Privacy Policy
Last updated: April 21, 2026
Introduction
Welcome to the privacy policy of the NoContact AI app. Your privacy matters to us, and we are committed to protecting the personal information you share with us. This policy explains how we collect, use, share, and protect your data when you use our application.
Who We Are
NoContact AI is a mobile application (iOS and Android) personal-development tool designed to help users maintain a "no contact" goal after a breakup. It offers goal tracking, a mood journal, and conversational coaching via an AI named Arya.
- Publisher: Gautier Colasse (sole proprietor)
- Contact: contactappsgc@gmail.com
- Data Controller: Gautier Colasse
Information We Collect
1. Information You Provide Directly
Account
- Email address and password (if signing up with email)
- Apple ID token (if signing in with Apple Sign-In)
- Google ID token, email, name, profile picture (if signing in with Google Sign-In)
Onboarding Questionnaire
During sign-up, we ask questions to personalize your experience. The answers are stored on our servers:
- First name, age, gender
- Length of the relationship and time since the breakup
- Who initiated the breakup
- Current dominant mood
- Frequency of contact urges and social-media checking
- Personal reason for going no contact
- Nature of the relationship
Daily Mood Journal
- Primary and secondary moods recorded
- Personal text notes
- Adherence to no-contact rules
- AI-generated suggestions based on these entries
Content That Stays on Your Device Only
The following content is stored locally on your device (AsyncStorage) and is never transmitted to our servers:
- Conversations with the Arya AI assistant (chat history)
- Personal Memories created in the app
- Personal vault content (Evidence Vault / Brain Shield): notes, screenshots, manifesto
- Messages written in the Outbox (fictional outbox)
- Rules and start date of your no-contact
- Preferences and app settings
2. Data Exchanged with the AI
When you chat with Arya (text or voice):
- The content of your messages is transmitted in real time to the OpenAI API to generate a response, together with context derived from your profile (onboarding answers, recent emotions, memories) to personalize the reply.
- Audio recordings are transmitted to the OpenAI (Whisper) transcription API and converted to text.
- We do not store your messages, audio recordings, or transcriptions on our servers. Your conversation history stays only on your device.
- Audio files are kept on your device only for the duration of the transcription, then deleted.
3. Information Collected Automatically
- Technical data: device model, OS and version, language, timezone, app version.
- Usage data: features used, open frequency, engagement events (paywall shown, subscription started, etc.).
- Marketing attribution identifiers: with your consent via the App Tracking Transparency prompt (iOS) or Android settings, we use your IDFA (iOS) or Advertising ID (Android) to measure the effectiveness of our acquisition campaigns.
- Diagnostics: crash reports and error traces (via Sentry) including device model, OS, and technical stack traces.
- Push notification token: a technical identifier used to deliver notifications.
- Location: we do not collect any location data, precise or approximate.
How We Use Your Information
We use your data to:
- Provide, maintain, and improve the application
- Personalize your interactions with the AI
- Generate emotional analyses and suggestions tailored to your journey
- Manage your paid subscription and premium access
- Send you notifications (daily reminders, supportive messages)
- Measure the performance of our marketing campaigns and app usage
- Detect and fix bugs (crash reports)
- Comply with our legal obligations
Legal Basis for Processing (GDPR)
We process your data on the following legal bases:
- Performance of a contract (Art. 6.1.b GDPR): account creation, providing the Services.
- Consent (Art. 6.1.a GDPR): advertising tracking (IDFA / Advertising ID), push notifications, access to microphone and photo library.
- Legitimate interests (Art. 6.1.f GDPR): improving the application, measuring usage, bug detection, security.
- Legal obligation (Art. 6.1.c GDPR): fraud prevention, accounting retention.
