Privacy policy

1. Introduction

NOMADSLIM LLC ("we", "our", or "us") operates the Manifest application (the "App"). This Privacy Policy explains how we collect, use, disclose, and protect information when you use the App, including when you create an account, use AI-assisted features, track meditation sessions, and manage subscriptions. We are committed to protecting your privacy and complying with applicable data protection laws, including (where applicable) the EU/EEA/UK General Data Protection Regulation ("GDPR") and the California Consumer Privacy Act ("CCPA/CPRA"). This Privacy Policy should be read together with our Terms of Service and Refund Policy.

2. Key Definitions

For clarity:
• "Personal Data" means information that identifies or can reasonably be linked to you (e.g., email address).
• "Processing" means any operation performed on data (e.g., collecting, storing, using, sharing).
• "Controller" refers to the entity deciding why and how Personal Data is processed (typically NOMADSLIM LLC).
• "Processor" refers to a service provider processing data on behalf of the Controller (e.g., hosting providers, payment processors). Some terms may have specific legal meanings depending on your location.

3. Information We Collect

We collect information in three main ways: (a) information you provide, (b) information collected automatically, and (c) information generated through your use of the App. 3.1 Information You Provide
• Account information: email address and authentication details required to create and access your account.
• Optional profile information: name (if provided), country/region, language preference, and other settings.
• Vision and goal data: goals, intentions, vision statements, and related inputs you choose to store in the App.
• Support communications: messages you send to us (e.g., support requests, refund requests, privacy requests). 3.2 Information Collected Automatically
• Device and technical data: device type, operating system, browser/app version, time zone, and approximate location derived from IP address (typically country/region level).
• Usage data: feature usage, screens viewed, session timestamps, interaction events, crash logs and diagnostics (where enabled).
• Security data: IP address, log data, and signals used for fraud prevention, abuse detection, and account security. 3.3 Meditation and Progress Data
• Practice session data: session completion, duration, streaks, reminders (if enabled), and other progress indicators displayed in the App.
• Task data: daily action/task completion status and related engagement metrics. 3.4 AI Feature Data The App may use third-party AI services (such as OpenAI or similar providers) to generate text-based outputs.
• Inputs sent to AI: the text you submit for vision generation or AI-assisted guidance.
• AI outputs: generated text (for example, a vision statement) that you may choose to save.
• AI usage metrics: counts, rate limits, and technical measures used for performance, cost control, and abuse prevention. We do not intend to store complete AI conversation histories as a continuous transcript inside the App. However, certain inputs or outputs may be stored if you explicitly save them (for example, saving a generated vision), or if required for security, compliance, or debugging as described below.

4. How We Use Your Information

We use information for the following purposes: 4.1 Provide and Operate the App
• Create and manage your account
• Provide core features (vision creation, meditation tracking, daily action/task features)
• Maintain, secure, and support the App 4.2 Personalization and User Experience
• Remember preferences (language, settings)
• Display your saved content (visions, progress, streaks)
• Improve usability and accessibility 4.3 Payments and Subscription Management
• Process purchases, renewals, and cancellations (through our payment processors)
• Provide access to paid features
• Detect and prevent payment fraud or abuse 4.4 Communications
• Send operational messages (e.g., account notices, billing notices, security alerts)
• Respond to support, refund, or privacy requests 4.5 Safety, Abuse Prevention, and Compliance
• Prevent spam, fraud, and abusive usage
• Enforce our Terms of Service
• Comply with legal obligations and respond to lawful requests We do not sell your Personal Data.

5. Legal Bases for Processing (GDPR)

If you are located in the EU/EEA/UK, we rely on one or more of the following legal bases:
• Contract: to provide the App and features you request.
• Legitimate Interests: to secure the App, prevent abuse, improve performance, and maintain service reliability, where those interests are not overridden by your rights.
• Consent: where we ask for it (e.g., certain optional communications or features). You may withdraw consent at any time.
• Legal Obligation: to comply with applicable laws, accounting rules, and lawful requests.

6. Sharing and Disclosure of Information

We share information only as needed to operate the App and in the limited situations described below. 6.1 Service Providers (Processors) We may share information with vendors that help us provide the App, such as:
• Hosting, database, and authentication providers (e.g., Supabase)
• AI providers (e.g., OpenAI or similar services)
• Payment processors (e.g., Stripe for web purchases; Apple and Google for in-app purchases)
• Analytics and crash reporting providers (if used) These providers are permitted to process data only to perform services for us and are required to protect it. 6.2 Legal and Safety We may disclose information if we believe disclosure is reasonably necessary to:
• Comply with a law, regulation, legal process, or lawful request
• Protect the rights, property, or safety of users, NOMADSLIM LLC, or others
• Detect, prevent, or address fraud, security, or technical issues 6.3 Business Transfers If we are involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, information may be transferred as part of that transaction, subject to applicable law. We do not share your data with third parties for their own advertising purposes.

