles 15–22 GDPR. With regard to local data, you exercise them yourself within the App; with regard to correspondence data, by contacting us: right of access (Article 15) – view all your data directly in the App; right to rectification (Article 16) – edit the apps list and favourite prayers directly in the App; right to erasure (Article 17) – delete individual items or clear all statistics in the App settings (uninstalling the App deletes all locally stored data); right to restriction of processing (Article 18) – you may disable specific features (e.g. notifications, Accessibility Service) in the device settings; right to data portability (Article 20) – all data is stored locally on your device and remains under your full control; right to object (Article 21) – you have the right to object to the processing of your data (e.g. e-mail address) where we process it on the basis of our legitimate interest; right to withdraw consent (Article 7(3)) – disable notifications or the Accessibility Service at any time in device settings; cancel the subscription at any time via Google Play.
9. Security measures
We implement appropriate technical and organisational measures in accordance with Article 32 GDPR: all user data is stored locally using secure Android frameworks (Room Database and DataStore); data is protected by built-in device security (screen lock, device encryption); no user content leaves the device on the App's initiative, which eliminates remote attack vectors; communication with Google Play regarding subscriptions takes place via encrypted HTTPS connections; the App applies the principle of data minimisation – we collect only the data necessary for the App to function.
10. Children's privacy
The App is not intended for children under the age of 13 (in line with the requirements of Polish law). We do not knowingly collect personal data of children below this age limit. If you are under 13, you must obtain the consent of a parent or legal guardian before using the App, in particular before purchasing a subscription. Parents and guardians should monitor use of the App directly on the device.
11. Automated decision-making and profiling
We do not use your personal data for automated decision-making or profiling within the meaning of Article 22 GDPR.
12. Cookies and tracking technologies
The App does not use cookies, tracking pixels, fingerprinting, or any similar tracking technologies.
13. Your control options
You have full control over your data through: device settings (manage permissions – Accessibility Service, notifications – uninstall the App, clear App data); App settings (configure preferences, clear statistics, manage the trigger-apps list and notifications); direct control (add and remove apps from the list, add favourite arrow prayers, change hold duration); Google Play (manage or cancel the subscription at any time).
14. Data breach notification
Because all user data is stored locally on the device, any data breach would be limited to physical access to the device. The developer is responsible only for data that it actually processes (e.g. e-mail). Subscription data processed by Google Play is subject to Google's rules.
15. International users
This Privacy Policy has been prepared in accordance with European data protection standards (GDPR). Users outside the European Union enjoy the same privacy safeguards described in this document.
16. Changes to this Privacy Policy
We may update this Privacy Policy to reflect changes in the App's functionality or in applicable law. We will notify users of material changes through: information in the App description on the Google Play store, and an updated "Last updated" date at the top of this Policy. Continued use of the App after changes are made constitutes acceptance of the updated Policy.
17. Complaints and supervisory authority
You have the right to lodge a complaint with the competent supervisory authority under Article 77 GDPR. The Polish supervisory authority is: President of the Personal Data Protection Office (PUODO), ul. Stawki 2, 00-193 Warszawa, Poland. Website: https://uodo.gov.pl. Helpline: +48 22 531 03 00.
18. Google Play Data Safety declaration
In accordance with the Google Play Developer Program policy, we declare: collected data – the developer does not collect data on its own servers; Google Play collects subscription/purchase data when a premium plan is purchased. Data sharing – no data sharing by the developer. Data security – all user data is stored locally on the device with device-level security. Data deletion – users may delete all data by uninstalling the App or clearing App data in device settings. Account required – no (a Google Play account is required only to purchase a premium subscription).
19. Contact details
For questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us. Data-protection contact: TIDYCUSTOMS, E-mail: privacy [at] tidycustoms [dot] net, address: ul. Ludowa 22, 33-380 Krynica-Zdrój, Poland. Product-support contact: hello [at] praycue [dot] com.
20. Privacy by design
In accordance with Article 25 GDPR, this App has been designed with the principles of data minimisation and local processing in mind. Legal notice: this Privacy Policy constitutes information about privacy rules.