Privacy Policy

Refresher collects limited data to improve the app experience:

What We Collect

• Device Identifier for Vendors (IDFV): An anonymous identifier assigned by Apple, unique to our app on your device. This is not an advertising ID and cannot track you across other apps.
• Anonymous analytics events: We send anonymous usage events (such as session starts, technique selections, and feature interactions) to our analytics service at analytics.overx.ai. These events are not linked to your identity.
• Apple Search Ads attribution token: If you installed the app from an Apple Search Ad, we collect the attribution token to measure ad effectiveness. This token does not contain personal information.
• Anonymous ID: A randomly generated identifier used to group analytics events. It is not linked to your Apple ID, name, or any personal information.
• Email address (optional, opt-in only): We collect your email address only if you voluntarily opt in — either on the welcome screen during onboarding or in Settings → Email updates. Providing an email is always optional. If provided, your email is stored by our subscriber service (api.overx.ai/subscribers) solely to send product updates you asked for. You can delete it at any time via Settings → Privacy & Data → Delete my data inside the app.

What We Do Not Collect

• Phone number or other personal contact information
• Location data
• Advertising IDs (IDFA)
• Cookies or web tracking technologies

We do not use advertising networks or ad-related SDKs. The app contains no advertising code.

Refresher stores the following data locally on your device and, if you enable iCloud sync, in your private iCloud account:

• Session data: Records of your breathing sessions, including technique used, duration, timestamps, and session parameters you configured.
• Preferences: Your app settings, display name, selected techniques, custom session configurations, guidance preferences (visual, audio, haptic), and display preferences.
• Statistics: Aggregated practice data, streak counts, session history, and trend data derived from your usage.

This data is stored using Apple’s standard on-device storage frameworks and, optionally, Apple’s CloudKit infrastructure. We have no access to this data at any time. It is encrypted by Apple’s device-level and iCloud encryption and is accessible only to you.

The Refresher home-screen widget reads cached session data from the main app via App Groups (shared on-device storage). No additional data collection occurs through the widget — it simply displays information already stored locally by the main app.

If you grant permission, Refresher interacts with Apple HealthKit in the following ways:

• Mindfulness minutes (write): Duration of completed breathing sessions is saved as mindfulness time in Apple Health.
• Breathing workouts (write): On Apple Watch, breathing sessions are saved as mindfulness workouts in Apple Health, including duration and session metadata.
• Heart rate (read — Apple Watch only): The Apple Watch companion app reads your heart rate during breathing sessions to provide real-time biofeedback. Heart rate data is read during breathing sessions to provide real-time biofeedback. Refresher permanently stores heart rate metrics (minimum, maximum, average, samples, and timeline data) on your device using SwiftData. If iCloud sync is enabled, this data syncs to your private iCloud account. Heart rate data is never sent to our analytics servers or shared with third parties.

All HealthKit data — including heart rate and workout data — is stored on your device and in Apple Health. Heart rate metrics stored by Refresher are kept on-device (and in your iCloud if sync is enabled) and are never sent to our analytics servers. HealthKit data is governed by Apple’s privacy policies and is stored locally on your device or in your encrypted iCloud Health account.

In strict accordance with Apple’s HealthKit guidelines:

• We do not use HealthKit data for advertising or marketing purposes.
• We do not sell or disclose HealthKit data to any third party, including data brokers.
• We do not use HealthKit data to build user profiles or for any purpose other than providing health and fitness services directly to the user.
• All HealthKit access is optional and user-controlled — you can grant or revoke permissions at any time in your device’s Settings.

The Refresher Apple Watch app provides guided breathing sessions on your wrist. In addition to the HealthKit interactions described above:

• Heart rate biofeedback: The Watch app reads your heart rate sensor during active breathing sessions to display real-time heart rate. This data is processed locally on your Watch and is not transmitted to any external server.
• Session sync: The Watch app syncs session data (technique, duration, completion status) with the iPhone app via on-device communication (WatchConnectivity). This communication happens directly between your paired devices over Bluetooth or local Wi-Fi — no data passes through our servers or any third-party infrastructure.
• On-device storage: The Watch app stores preferences and session cache locally using UserDefaults via App Groups, following the same privacy-first approach as the iPhone app.

Refresher offers a free app with optional premium features available through in-app subscription. Subscriptions are managed through RevenueCat, a third-party subscription management platform. RevenueCat processes subscription status and entitlement information but does not receive payment details — all payment processing is handled by Apple through the App Store. RevenueCat may receive an anonymous app user ID and subscription status. We do not receive, process, or store any payment information, including credit card numbers, billing addresses, or Apple ID credentials. All purchase transactions are governed by Apple’s terms and privacy policies.