7. Third-Party Services

The App relies on third-party services. Their processing of your data may be governed by their own privacy policies. Examples may include:
• Supabase (database/authentication)
• OpenAI (AI processing)
• Stripe (web payments)
• Apple App Store and Google Play (in-app purchases) We do not control third-party practices. We encourage you to review their policies. Important notes:
• Payment details: We do not receive or store full payment card details when payments are processed by Stripe, Apple, or Google.
• AI processing: AI providers may process your inputs to produce outputs. We recommend that you do not include highly sensitive personal information in prompts (e.g., medical data, government IDs).

8. Data Retention

We retain information only for as long as necessary for the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law. Typical retention periods (may vary based on technical constraints and legal requirements):
• Account data: retained while your account remains active.
• Deleted account data: when you request deletion, we generally delete or de-identify personal data within a reasonable period. Certain data may remain temporarily in backups or logs.
• Backups: backup copies may persist for up to 90 days.
• Billing and transaction records: retained as required for accounting, tax, dispute resolution, and compliance.
• Security logs and abuse-prevention signals: retained as needed to protect the service, investigate abuse, and enforce our Terms.
• Saved content: content you explicitly save in the App (e.g., saved visions) remains until you delete it or delete your account. We may retain and use aggregated or de-identified information for analytics and service improvement.

9. Your Rights and Choices

Your rights depend on where you live. 9.1 Account Controls Where available, you can: • Update certain profile information
• Manage preferences (e.g., language)
• Cancel subscriptions (through the platform where you purchased)
• Request account deletion (if the feature is available in the App) 9.2 GDPR Rights (EU/EEA/UK) You may have the right to:
• Access your Personal Data
• Correct inaccurate data
• Request deletion (right to be forgotten)
• Restrict processing
• Object to processing
• Data portability
• Withdraw consent (where processing is based on consent) You also have the right to lodge a complaint with your local data protection authority. 9.3 CCPA/CPRA Rights (California) You may have the right to:
• Know what Personal Information we collect, use, and disclose
• Request deletion (subject to certain exceptions)
• Correct inaccurate Personal Information
• Opt out of the "sale" or "sharing" of Personal Information (we do not sell or share for cross-context behavioral advertising)
• Non-discrimination for exercising your rights To exercise rights, contact us at contact@senseislim.com. We may need to verify your identity before fulfilling certain requests.

10. Data Security

We implement reasonable administrative, technical, and organizational measures designed to protect your information, such as encryption in transit (HTTPS/TLS) and access controls. However, no method of transmission or storage is 100% secure. We cannot guarantee absolute security. You are responsible for maintaining the security of your account credentials and device. If you believe your account has been compromised, contact us at contact@senseislim.com.

11. International Data Transfers

We may process and store information in the United States and other countries where we or our service providers operate. Where required, we use appropriate safeguards for international transfers, such as contractual protections and other lawful mechanisms recognized under applicable data protection laws.

12. Children's Privacy

The App is not intended for anyone under 18 years of age. We do not knowingly collect Personal Data from children. If you believe a child has provided Personal Data, please contact us at contact@senseislim.com so we can take appropriate steps.

13. Cookies and Similar Technologies (Web Version)

If you use the web version of the App, we may use cookies or similar technologies to support essential functionality such as authentication, session management, security, and preference storage. We do not intend to use third-party advertising cookies in the App. If we introduce new tracking technologies, we will update this Privacy Policy and, where required, request consent. You can typically control cookies through your browser settings. Disabling certain cookies may limit functionality (such as staying signed in).

14. Do Not Track

Some browsers offer a "Do Not Track" signal. Because there is no consistent industry standard for responding to these signals, we do not currently respond to Do Not Track signals in a uniform way.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we may provide notice through the App and/or by email. Your continued use of the App after the effective date of an updated Privacy Policy means you accept the updated policy.

16. Contact Us

For privacy-related questions, data requests, or to exercise your rights, contact us at: Email: contact@senseislim.com NOMADSLIM LLC Delaware, United States of America For GDPR requests, include "GDPR Request" in your subject line. For CCPA/CPRA requests, include "CCPA Request" in your subject line.