Legal

Privacy Policy

Last Updated: March 27, 2026  ·  Effective Date: March 27, 2026

1. Introduction and Who We Are

Welcome to GrowTask ("the App," "we," "our," or "us"). This Privacy Policy explains how Julian Grebing, an independent developer ("the Developer"), based in Germany, collects, processes, stores, shares, and uses information when you use the GrowTask iOS application.

GrowTask is an independently developed application — not a company, corporation, or organization. All data practices described in this Policy are carried out solely by the individual developer.

By downloading, installing, or using the App, you acknowledge that you have read and understood this Privacy Policy. If you do not agree to the terms described here, please do not use the App.

2. Scope of This Policy

This Privacy Policy applies to:

  • All users of GrowTask on iOS, iPadOS, and any other Apple platforms that may be supported in the future.
  • All versions of the App published under the developer name Julian Grebing on the Apple App Store.

This Policy does not apply to third-party websites, services, or applications that may be linked to or integrated with the App.

3. The Data We Collect — and What We Do Not Collect

3.1 What We Do NOT Collect

We do not collect any of the following:

  • Your name
  • Your email address
  • Your phone number
  • Your physical location, GPS coordinates, or IP-based location
  • Your device's precise or approximate location
  • Health or fitness data
  • Financial information, payment card details, or bank information
  • Contacts, messages, or communications
  • Photos, camera, or microphone data
  • Any data that directly and intentionally identifies you as an individual

We do not create or maintain user profiles tied to a real-world identity.

3.2 What We DO Collect — Anonymous In-App Analytics

We collect anonymous, non-personally identifiable usage data strictly within the scope of the App's functionality. This data is collected through a custom-built analytics mechanism developed by the Developer and is transmitted to a Google Sheets spreadsheet owned and controlled solely by the Developer. See Section 11 for disclosure of Google's role as a data processor.

The types of data we collect include, but are not limited to:

  • Feature usage patterns: Which screens, features, tools, and sections of the App are accessed, and how frequently.
  • Feature non-usage: Which parts of the App are rarely or never used.
  • Session duration: How long individual sessions within the App last.
  • Session frequency: How often the App is opened per day, week, or month.
  • In-App streaks: The length and consistency of user streaks as tracked within the App's own streak features.
  • Paywall engagement: How long a user spends on subscription or purchase screens, and how many times those screens are viewed. We do not collect any payment details; all purchases are handled exclusively by Apple.
  • Onboarding and flow completion: Whether users complete certain in-App flows or drop off at specific steps.
  • Button and interaction taps: Which interactive elements are tapped or engaged with, and in what order.
  • App version and operating system version: To understand compatibility and prioritize updates.
  • Device type and screen size category: General device class (e.g., "iPhone 14-class screen"), not a unique device identifier.
  • Crash reports and error logs: Technical errors that occurred during a session, without any user-identifiable information attached.
  • Language and locale setting: The language and region setting of the App (e.g., "en-US"), to improve localization.

3.3 How We Anonymize Data

We do not assign persistent unique identifiers (such as IDFA, vendor IDs, or custom UUIDs) to individual users in connection with the analytics data described above. Each data point is treated as a standalone event without a persistent link to any user identity across sessions.

Note for European / UK Users: To the extent any data we collect could theoretically constitute "personal data" within the meaning of the UK GDPR or EU GDPR, we treat it with full GDPR-level protections regardless.

4. How and Why We Use This Data (Legal Bases)

4.1 Purposes of Processing

We use the analytics data described in Section 3 for the following purposes:

  • App improvement: Identifying which features work well, which do not, and where users encounter friction or confusion.
  • Product development: Informing decisions about new features, redesigns, and the removal of underused functionality.
  • Performance optimization: Detecting crashes, errors, and slow interactions.
  • Personal analytics and reporting: Understanding aggregate usage trends for the Developer's own planning purposes.
  • Sharing and disclosure: The Developer may share aggregated, anonymized analytics data publicly for purposes including development blogs, public case studies, community discussions, or portfolio materials. This data will not identify any individual user. We will never sell this data to data brokers or advertisers.

4.2 Legal Bases for Processing (GDPR / UK GDPR)

Processing ActivityLegal Basis
Collecting anonymous usage analytics to improve the AppLegitimate Interests (Article 6(1)(f) GDPR)
Crash reporting and error loggingLegitimate Interests (Article 6(1)(f) GDPR)
Sharing aggregated analytics publicly or with othersLegitimate Interests (Article 6(1)(f) GDPR)

5. Data Sharing and Disclosure

We do not sell your data to any third party, including data brokers, advertisers, or advertising networks.

The collected analytics data is stored in a Google Sheets spreadsheet accessible only to the Developer. Beyond Google's technical role as infrastructure provider (see Section 11), data may be shared in the following limited circumstances:

  • Publicly or with individuals, in aggregated, anonymized form only — for example in development blog posts, public forums, social media, portfolio entries, or community discussions. No individual user will be identifiable.
  • To comply with applicable law, a court order, or a lawful request by a governmental or regulatory authority.
  • To protect rights and safety, where disclosure is believed necessary to protect the rights, property, or safety of the Developer, users, or the public.

6. Data Retention

We retain analytics data for as long as it serves the purposes described in this Policy. Because the data is not linked to individual users, there is no user-specific deletion mechanism tied to App uninstallation.

The Developer will review and purge analytics data that is no longer needed on a rolling basis, no less frequently than every 24 months.

