← Back to homepage

Privacy Policy

Last updated: May 2026

1. Controller

Christian Peter
NeuroFocus Lab
Email: chris@neurofocus-lab.com

2. Overview

NeuroFocus is a wellness app designed to support focus and mental well-being through 40Hz audio sessions. The app is not a medical device and does not process any medical or health data.

3. Data we collect

Website (neurofocus-lab.com):

• Waitlist sign-up: email address (processed via Tally.so)
• Technical access data (IP address, browser type) via Netlify hosting

iOS App (NeuroFocus):

• Anonymised usage statistics via Firebase Analytics (Google)
• Crash reports via Firebase Crashlytics
• When you create an account: email address, name (optional, from Apple/Google Sign-In) and Firebase user ID – used to store your progress, favourites and settings
• Your app progress (e.g. number of completed sessions) is also stored in Firebase Firestore, linked to your Firebase user ID, to keep it in sync across your account
• In-app purchases are handled exclusively by Apple StoreKit – we receive no payment data
• No location data, no health data, no microphone or camera access

4. Purpose of processing

• Providing and improving app functionality
• Notifying waitlist subscribers at launch
• Technical operation of the website

5. Legal basis

Processing is based on Art. 6(1)(a) GDPR (consent) and Art. 6(1)(f) GDPR (legitimate interest in operating the app and website).

6. Third-party services

• Firebase (Google LLC): Anonymised app analytics, crash reporting and user management (Firebase Authentication). When you create an account, your email address, name (optional) and user ID are stored on Google's servers (USA), based on the EU Standard Contractual Clauses. Privacy policy
• Google Sign-In: If you sign in with your Google account, Google provides us with your name and email address for account creation. Privacy policy
• Meta Platforms, Inc. (Facebook SDK): Advertising measurement and app install tracking via SKAdNetwork. The SDK may access your device's advertising identifier (Ad-ID/IDFA) if you consent to tracking when prompted by iOS. Data is aggregated and transmitted anonymously – no medical or personal data is shared. Privacy policy
• Tally.so: Waitlist management. Privacy policy
• Netlify: Website hosting. Privacy policy
• Apple App Store: App distribution and in-app purchases. Privacy policy

6a. App Tracking Transparency (ATT)

On first launch, iOS will ask whether you consent to cross-app tracking. If you agree, the Facebook SDK may use your device ID for advertising measurement. If you decline, no tracking takes place – the app continues to work fully. You can change your choice at any time under Settings → Privacy & Security → Tracking.

7. Retention

Waitlist email addresses are deleted once no longer needed or upon request. Anonymised analytics data is retained in accordance with Firebase's retention settings (maximum 14 months). Account data (email address, name, user ID, app progress) is stored for as long as your account exists and is deleted upon request or when you delete your account in the app.

8. Your rights

You have the right to:

• Access your personal data
• Correct inaccurate data
• Request deletion of your data
• Restrict processing
• Object to processing
• Data portability
• Lodge a complaint with a supervisory authority

You can delete your account and all associated data directly in the app (Settings → Account → Delete account) or by contacting chris@neurofocus-lab.com. For all other requests: chris@neurofocus-lab.com

9. No medical use

NeuroFocus does not collect any health or medical data. The app is designed exclusively for wellness purposes and is not a medical device.

---

NeuroFocus is not a medical product.