Sharing Your Information
We do not sell your personal data. We share it only with the following service providers, strictly necessary for the operation of the Service:
| Provider | Purpose | Data Shared | Policy |
|---|---|---|---|
| Supabase (US / EU) | Database hosting, authentication, server functions | Email, profile, onboarding data, mood journal entries, premium status | supabase.com/privacy |
| OpenAI (US) | Arya AI responses, audio transcription (Whisper), personalized suggestions | Chat messages, audio, profile context (summarized, minimized) | openai.com/policies/privacy-policy |
| RevenueCat (US) | Subscription and premium entitlement management | Anonymous user ID, purchased products, purchase events | revenuecat.com/privacy |
| Superwall (US) | Paywall display and optimization | Anonymous user ID, display/conversion events | superwall.com/privacy |
| AppsFlyer (US / EU) | Marketing attribution and campaign measurement | Anonymous user ID, IDFA / Advertising ID (with consent), engagement events | appsflyer.com/legal/privacy-policy |
| Sentry (US / EU) | Crash reporting and error monitoring | Device model, OS, app version, technical traces | sentry.io/privacy |
| Apple / Google | App distribution, in-app payments, push notifications | App Store identifier, notification token, payment information | apple.com/legal/privacy / policies.google.com/privacy |
| Expo (EAS) (US) | OTA app updates, push notification delivery | App version, notification token | expo.dev/privacy |
We may also disclose your information:
- Legal compliance: if required by law or a court order.
- Business transfer: in case of a merger, acquisition, or asset sale.
International Data Transfers
Some of our providers (OpenAI, Supabase, RevenueCat, Superwall, AppsFlyer, Sentry, Apple, Google, Expo) process your data in the United States or other countries outside the European Union. These transfers are covered by:
- Standard Contractual Clauses issued by the European Commission, or
- The EU–US Data Privacy Framework where applicable.
Data Security
- Encryption in transit: all communications with our servers use TLS/HTTPS.
- Authentication: passwords are hashed by Supabase Auth; session tokens are stored in the iOS Keychain or Android Keystore via
expo-secure-store. - Restricted access: only systems strictly necessary for the app's operation have access to your data.
No transmission or storage method is completely secure; absolute security cannot be guaranteed.
Data Retention
- Active account: your data is kept as long as your account exists.
- Account deletion: when you delete your account from the app (Settings > Privacy > Delete my account), all your server-side data (profile, onboarding, emotions, analyses, payment history) is deleted atomically through our deletion function. Local device data is removed when you uninstall the app.
- Third-party providers: deleting your NoContact AI account does not automatically delete data held by our providers under their own retention rules (e.g., RevenueCat payment logs, Sentry crash logs). You can contact us to relay your deletion request.
- Legal obligations: some data (invoices, security logs) may be retained up to 10 years to comply with French accounting and tax law.
Your Rights
Under the GDPR and applicable laws, you have the following rights:
- Right of access to your personal data
- Right to rectification of inaccurate data
- Right to erasure ("right to be forgotten")
- Right to restriction of processing
- Right to data portability
- Right to object to processing
- Right to withdraw consent at any time
- Right to lodge a complaint with the French data protection authority (CNIL, www.cnil.fr) or your local authority
To exercise these rights: email us at contactappsgc@gmail.com from the email address associated with your account. We respond within 30 days.
Account deletion and analytics opt-out are also accessible directly in the app (Settings > Privacy).
App Tracking Transparency (Apple ATT)
Per Apple's requirements, our app asks for your permission to use the IDFA. This consent is used solely for marketing attribution via AppsFlyer. We do not use your data to target you with advertising in other apps.
You can revoke this consent at any time in iOS Settings > Privacy > Tracking, or in the app settings.
Privacy Labels (App Store & Google Play)
Categories of data collected and linked to your identity:
- Contact info: email address
- Identifiers: user ID, device ID, advertising ID (with consent)
- Usage data: interactions with the application
- Diagnostics: crash reports, performance data
- User content: questionnaire answers, mood journal entries, AI messages (stored only on your device), purchases
Categories used for Tracking per Apple's definition:
- Identifiers (IDFA / Advertising ID) for marketing attribution, only with your consent.
We do not sell your data and we do not use it for targeted advertising in third-party apps.
Third-Party Links
The application may contain links to third-party sites or services (for example our Discord community). We are not responsible for the privacy practices of these third parties. Please review their respective policies.
Changes to This Policy
We may update this policy to reflect changes in the app, providers, or regulations. For significant changes, we will notify you via the app or by email at least 15 days before they take effect.
Contact Us
For any questions about this policy or your data:
Gautier Colasse Email: contactappsgc@gmail.com
Consent
By using NoContact AI, you acknowledge that you have read and accepted this privacy policy.