Privacy Policy
Last updated: 23 April 2026
This Privacy Policy explains how 350life, Tim Sfiligoj s.p. ("we", "us") handles personal data when you use the Lansia mobile application ("the App").
We are based at:
350life, Tim Sfiligoj s.p. Grcarevec 31, 1370 Logatec, Slovenia
For any privacy question, write to tim@350life.com.
We are the data controller for personal data processed through the App.
1. What we collect
We collect only what we need to run the App.
Account data
- Email address
- Display name (you choose this in onboarding; can be changed later)
- The sign-in method you used (Email & password, Sign In with Apple, or Sign In with Google)
- A unique account identifier
- Push notification token (only if you grant permission)
- Account creation timestamp and last update timestamp
- Onboarding completion timestamp
Goals data (content you create)
- The text of your daily goals
- The date each goal is set for
- Whether each goal is pending, succeeded, or failed
- Achievement / milestone records (e.g., when you unlocked a 7-day streak)
Purchase data
- Whether you have purchased the Lansia Lifetime in-app purchase
- The timestamp of that purchase
- We do not receive or store your card or payment details. Payments are processed by Apple App Store or Google Play.
Operational data
- Basic technical logs needed to operate the service (e.g., when an authentication request fails). We do not currently use third-party analytics or crash-reporting services.
We do not collect: location, contacts, photos, microphone, camera, advertising identifiers, or any data not listed above.
2. How we use the data
- To provide the App's core functionality (sign you in, save and display your goals, compute your stats and milestones)
- To unlock premium features after you complete the in-app purchase
- To send you push notifications you have opted in to (e.g., daily evening reminder; milestone celebration)
- To respond to your support requests
- To comply with legal obligations (tax records related to in-app purchases)
3. Legal basis (GDPR)
We process personal data on the following legal bases under the EU General Data Protection Regulation:
- Contract — to provide the App you signed up for (Article 6(1)(b))
- Consent — for push notifications, where you grant OS-level permission (Article 6(1)(a))
- Legal obligation — for tax and accounting records of purchases (Article 6(1)(c))
- Legitimate interest — to keep the service working, prevent abuse, and respond to support requests (Article 6(1)(f))
4. Who we share data with (subprocessors)
We use the following third-party services to run the App. Each is bound by their own privacy and security commitments.
| Service | Purpose | Where data is stored |
|---|---|---|
| Supabase, Inc. | Database, authentication backend | Hosted in EU |
| Apple Inc. | Sign In with Apple, in-app purchase processing, App Store distribution, push delivery via APNs | Worldwide (per Apple) |
| Google LLC | Sign In with Google (only if you choose this option) | Worldwide (per Google) |
| RevenueCat, Inc. | In-app purchase entitlement validation | United States |
| Expo (Exponent, Inc.) | Push notification routing | United States |
We may add additional service providers (for example, error monitoring or product analytics) before public launch. This Privacy Policy will be updated and the change date above will reflect any such additions before the new processor is enabled.
We do not sell your personal data, and we do not use it for advertising.
5. International transfers
Some of our subprocessors are located outside the European Economic Area (notably in the United States). Where this is the case, transfers are made under the European Commission's Standard Contractual Clauses or an equivalent adequacy mechanism provided by each subprocessor.
6. How long we keep data
- Account, goals, purchase, and milestone data: kept for as long as your account is active.
- When you delete your account (Settings → Delete account): all of your data is deleted from our database immediately. Backups roll over within 30 days.
- Tax-relevant purchase records: retained for the period required by Slovenian tax law (currently 10 years), even if you delete your account, in a minimised form (purchase identifier and amount only).
7. Your rights (GDPR)
If you are in the EU/EEA, you have the right to:
- Access the personal data we hold about you
- Correct inaccurate data
- Delete your data ("right to be forgotten")
- Restrict or object to certain processing
- Export your data in a portable format
- Withdraw consent (e.g., disable push notifications) at any time
- Lodge a complaint with the Information Commissioner of the Republic of Slovenia (Informacijski pooblaščenec) — https://www.ip-rs.si
To exercise any of these rights, write to tim@350life.com. You can also delete your account directly inside the App (Settings → Delete account).
8. Push notifications
The App can send you:
- A daily reminder at the time you choose
- Celebrations when you unlock a milestone
Notifications are only sent if you grant permission at the OS level. You can revoke permission at any time in iOS Settings → Notifications → Lansia, or by toggling the switches in the App's Settings → Notifications screen.
9. Children
The App is not directed to children under the age of 13. We do not knowingly collect personal data from children under 13. If you believe a child has provided us with personal data, contact us at tim@350life.com and we will delete it.
10. Security
We use industry-standard measures to protect your data, including:
- TLS encryption for all data in transit
- Encryption at rest at our database provider
- Row-level security so that each user can only access their own records
- Sign-in tokens stored on-device in the platform secure enclave (iOS Keychain / Android Keystore)
No system is perfectly secure. If a breach affects your data, we will notify you and the competent supervisory authority within 72 hours, as required by GDPR Article 33.
11. Changes to this policy
We may update this Privacy Policy from time to time. The "Last updated" date at the top of this page reflects the latest revision. For material changes, we will notify you in the App before the change takes effect.
12. Contact
350life, Tim Sfiligoj s.p. Grcarevec 31, 1370 Logatec, Slovenia tim@350life.com