LocktoLearn
Download
Privacy Policy
Contact
Legal

Privacy Policy

Effective: 15 May 2026

LocktoLearn is committed to protecting your privacy. This policy explains what information we collect, how we use it, and the controls you have over your data. We have tried to write it in plain English; if anything is unclear, please email support@locktolearn.com.

Contents

  1. Information We Collect
  2. How We Use Your Data
  3. Screen Time Data Usage
  4. Third-Party Services
  5. Data Storage & Security
  6. Subscription Handling
  7. Data Sharing
  8. Your Rights & Account Deletion
  9. Children's Privacy
  10. Data Retention
  11. Policy Changes
  12. Contact Us

1. Information We Collect

Account information

When you sign in using Apple Sign-In or Google Sign-In, we receive an email address and a unique user identifier issued by the authentication provider. We do not collect your name unless explicitly provided by the provider, and we do not display your name anywhere in the app.

Device and session identifiers

We use anonymised device identifiers for session management and security only. These identifiers are not used for advertising or cross-app tracking.

User content

Content you create within the app — custom questions, flashcards, quiz progress, and uploaded images used in learning sessions — is stored securely in our backend and is accessible only to you.

Usage data

We collect limited, aggregated usage data (for example, feature-level engagement counts) to improve app performance. We do not use it for advertising, profiling, or cross-app tracking as defined by Apple's App Tracking Transparency framework.

2. How We Use Your Data

We use the information we collect only to:

  • Authenticate your account
  • Synchronise your learning content across your devices
  • Store your custom questions, flashcards, and uploaded images
  • Improve app functionality and reliability
  • Provide support and respond to your requests

We do not sell your personal data to third parties, advertisers, or data brokers — ever. We do not run a marketing email list. Emails we send are transactional only: account, billing, password resets, and direct replies from our support team.

3. Screen Time Data Usage

LocktoLearn uses Apple Screen Time APIs to help users manage app access responsibly. Specifically:

  • FamilyControls — to request your authorisation to manage app restrictions on your device.
  • ManagedSettings — to apply or remove the shield on apps you have selected.
  • DeviceActivity — to count down the minutes of access you have earned.

Screen Time activity data and your earned-minute balance remain on your device whenever possible. We never read the list of apps you have not chosen to manage, and we never collect a history of which apps you have opened outside of LocktoLearn's earn-and-spend flow.

4. Third-Party Services

LocktoLearn uses a small number of trusted third-party services. These process data on our behalf to provide core functionality, and we do not allow them to use your data for their own advertising or marketing purposes.

Supabase

Backend infrastructure including authentication, database storage, and file storage for your learning content. Data is stored within Supabase's secure cloud infrastructure with row-level security policies.

Apple Sign-In

Privacy-preserving authentication. Apple may share your email address and a unique identifier with us per Apple's guidelines. You may use Apple's Hide My Email at any time.

Google Sign-In

Secure authentication. Google may share your email address and a unique identifier with us per Google's OAuth policies.

5. Data Storage & Security

We take the security of your data seriously:

  • All data transmission between the app and our servers uses encrypted connections (TLS).
  • Access to your data is controlled through authentication and row-level security policies.
  • User-uploaded files are stored in private, non-publicly accessible storage.
  • We follow industry-standard practices for credential storage and key management.

Your data may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards in accordance with applicable laws. No method of electronic storage is 100% secure; we encourage you to use a strong, unique password on your linked authentication accounts.

6. Subscription Handling

Subscription billing is handled entirely by Apple through StoreKit. LocktoLearn never has access to your payment card details. We receive only a transaction identifier and entitlement status from Apple, which we use to unlock subscriber features. To manage, change, or cancel your subscription, open Settings → Apple ID → Subscriptions → LocktoLearn on your iPhone. Refund requests are processed by Apple at reportaproblem.apple.com.

7. Data Sharing

We do not share, sell, rent, or trade your personal information with third parties. The only exceptions are:

  • Authentication providers — Apple and Google receive only what is necessary to authenticate your identity.
  • Service providers — Supabase processes data on our behalf under a data-processing agreement.
  • Legal obligations — When required to comply with applicable law, regulation, legal process, or a governmental request.

8. Your Rights & Account Deletion

You have the following rights regarding your personal data:

  • Access — Request a copy of the personal data we hold about you.
  • Deletion — Settings (Parent tab) → Account & Sync → Delete Account. User data records are deleted immediately on confirmation; backups are purged within 30 days.
  • Correction — Request correction of inaccurate or incomplete information.
  • Portability — Request your data in a portable format where technically feasible.
  • Withdrawal — Stop using the app and request data deletion at any time.

To exercise any of these rights, please contact us at support@locktolearn.com. We respond to requests within 30 days. Account deletion does not automatically cancel an active subscription — please cancel via Apple separately.

9. Children's Privacy

LocktoLearn is intended for educational use and may be set up by parents or guardians for children with Family Sharing. We do not knowingly collect personal information from children under 13 without verifiable parental consent, in accordance with the Children's Online Privacy Protection Act (COPPA).

Parents and guardians should supervise their child's usage. If you believe your child has provided personal information without your consent, please contact us immediately and we will delete it promptly.

10. Data Retention

We retain personal data only for as long as necessary to provide the app's services. Account data and user content are retained while your account is active. If your account remains inactive for an extended period (e.g. 90 days), we may automatically delete your account and associated data. Backup copies are retained for up to 90 days for security and recovery, after which they are permanently deleted.

11. Policy Changes

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons. When we make material changes, we will update the "Effective Date" above and, where appropriate, notify you in the app. Your continued use of LocktoLearn after a change constitutes acceptance of the updated policy.

12. Contact Us

If you have questions, concerns, or requests regarding this policy or our data practices, please reach out — we're happy to help.

support@locktolearn.com
Response within 3–5 business days. Data-rights requests may take up to 30 days.