Your Privacy Rights

Last updated: 2026-06-09

We’re privacy-first by design: most data-rights requests are moot because we don’t hold your personal data — it lives on your device and in your own iCloud. Even so, here are the rights you have under the laws that may apply to you, and how to use them.

This page is studio-level. For an individual app, see that app’s privacy policy on its subdomain, which describes exactly what (if anything) it processes.

European Union & European Economic Area — GDPR

If you’re in the EU or EEA, the General Data Protection Regulation gives you the right to:

• Access the personal data we hold about you;
• Rectify inaccurate data;
• Erase your data (the “right to be forgotten”);
• Restrict or object to processing;
• Port your data to another service;
• Withdraw consent at any time, where processing is based on consent; and
• Not be subject to a decision based solely on automated processing that produces legal effects.

Controller: KHASSINX LLC is the data controller. Contact [email protected].

Response time: We respond within one month, extendable by two further months for complex requests.

Complaints: You may lodge a complaint with your local supervisory authority (your national Data Protection Authority).

Because our processing is minimal and occasional, we do not currently designate an Article 27 EU representative. We reassess this per app as our products evolve.

United Kingdom — UK GDPR

If you’re in the UK, the same rights apply under the UK GDPR and the Data Protection Act 2018. Your supervisory authority is the Information Commissioner’s Office (ICO), and you have the right to lodge a complaint with it.

Spain — LOPDGDD

If you’re a resident of Spain, the GDPR applies and is complemented by the LOPDGDD (Ley Orgánica 3/2018 de Protección de Datos Personales y garantía de los derechos digitales). Your supervisory authority is the Agencia Española de Protección de Datos (AEPD). The LOPDGDD reinforces your GDPR rights and adds specific digital rights where they apply to you.

California — CCPA / CPRA

If you’re a California resident, the CCPA (as amended by the CPRA) gives you the right to:

• Know and access the personal information we have about you;
• Delete it;
• Correct inaccurate information;
• Opt out of the sale or sharing of personal information;
• Limit the use of sensitive personal information; and
• Not be discriminated against for exercising your rights.

We do not sell or share your personal information, and we have not done so in the preceding 12 months.

Response time: We respond within 45 days, extendable once when reasonably necessary.

Other US States

If you live in Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Florida, or another US state with a comprehensive consumer privacy law, you generally have the right to access, delete, correct, and obtain a portable copy of your personal data, and to opt out of targeted advertising, the sale of your data, and certain profiling.

Most of these laws apply only above business-size thresholds we don’t meet — but we honor these rights regardless of whether a given law technically binds us.

Rest of the World

Wherever you are — including Canada (PIPEDA), Brazil (LGPD), Australia, Japan (APPI), and elsewhere — we apply the same privacy-first standard: your data stays with you, and we hold as little as possible. Contact us and we’ll work with you in good faith to honor your local rights.

How to exercise your rights

1. In the app. Our apps let you delete or export your data directly — the fastest path, since that’s where your data actually lives.
2. By email. Write to [email protected], telling us your request and which app it concerns.
3. Identity. To protect you, we may ask you to verify your identity before we act, so we never disclose data to the wrong person.
4. Timing. We respond within the timeframe your law requires — for example, one month under the GDPR, or 45 days under the CCPA.

You can also reach us at [email protected] for anything else.