Privacy Policy

Effective date: 13 May 2026 · Last updated: 14 May 2026

This Privacy Policy explains what personal data the Focus Cat - Boncuk mobile application (the "App") collects from its users, how that data is processed, with whom it is shared, and how you can exercise your rights. By using the App, you agree to the terms of this policy.

This document is prepared in accordance with the EU General Data Protection Regulation ("GDPR") and Turkey's Personal Data Protection Law No. 6698 ("KVKK").

1. Data Controller

2. Personal Data We Collect

2.1. Identity & Account Information

2.2. In-App Profile & Progress

2.3. Activity & Interaction Data

2.4. Device & Notification Data

2.5. Usage Access Data (Android PACKAGE_USAGE_STATS)

The App requires Android's "Usage Access" permission so that it can detect when an app you have marked as a distraction comes to the foreground during a focus session. How this permission is used:

3. Purposes of Processing

4. Legal Basis for Processing

5. Children's Data

The App is designed for users aged 13 and above. We do not knowingly collect personal data from children under 13. Under EU law (GDPR Art. 8) and Turkish KVKK guidance, processing of personal data of users below 16 typically requires parental consent; users aged 13–15 should use the App with parental permission. If you become aware that a child has provided us with personal data without consent, please contact us at the email below and the relevant data will be deleted.

6. Third Parties and Data Sharing

Your data is processed only through the following service providers, solely to deliver the App's functionality. These providers act as data processors and are subject to their own privacy policies:

ServiceProviderPurpose
AuthenticationGoogle LLC (Firebase Authentication, Google Sign-In)Account creation, sign-in
DatabaseGoogle LLC (Cloud Firestore — us-central1)Profile, group, activity data
Server operationsGoogle LLC (Cloud Functions, Cloud Tasks — us-central1)Notification dispatch, data pruning
Push notification infrastructureGoogle LLC (Firebase Cloud Messaging)Notification delivery
Push notification brokerExpo (650 Industries, Inc.)Device token management, delivery via Expo Push API

Database and server operations are hosted on servers in the United States (us-central1 region). This constitutes a cross-border data transfer. For users in the EU/EEA, transfers are based on the Standard Contractual Clauses (SCCs) used by Google as the processor. For users in Türkiye, this is a transfer under KVKK Art. 9 and your use of the App constitutes explicit consent.

Privacy policies of the listed providers:

Unless required by law (court order, lawful request from a public authority, etc.), we do not sell, rent, or share your data with third parties for marketing purposes.

7. Data Retention

DataRetention
Account and profile dataUntil you delete your account
Focus session history and statsUntil you delete your account
Group activity feed events24 hours (auto-pruned)
Group meetup records7 days (auto-pruned)
Push notification tokenDeleted when account is deleted or device changes
Server logs (error, security)Per Firebase's policy, max 90 days

8. Data Security

That said, no internet service is 100% secure. If a data breach is detected, we will notify you and the relevant authorities in accordance with GDPR Art. 33–34 and KVKK Art. 12/5.

9. Your Rights (GDPR Ch. 3 / KVKK Art. 11)

You have the following rights regarding your personal data:

To exercise these rights, please contact a.asimguc@gmail.com. We respond within the periods required by GDPR and KVKK (within 30 days at the latest).

10. Account Deletion

You may delete your account at any time. In-app deletion: Settings → Delete my account. When your account is deleted, the following data is permanently removed:

You may also submit a deletion request by email: a.asimguc@gmail.com. Requests are processed within 30 days at the latest.

11. Cookies and Tracking Technologies

The App is a native mobile application and does not use cookies in the traditional sense. We do not collect advertising IDs, integrate third-party advertising SDKs, or use analytics SDKs that profile users.

12. Changes to This Policy

We may update this policy from time to time. Material changes will be communicated within the App or by email to your registered address. A change in the "Last updated" date also indicates that the policy has been revised.

13. Contact

For any questions, requests, or complaints: a.asimguc@gmail.com.

EU/EEA users have the right to lodge a complaint with their national data protection authority. Users in Türkiye may file a complaint with the Personal Data Protection Authority (KVKK): kvkk.gov.tr.