Effective Date: April 20, 2026

Think Design ("Company," "we," "our," or "us") provides the Thinkless mobile application ("App"). This Privacy Policy describes how we collect, use, store, and share information when you use our App. By accessing or using Thinkless, you acknowledge that you have read and understood this Privacy Policy.

1. Information We Collect

1.1 Information You Provide Directly

(a) Account Information: If you choose to create an account, we collect your name, email address, and a unique account identifier. Depending on your chosen sign-in method (Apple Sign-In, Google Sign-In, or email registration), the specific information collected may vary based on the permissions you grant to those services.

(b) Wellness Data: When you use the App's features, you may provide emotional check-in responses, written journal entries and reflections, stress and worry topic selections, and records of completed wellness activities including their type, date, and duration.

(c) Preferences: We store your in-app settings, including notification preferences, sound preferences, and security preferences (such as whether PIN or biometric protection is enabled).

1.2 Information Collected Automatically

When you use the App, we automatically collect certain usage data, including the dates and approximate times you open the App, which features you use and how frequently, notification delivery and interaction status, achievement and progress milestones, and practice streak information.

1.3 Information We Do Not Collect

We do not collect precise geolocation data, contacts or address book information, photos or camera data, browsing history outside the App, health data from Apple HealthKit, or advertising identifiers.

2. How We Use Your Information

We use the information we collect for the following purposes:

(a) To Provide the Service: Delivering the App's core wellness and mindfulness features, tracking your progress, and personalizing your experience.

(b) On-Device AI Processing: The App uses Apple's on-device machine learning framework (FoundationModels) to generate personalized suggestions, insight summaries, and notification messages. This processing occurs locally on your device. Your personal data, including journal entries and emotional data, is not transmitted to any external server for AI processing.

(c) Push Notifications: If you grant permission, we send push notifications including daily check-in reminders and wellness activity suggestions. You may control which types of notifications you receive through the App's settings.

(d) Data Synchronization: If you enable iCloud sync, we facilitate the synchronization of your wellness data across your Apple devices through Apple's iCloud infrastructure.

(e) Subscription Management: Processing and verifying in-app purchases and subscription status through Apple's StoreKit framework.

3. How Your Information Is Stored

3.1 Local Device Storage

The majority of your data is stored locally on your device using iOS system storage mechanisms, which benefit from the encryption provided by the iOS operating system.

3.2 iCloud Storage

If you choose to enable iCloud synchronization, your wellness data (including emotional check-ins, journal entries, activity records, and preferences) is stored in Apple's iCloud Key-Value Storage. This data is managed under your personal Apple ID and is subject to Apple's privacy and security practices. You may disable iCloud sync at any time through the App's Data & Privacy settings.

3.3 Third-Party Authentication Servers

When you create an account or sign in, your authentication credentials are processed through Firebase Authentication, a service provided by Google LLC. This means your email address, name, and authentication tokens are transmitted to and stored on Google's servers for the purpose of account management. Please refer to Section 4 for further details.

4. Third-Party Services

The App integrates the following third-party services, each of which has its own privacy practices:

(a) Firebase Authentication (Google LLC): Used for account creation, authentication, and account management. Your authentication data (email, name, account identifier) is processed on Google's servers. For more information, see Google's Privacy Policy at https://policies.google.com/privacy and Firebase's privacy documentation at https://firebase.google.com/support/privacy.

(b) Google Sign-In (Google LLC): If you choose to sign in with Google, your authentication is handled through Google's OAuth 2.0 protocol. Only the information you authorize during the sign-in flow is shared with us. See https://policies.google.com/privacy.

(c) Apple Sign-In (Apple Inc.): If you choose to sign in with Apple, your authentication is handled by Apple. You may choose to share or hide your email address. See https://www.apple.com/legal/privacy/.

(d) Apple StoreKit (Apple Inc.): In-app purchases and subscriptions are processed entirely by Apple. We do not collect or store your payment information. See https://www.apple.com/legal/privacy/.

(e) Apple iCloud (Apple Inc.): If enabled, iCloud Key-Value Storage is used to synchronize your data across devices. This data is stored under your Apple ID and governed by Apple's privacy practices. See https://www.apple.com/legal/privacy/.

5. Data Sharing and Disclosure

5.1 We Do Not Sell Your Data

We do not sell, rent, or trade your personal information to third parties for marketing or advertising purposes.

5.2 Limited Sharing

We share your information only in the following circumstances:

(a) With Third-Party Service Providers: As described in Section 4, limited data is shared with authentication and infrastructure providers solely to operate the App.

(b) Legal Requirements: We may disclose your information if required to do so by law, regulation, legal process, or governmental request.

(c) Protection of Rights: We may disclose information when we believe in good faith that disclosure is necessary to protect our rights, your safety, or the safety of others, or to investigate potential violations of these terms.

6. Data Retention and Deletion

6.1 Locally stored data remains on your device for as long as the App is installed. Uninstalling the App removes all locally stored data from your device.

6.2 If iCloud sync is enabled, data stored in iCloud persists until you manually delete it through the App's settings or through your iCloud account management.

6.3 Account data stored in Firebase Authentication is retained until you request account deletion. You may request deletion of your account by contacting us at the email address provided in Section 13.

6.4 Upon receiving a verified account deletion request, we will delete or anonymize your authentication data within 30 days, subject to any legal obligations that may require us to retain certain information.

7. Your Choices and Controls

You have the following controls over your data:

(a) You may disable iCloud synchronization at any time through the App's Data & Privacy settings.

(b) You may enable or disable specific notification types (morning check-in, evening reset, smart notifications) through the App's Notification settings.

(c) You may control sound preferences through the App's Sound settings.

(d) You may enable or disable app protection (PIN, Face ID) through the App's Data & Privacy settings.

(e) You may request deletion of your account and associated data by contacting us at contactthinkdesign@gmail.com.

(f) You may manage or cancel your subscriptions through your Apple ID account settings.

8. Security

We implement reasonable technical and organizational measures to protect your personal information. These include leveraging iOS system-level encryption for local storage, using secure authentication protocols (OAuth 2.0, SHA-256 hashing), and offering optional biometric and PIN protection for app access. However, no method of electronic storage or transmission is completely secure, and we cannot guarantee absolute security.