Privacy Policy

Drown is an independent sleep protection app. If you have any questions about this policy, you can reach us at hello@drownapp.com.

This Privacy Policy explains what data the Drown mobile application ("the app") collects, how it is used, who it is shared with, and your rights regarding your data. We are committed to protecting your privacy and being transparent about every aspect of data handling.

Drown is designed to collect minimal data and to keep you in control. The table below describes all data processed by the app.

Data type	Optional?	How we use it
Microphone audio	Required (with your permission)	Analyzed in real time on-device to detect noise spikes. Never recorded, stored, or transmitted. Audio buffers exist only in volatile memory (RAM) and are immediately discarded after analysis.
Sleep session data	Automatic	Generated locally after each session. Stored on your device only. Used to display your morning protection report and historical trends.
App preferences	Automatic	Stored locally on your device via iOS UserDefaults. Never synced or uploaded.
HealthKit sleep data	Optional (with your explicit permission)	Drown may write a sleep analysis entry to Apple Health. Managed by Apple's HealthKit framework and subject to Apple's Privacy Policy. We only write data.
Subscription status	Automatic	Managed by RevenueCat (see Section 4). Used to determine whether you have access to premium features. We never see your payment details.
Anonymized crash logs	Optional (controlled by iOS settings)	If you have opted in to share diagnostics with developers via iOS Settings → Privacy → Analytics, Apple may share anonymized crash data with us.

What we do NOT collect

• No email address, name, or personally identifiable information
• No account or login required
• No audio recordings, ever
• No location data
• No advertising identifiers or tracking
• No usage analytics beyond Apple's opt-in crash reporting

Under the General Data Protection Regulation (GDPR) and similar privacy laws, we are required to state the legal basis for processing your data.

Data	Purpose	Legal basis
Microphone audio	Real-time noise detection	Consent (iOS permission dialog)
Session data	Generating your protection report	Performance of contract
App preferences	Remembering your settings	Performance of contract
HealthKit data	Writing sleep entry to Apple Health	Consent (HealthKit permission)
Subscription status	Unlocking premium features	Performance of contract
Crash logs	Fixing bugs, improving stability	Legitimate interest

Drown uses the following third-party services. We do not integrate any advertising SDKs, analytics trackers, or social media frameworks.

Service	Data shared	Purpose
Apple StoreKit	Transaction receipts	Processing in-app purchases. All payment information is handled by Apple. We never see your credit card or billing details.
RevenueCat	Anonymous app user ID, subscription status	Subscription management and receipt validation. RevenueCat processes this data under their Privacy Policy.
Apple HealthKit	Sleep analysis entry	Writing sleep data to Apple Health, only with your explicit permission. HealthKit data is never used for advertising.

We do not sell, rent, trade, or share your personal data with any third parties for marketing or advertising purposes.

Because Drown uses your device's microphone, we want to be especially transparent about how audio is handled:

• All audio processing occurs entirely on your iPhone using Apple's Core Audio and Accelerate frameworks.
• Audio is analyzed in real time at 44,100 samples per second in volatile memory (RAM).
• Audio buffers are immediately discarded after each analysis cycle. No audio data is ever written to disk.
• No audio is transmitted to any server, cloud service, or third party, under any circumstances.
• When Smart Masks (Meow Mask, Snore Mask) are active, Machine Learning inference also runs entirely on-device using Apple's Core ML framework.
• We have no technical ability to access, replay, or recover any audio from your device.

All app data (session history, preferences, reports) is stored locally on your device using standard iOS storage mechanisms (UserDefaults and local files). This data is:

• Not synced to any cloud service operated by us
• Not backed up to any server operated by us
• Completely removed when you uninstall the app

RevenueCat retains anonymous subscription data according to their retention policy. Apple retains transaction data according to their terms.

Since we do not maintain a server or database with user data, there is no data retained by us to delete. Uninstalling the app permanently removes all locally stored data.

You can delete all your data at any time:

• Delete the app: Removing Drown from your device permanently erases all locally stored data — session history, preferences, and reports. Nothing is left behind.
• Revoke permissions: Go to iOS Settings → Drown to revoke microphone or HealthKit access at any time.
• Cancel subscription: Go to iOS Settings → Apple ID → Subscriptions to manage or cancel your Premium subscription.
• RevenueCat data: Contact us at hello@drownapp.com if you want us to request deletion of your anonymous subscriber ID from RevenueCat.

Drown uses iOS standard storage (UserDefaults) to store your preferences and session data on-device. Since we do not operate any servers that store your personal data, there is no central database that could be breached. Audio data never leaves your device's volatile memory. Subscription validation is handled securely through Apple's StoreKit and RevenueCat's encrypted API.

Under GDPR, CCPA, and applicable privacy laws, you have the following rights:

• Access: All your data is visible within the app (session history, settings). You can contact us to ask what data we hold about you — the answer is: none, beyond what's on your device.
• Deletion: You can delete all your data as described in Section 7.
• Correction: You can modify your app settings at any time.
• Portability: Session data is stored locally on your device and accessible through the app.
• Objection: You may object to any processing based on legitimate interest by contacting us.
• Withdraw consent: You can revoke microphone or HealthKit permissions at any time via iOS Settings.
• Complaint: You have the right to file a complaint with your local data protection authority.

To exercise any of these rights, contact us at hello@drownapp.com.

Drown is not directed at children under the age of 13. We do not knowingly collect personal information from children. Since the app does not collect personal information from any user, this concern is effectively mitigated by design.

Drown does not use Apple's App Tracking Transparency (ATT) framework because there is nothing to track. The app does not collect or share any data with advertising networks, data brokers, or analytics providers. We do not use the Identifier for Advertisers (IDFA) or any other device-level tracking identifier. There are zero advertising SDKs or analytics frameworks embedded in the app.

Drown does not transfer any personal data across borders. All data processing happens on your device. Subscription data processed by RevenueCat may be stored on servers in the United States, subject to RevenueCat's privacy practices and applicable data transfer mechanisms.

We may update this Privacy Policy from time to time. Changes will be reflected on this page with an updated "Last updated" date. Since Drown does not collect email addresses, we cannot notify you of changes directly — we encourage you to review this page periodically. Continued use of the app after changes constitutes acceptance of the updated policy.

If you have questions or concerns about this Privacy Policy, please contact us:

• Email: hello@drownapp.com
• Contact form: drownapp.com/contact