7. Data Security

The Developer implements reasonable security measures to protect the analytics data collected. These include:

  • All analytics data is transmitted over an encrypted HTTPS connection to Google Sheets' API endpoints.
  • The Google Sheets document receiving analytics data is accessible solely to the Developer's Google account.
  • The Developer's personal device is protected by standard access controls.

Transparency note: As an independent developer, infrastructure is managed personally rather than through enterprise-grade environments. In the event of a personal data breach (where applicable), the Developer will comply with applicable GDPR breach notification obligations within 72 hours where required.

8. Children's Privacy

GrowTask is not directed at children under the age of 13 (or the applicable minimum age in your jurisdiction). The Developer does not knowingly collect data from children below these age thresholds.

If you are a parent or guardian and believe your child has used the App, please contact the Developer at julian.grebing+growtask@outlook.de.

8.2 Jurisdiction-Specific Age Thresholds

JurisdictionApplicable Age Threshold
United States (COPPA)Under 13
European Union (GDPR)Under 16 (minimum 13)
United KingdomUnder 13
CanadaUnder 13
Brazil (LGPD)Under 13
AustraliaUnder 15

9. Your Rights

9.1 Rights for All Users

Regardless of your location, you may contact the Developer at any time to ask what categories of data are collected, request an explanation of data practices, or raise concerns about data handling.

9.2 Rights Under GDPR (EEA Users)

As the Developer is established in Germany, GDPR applies. EEA users have the following rights:

  • Right of Access (Article 15)
  • Right to Rectification (Article 16)
  • Right to Erasure (Article 17)
  • Right to Restriction of Processing (Article 18)
  • Right to Object (Article 21)
  • Right to Data Portability (Article 20)
  • Right to Lodge a Complaint with the BfDI at bfdi.bund.de

To exercise any of these rights, contact: julian.grebing+growtask@outlook.de. Responses will be provided within 30 days.

9.3 Rights Under UK GDPR

UK users have rights equivalent to Section 9.2 under the UK GDPR. Complaints may be lodged with the ICO at ico.org.uk.

9.4 Rights Under CCPA / CPRA (California Residents)

California residents have rights including: Right to Know, Right to Delete, Right to Correct, Right to Opt-Out of Sale (GrowTask does not sell data), and Right to Non-Discrimination.

To submit a verifiable consumer request: julian.grebing+growtask@outlook.de

9.5 Rights Under PIPEDA (Canadian Users)

You have rights under PIPEDA including the right to access, challenge accuracy, and withdraw consent. Contact: julian.grebing+growtask@outlook.de

9.6 Rights Under Brazilian LGPD

You have rights under the LGPD including access, correction, deletion, and data portability. Contact: julian.grebing+growtask@outlook.de

9.7 Rights Under Australian Privacy Law

The Privacy Act 1988 (Cth) and the Australian Privacy Principles apply. Unresolved complaints may be directed to the OAIC at oaic.gov.au.

10. International Data Transfers

The Developer is based in Germany (European Union). Analytics data is transmitted to and stored in Google Sheets, whose servers may be located in the United States or other countries outside the EEA.

For transfers to Google in the United States, the Developer relies on Google's adherence to the EU-U.S. Data Privacy Framework and Google's standard Data Processing Addendum, which incorporates Standard Contractual Clauses (SCCs) as approved by the European Commission.

11. Third-Party Services and Data Processors

11.1 Google Sheets (Data Processor)

Analytics data is transmitted to and stored in a Google Sheets document owned and operated solely by the Developer. Google LLC acts as a data processor on behalf of the Developer.

No other analytics SDKs or third-party data collection tools (such as Firebase, Mixpanel, Amplitude, Crashlytics, or Sentry) are used in GrowTask.

11.2 Apple StoreKit

The App uses Apple's StoreKit for all in-app purchases and subscriptions. The Developer does not receive, process, or store any payment information.

12. Apple App Store and Platform Privacy

Your use of GrowTask is also subject to Apple's terms and privacy practices. Please review Apple's Privacy Policy at apple.com/legal/privacy for details.

13. Do Not Track (DNT) Signals

GrowTask does not engage in cross-site or cross-app tracking. DNT signals are therefore not directly applicable to our data practices. Regardless of DNT signals, only the anonymous in-App analytics described in Section 3.2 are collected.

14. Automated Decision-Making and Profiling

The Developer does not engage in any automated decision-making or profiling that produces legal or similarly significant effects on users. Analytics data is used exclusively for aggregate product analysis and improvement.

15. Contact and Data Controller Information

Data Controller:

Julian Grebing (Independent Developer)
Germany

Email: julian.grebing+growtask@outlook.de

As the Developer is established in Germany, the competent lead supervisory authority under GDPR is:
Bundesbeauftragte für den Datenschutz und die Informationsfreiheit (BfDI)
Husarenstraße 30, 53117 Bonn, Germany
bfdi.bund.de

16. Changes to This Privacy Policy

This Privacy Policy may be updated from time to time to reflect changes in data practices, legal obligations, or App features. When material changes are made, the "Last Updated" date at the top of this Policy will be updated and users will be notified via an in-App notice.

Continued use of the App after a change to this Policy constitutes acceptance of the updated terms, to the extent permitted by applicable law.

17. Governing Law

This Privacy Policy is governed by the laws of the Federal Republic of Germany and, where applicable, directly applicable EU law including the GDPR. Mandatory consumer protection and privacy laws of your country of residence apply in addition.

18. Language

This Privacy Policy is provided in English. If it is translated into other languages, the English version shall prevail in the event of any inconsistency, except where required otherwise by applicable local law.

© 2026 Julian Grebing. All rights reserved.