Who we are
Mindful Adventure is published by RJL IT Consulting. If you have a question about this policy or about the data we hold about you, write to hello@rjlitconsulting.com.
1. What we collect
We collect three categories of data, all of them small.
Account data
- Email address — used to sign you in via one-time code (magic link).
- Your first name (optional — only if you choose to provide one when you sign up or in Settings). Used solely for the greeting on the Home screen.
- An anonymous user ID — generated by our auth provider; we use it to associate your practice data with you.
Practice data (yours, on our servers, for your own backup)
- Quests and steps you've completed.
- Sittings (date, length, which quest if any).
- Badges you've earned and your current rank.
- Your notification preferences (windows, frequency, tone).
- Your selected companion, palette, and bell sound.
Device data (only what's needed to deliver notifications and fix crashes)
- Push-notification token — issued by Apple's APNs / Google's FCM. Used solely to send the caring thoughts you've opted in to.
- Anonymous crash diagnostics — if the app crashes, an anonymized stack trace is sent to our error-tracking provider so we can fix it. No personal content is included.
2. What we don't collect
- We don't collect your contacts, photos, microphone audio, location, calendar, or HealthKit data.
- We don't sell or rent your data, full stop.
- We don't run advertising trackers inside the meditation flow. Free users may see a small banner ad served by Google AdMob in non-meditation areas; that ad is served using device-level identifiers Apple already governs (App Tracking Transparency). You can opt out of personalized ads in iOS Settings.
3. How we use your data
- To sign you in and keep you signed in across devices.
- To send you the caring-thought notifications you've subscribed to, in the windows and tone you chose.
- To save your progress so a new device can pick up where you left off.
- To verify your Mindful+ entitlement after a purchase.
- To diagnose crashes and fix bugs.
That's the whole list. We don't use your data to train AI models, profile you for advertisers, or build a behavioral graph.
4. Service providers
We rely on a small number of trusted infrastructure providers to operate the app. Each only receives the data they need for their specific job, and each is bound by their own privacy and security commitments.
| Provider | What it does | What it sees |
|---|---|---|
| Supabase | Authentication, database, push-token storage | Your email, user ID, practice data, push token |
| RevenueCat | Subscription / in-app-purchase processing | Your anonymous user ID, subscription status |
| Apple App Store / Google Play | Payments for Mindful+ subscriptions | Whatever Apple / Google's terms cover (we never see your card details) |
| Apple APNs / Google FCM | Delivers the caring-thought notifications | Your push token + the notification body |
| Sentry | Anonymous crash reporting | Stack traces, device model, OS version. No content of meditations. |
| Resend | Sends the magic-link sign-in email | Your email address and the one-time code |
| Google AdMob | Banner ads for free users (outside the meditation flow) | Standard mobile-ad device identifiers governed by App Tracking Transparency |
5. How long we keep it
We keep your data while your account is active. If you delete your account from inside the app (Settings → "Delete account"), we permanently remove your row from our auth system; every record of your practice — sittings, badges, streaks, quest progress, notification log, preferences — is cascade-deleted within seconds.
Anonymized crash diagnostics in Sentry follow Sentry's default 30-day retention. Aggregate, non-personal financial data from Apple / Google related to subscriptions may be retained longer for tax and audit purposes, in line with their terms.
6. Your rights
You have the right to:
- Access the data we hold about you. Most of it is visible in the app already; for anything else, write to hello@rjlitconsulting.com.
- Correct inaccurate data — change your email in Settings, or write to us.
- Delete your account and all associated data, immediately, from Settings → "Delete account". No friction, no support ticket, no waiting.
- Export a copy of your practice history. Email us and we'll send it as JSON.
- Object to processing or withdraw consent for notifications by toggling them off in Settings or in your device's notification preferences.
7. Children
Mindful Adventure is rated 4+ by Apple and is appropriate for all ages. We don't knowingly collect personal information from children under 13 (or under 16 in the EU) without a parent's consent. If you believe we have, contact us and we'll delete it immediately.
8. International users
The app is operated from the United States. If you use Mindful Adventure from outside the US, your information will be transferred to and processed in the US. Where required (for example, under the EU GDPR or the UK Data Protection Act), we rely on standard contractual clauses with our service providers as the legal basis for that transfer.
9. Security
We use industry-standard security on every layer: TLS in transit, encryption at rest in our database, scoped row-level security so one account cannot read another's data. No system is perfectly secure; if we ever discover a breach affecting your data, we will notify you promptly and tell you exactly what happened.
10. Changes to this policy
If we make a material change to how we handle your data, we'll update the "Last updated" date above and, where the change is significant, notify you in the app. Continued use of Mindful Adventure after a change means you accept the updated policy.
11. Contact
Privacy questions, data requests, or "I just want to talk to a human about this" emails go to hello@rjlitconsulting.com. We read every message and reply within two business days.