Privacy Policy
Effective 24 April 2026
HolyLock is designed to collect as little about you as possible. This page explains exactly what we do and don't collect, who receives it, and your rights.
The short version
We don't know your name, your email, or what you read. We don't track you across other apps or websites. What apps you choose to block and what you read stays on your device. We do collect anonymous usage events so we can understand which parts of the app are working — nothing linked to your identity.
Who we are
HolyLock is operated by Bianca Iordache (sole developer, based in Romania), acting as the data controller for the app. For any privacy question, email privacy@holylock.com.
What we collect
Anonymous usage analytics
We use PostHog to record which screens you visit inside the app (for example, "onboarding step viewed," "reading completed," "paywall shown"). These events are keyed to a randomly generated device identifier that cannot be linked back to you personally. We use this to understand how the app is being used and where it needs improvement.
Purchase history
If you subscribe to HolyLock Pro, Apple handles the transaction. RevenueCat (our subscription management provider) receives a record of your purchase linked to an anonymous Apple-provided identifier. This is used to grant you access to Pro features and to track aggregate revenue. We never see your name, email, or payment method.
Device identifiers
Limited device information (iOS version, device type, app version) is collected with the above events to help us diagnose issues and ensure the app works on your device.
What we do not collect
- Your name, email address, or phone number
- Your location
- Your contacts
- Health, fitness, or medical information
- The specific apps you choose to block — this is managed entirely on your device by Apple's FamilyControls framework and never leaves your phone
- The content of what you read or write — reading history, reflections, and notes are stored locally on your device only
- Any cross-app tracking identifier (IDFA) for advertising or measurement purposes
Third parties
We share the minimum necessary anonymous data with:
- Apple — processes all in-app subscription payments
- RevenueCat — manages subscription entitlements and receipt validation
- PostHog — records anonymous product analytics
Each of these has their own privacy policy. None of them receive personally identifying information from us.
Data retention
Analytics events are retained for up to 12 months. Purchase records are retained for as long as your subscription is active, plus any period required by applicable tax and accounting law. Because our records are anonymous, we cannot delete a specific person's data on request — but you can stop all further collection by deleting the app.
Your rights
If you are in the European Economic Area, the United Kingdom, or a jurisdiction with similar protections (including California), you have rights to access, correct, delete, and port the personal data we hold about you, as well as to object to or restrict our processing of it. To exercise these rights, email privacy@holylock.com. Because our data is anonymous, we may not be able to associate a request to specific records — we will do our best to help you.
Children's privacy
HolyLock is not directed at children under 13. We do not knowingly collect data from children under 13. If you believe a child has provided us with data, email us and we will remove it promptly.
Security
Data in transit between your device and our third-party providers is encrypted using HTTPS/TLS. We use reputable vendors (Apple, RevenueCat, PostHog) with their own security programs. No system is perfectly secure; we make reasonable efforts to protect what little data we collect.
Changes to this policy
If we make material changes to how we handle data, we'll update this page and, where appropriate, notify you in the app before the changes take effect.
Contact
Questions, concerns, or requests: privacy@holylock.com.