Refresher integrates with the following third-party services in addition to Apple’s native frameworks (HealthKit, StoreKit, CloudKit, WatchConnectivity):

• RevenueCat SDK: Used for subscription management and entitlement verification. RevenueCat receives anonymous app user IDs and subscription status. It does not receive HealthKit data, personal information, or payment details.
• analytics.overx.ai: Our first-party analytics service that receives anonymous usage events, IDFV, anonymous IDs, and Apple Search Ads attribution tokens. No personal information or HealthKit data is sent to this service.
• api.overx.ai: Our API service used for the support contact form (api.overx.ai/forms/submit) and in-app announcements (api.overx.ai/announcements/refresher). The contact form processes only data you voluntarily submit. The announcements endpoint delivers app notices and does not collect user data.

There are no advertising networks, no social media integrations, and no ad-related data processors.

In accordance with Apple’s App Store requirements, we declare our data practices through Apple’s privacy nutrition labels:

• Data Used to Track You: None.
• Data Linked to You: Name (your display name, stored on-device and in your private iCloud account for app functionality).
• Data Not Linked to You: Device ID (IDFV), Product Interaction (anonymous usage events), Health (heart rate during sessions), Purchase History (subscription status via RevenueCat).

We recommend reviewing the App Store listing for the most current privacy label information.

Refresher does not knowingly collect personal information from children under the age of 13 (or the applicable age in your jurisdiction, such as 16 in the European Economic Area under GDPR). Because Refresher does not collect personal information from any user, it does not process children’s data. If you believe a child has somehow provided personal information through the App, please contact us and we will investigate promptly.

Because Refresher stores all data on your device or in your private iCloud account, data security is handled by Apple’s built-in protections, including hardware-level encryption on iOS devices and iCloud end-to-end encryption for supported data types. Our analytics service (analytics.overx.ai) and API service (api.overx.ai) are hosted on secure infrastructure with encryption in transit (TLS) and appropriate access controls. Anonymous analytics data stored on our servers does not contain personally identifiable information.

Anonymous analytics data collected by our analytics service is retained to help us improve the app. This data is not linked to your identity and does not contain personal information. Data stored locally on your device persists until you delete it, delete the App, or reset your device. Data synced to iCloud persists according to your iCloud storage settings and Apple’s iCloud policies. You have full control over your data at all times.

Anonymous analytics events and API requests may be transmitted to our servers, which may be located in a different jurisdiction than your own. These transmissions contain no personally identifiable information. Your session data, preferences, and HealthKit data remain on your device or within Apple’s iCloud infrastructure, which is governed by Apple’s data transfer policies and applicable data protection agreements (including Standard Contractual Clauses for transfers from the EEA).

Depending on your jurisdiction, you may have rights regarding your personal data under applicable privacy regulations. Refresher is designed so that you can exercise these rights directly inside the app:

How to Delete Your Account and Data

To delete your account and all associated data: open the app, go to Settings → Privacy & Data → Delete my data, and confirm. This will remove your email subscription (if any), any leaderboard entries, any referral records, and rotate your anonymous analytics ID so past events can no longer be associated with a new install. Locally stored session history is preserved by default; an optional checkbox on the confirmation screen lets you delete it at the same time. If your device is offline, the deletion request is queued and completes automatically when you reconnect.

As a secondary option, you can also uninstall the App from your device, which clears all on-device data; this does not by itself remove any email subscription or leaderboard entry, so the in-app flow above is the recommended primary mechanism.

This applies regardless of whether your rights arise under the General Data Protection Regulation (GDPR), the UK Data Protection Act, the California Consumer Privacy Act (CCPA/CPRA), the Lei Geral de Proteção de Dados (LGPD), or any other applicable privacy regulation.

If you believe that your privacy rights have been violated, you have the right to lodge a complaint with the relevant supervisory authority in your jurisdiction.

Refresher collects anonymous analytics that are not linked to your identity and cannot be used to track you across apps or websites. Because our analytics are anonymous and not identity-based, “Do Not Track” browser signals do not apply to the app’s data collection. We do not engage in cross-app or cross-site tracking.

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated “Last Updated” date. If we make material changes to our data practices (such as introducing any form of data collection), we will notify users through the App at least thirty (30) days before such changes take effect. Your continued use of the App after changes are posted constitutes acceptance of the updated policy.

If you have questions or concerns about this Privacy Policy or the App’s data practices, please contact us:

• Developer: Yauheni Malashchytski
• Email: support@overx.ai
• Website: refresher.overx.ai