1. The short version
Hamsa does not sell your data and does not show ads. We collect the minimum needed to run your account and your sessions, plus a small set of anonymous product-analytics events (described below) that help us understand which parts of the app are working and where users get stuck. The list of apps you choose to block never leaves your device in a form anyone — including us — can read.
If you installed Hamsa from one of our ads, we also use Apple's and Meta's privacy-preserving measurement tools to understand which ad brought you here — without collecting your device's advertising identifier. Hamsa never shows ads inside the app.
2. Information we collect
Account information
When you sign in with Sign in with Apple, we receive a unique Apple-provided identifier for your account. If you choose to share it, we also receive an email address, which may be Apple's private relay address rather than your real address. We do not receive your name unless you choose to provide it.
Session and limit data
To run the core feature, we store information about your protection sessions and daily limits: when a session started and ended, whether it was completed or ended early, its duration, your daily limit, and your streak. This data is stored on your device and synced to our backend so it is available across your devices and not lost if you reinstall the app.
Your selected apps (Screen Time)
Hamsa uses Apple's Family Controls and Screen Time frameworks to let you choose which apps to guard. By Apple's design, when you pick apps, Apple gives Hamsa only opaque, non-identifying tokens — not the names of the apps. Hamsa never sees which specific apps you selected, and these tokens are meaningless outside your device. They are stored locally and are not transmitted to or readable by us.
Subscription information
Purchases are processed by Apple. We use RevenueCat, a subscription management provider, to determine whether your subscription is active. RevenueCat receives a pseudonymous app user identifier and transaction/receipt information from Apple in order to validate your subscription. We do not receive or store your full payment-card details — Apple handles payment processing.
Notifications
If you enable notifications, your device may provide a push token so we can deliver session-related notifications, such as a completion alert. You can disable notifications at any time in iOS Settings.
Product analytics
We use PostHog, a product-analytics provider, to record a small set of anonymous events that help us understand how the app is being used — for example, which onboarding step a user is on, when a session is started or completed, and whether a purchase succeeded. Events are attached to an anonymous identifier generated on your device; if you sign in, we associate that identifier with your Hamsa account so usage funnels can be measured per user. We do not send PostHog the contents of your sessions, the apps you have selected to block, or any information about your activity in other apps.
Advertising measurement
We promote Hamsa through ads on platforms such as Meta (Facebook and Instagram). To understand which ads actually lead to installs — so we don't waste money showing ads to the wrong people — we include Meta's SDK, which reports a small set of app events, such as app installs and app opens, to Meta. We rely on privacy-preserving measurement (Apple's SKAdNetwork and Meta's Aggregated Event Measurement) and do not collect your device's advertising identifier (IDFA) or show an App Tracking Transparency prompt. We do not send Meta the contents of your sessions or the apps you have chosen to guard, and Hamsa never shows you ads.
What we do not collect
- No advertising identifier (IDFA), and no App Tracking Transparency prompt.
- No ads shown inside Hamsa.
- No session recording, no screen recording, no keystroke capture.
- No location data.
- No contacts, photos, or browsing history.
- No record of which specific apps you block.
3. How we use information
We use the information described above only to:
- Create and maintain your account;
- Run, sync, and display your sessions and session history;
- Determine whether you have an active subscription;
- Send session-related notifications you have enabled;
- Respond to support requests and keep the Service secure;
- Measure which of our ads lead to installs.
We do not use your information to build advertising profiles or to sell or rent it to anyone.
4. How information is shared
We do not sell your personal information. We share information only with the service providers that make Hamsa work, and only as needed:
- Apple — for Sign in with Apple, Screen Time functionality, payment processing, and push notification delivery.
- Supabase — our backend provider, which hosts the database and authentication services that store your account and session data.
- RevenueCat — which validates and reports your subscription status.
- PostHog — which receives the anonymous product-analytics events described in section 2.
- Meta — which receives the app-event measurement described in section 2 so we can measure how effective our ads are.
These providers process data on our behalf under their own privacy and security commitments. We may also disclose information if required by law, or to protect the rights, safety, and security of our users or the Service.
5. Data retention
We keep your account and session data for as long as your account is active. If you delete your account, we delete the personal information associated with it from our systems within a reasonable period, except where we are required to retain certain records by law.
6. Your choices and rights
You can request access to, correction of, or deletion of your personal information by contacting us at ramie.chaarani@gmail.com. You can also delete your account from within the app, which removes your associated data as described above, or follow the step-by-step data deletion instructions. Depending on where you live, you may have additional rights under laws such as the GDPR or the CCPA, including the right to object to certain processing or to lodge a complaint with a regulator.
7. Security
We use reasonable technical and organizational measures to protect your information, including encryption in transit and access controls on our backend. No method of transmission or storage is completely secure, however, and we cannot guarantee absolute security.
8. Children
Hamsa is not directed to children under 13, and we do not knowingly collect personal information from them. If you believe a child has provided us with personal information, contact us and we will delete it.
9. International users
Hamsa is operated with the help of service providers that may store and process data in countries other than your own. Where that happens, we rely on those providers' safeguards for cross-border data transfers. By using the Service, you understand your information may be processed in those locations.
10. Changes to this policy
We may update this Privacy Policy from time to time. When we do, we will revise the “Last updated” date above and, where the changes are material, provide a more prominent notice. Continued use of the Service after an update means you accept the revised policy.
11. Contact
Questions or requests about your privacy? Reach us at ramie.chaarani@gmail.com.