Legal

Privacy Policy

Last updated: March 20, 2026

This Privacy Policy explains how MogLock ("MogLock," "we," "us," or "our") collects, uses, discloses, stores, and otherwise processes information when you use the MogLock iOS app, any website or page that links to this Privacy Policy, and related support, account, subscription, sync, and storage services (collectively, the "Service").

This Privacy Policy is intended to describe MogLock's actual product behavior as of the last updated date above. If you do not agree with this Privacy Policy, do not use the Service.

Important points:

MogLock uses third-party providers for authentication, subscription infrastructure, backend database services, and cloud photo storage.
Progress photos may be stored locally on your device and, if synced, in cloud storage tied to your account.
MogLock's current camera-verification feature processes camera frames on-device and currently stores only limited derived session outputs, such as whether a session was camera verified and an aggregate posture-quality score.
MogLock's detailed Screen Time / commitment-lock configuration is currently stored on-device and in shared app-group storage used by the app and its extensions. It is not currently synced to MogLock's backend, although a high-level commitment-lock preference may be associated with your account profile.
Deleting a MogLock account does not automatically cancel an App Store subscription. App Store billing is managed by Apple.

1. Scope

This Privacy Policy applies to information we collect through:

the MogLock iOS application;
websites or pages that link to this Privacy Policy; and
related support, account, subscription, sync, and storage services that reference this Privacy Policy.

This Privacy Policy does not apply to third-party services that have their own privacy notices and policies, including Apple, Google, the App Store, RevenueCat, Supabase, or third-party apps and websites you access outside the Service.

2. Information We Collect

We collect information directly from you, automatically from your device and use of the Service, and from third parties you choose to use with MogLock.

A. Information you provide directly

We may collect information you provide to us or enter into the Service, including:

display name;
onboarding responses, such as consistency level, focus areas, preferred routine duration, and stated obstacles;
selected routines and routine preferences;
reminder and notification preferences;
commitment-lock preferences and related settings you configure;
progress photos and optional photo tags;
optional logs and entries, such as bodyweight, sleep, and water intake; and
support requests, messages, attachments, and other communications you send to us.

B. Account and authentication information

When you create or access a MogLock account, we may collect:

your MogLock account identifier;
authentication records and session metadata;
your email address and account details made available by your sign-in provider;
information needed to link your MogLock account to Sign in with Apple or Google Sign-In; and
account identifiers needed to associate App Store purchases and subscription state with your MogLock account.

C. Information from Apple, Google, and subscription providers

If you use Sign in with Apple, Google Sign-In, or App Store subscription features, we may receive information such as:

provider-specific account identifiers;
your email address or basic account profile details supplied by the provider;
subscription entitlement status;
trial, renewal, expiration, or billing-status information;
App Store product, package, or offering identifiers; and
restore-purchase or subscription-management status information.

Payments are processed by Apple through the App Store. We do not receive your full payment card number.

D. Routine, session, and progress data

When you use MogLock, we may collect and generate information such as:

routine selections, activation state, preferred tiers, and sort order;
session history, routine type, timestamps, duration, time tier, and completion status;
streak history and related progress information;
score or progress values generated by the app;
progress photo metadata, such as date and routine tag; and
entitlement or read-only state information needed to preserve your history if premium access lapses.

Certain supplemental data may remain local to your device in the current implementation. For example, some score-history records and optional metric logs may not be synced to MogLock's backend.

E. Camera, photo, and verification data

If you grant camera or photo access, MogLock may process:

progress photos you capture or import;
local photo files stored on your device;
cloud-stored photo files if sync is enabled or available for your account;
front-camera frames used during optional in-session verification; and
derived verification outputs, such as whether a face was detected during a session and an aggregate posture-quality score.

MogLock's current implementation processes camera-verification frames on-device. We do not intentionally store raw session video, use camera data for identity recognition, or use progress photos or camera-verification data for third-party advertising.

If applicable law treats face geometry, facial landmarks, or similar processing as biometric or sensitive information, we process that information only to provide the camera-based verification feature you requested.

F. Commitment lock and Screen Time data

If you enable MogLock's optional commitment lock, we may process:

Screen Time authorization status;
your selected apps, categories, and web domains through Apple's Screen Time APIs;
your selected usage threshold;
same-day lock, unlock, and extension state;
local diagnostics and shared app-group state needed to operate the feature across the app and its extensions; and
a high-level indication that commitment lock is enabled as part of your synced profile state.

MogLock's detailed commitment-lock configuration is currently local-only. Through this feature, we do not access the content you view inside third-party apps.

G. Technical, device, and diagnostic information

We and our service providers may automatically receive or generate standard technical information, such as:

IP address;
device identifiers and app-instance identifiers;
operating system, device type, and app version;
crash, error, performance, and diagnostic data;
authentication, request, and sync metadata; and
network and log information reasonably needed to operate, secure, and troubleshoot the Service.

H. Support and other communications

If you contact us, we may collect your name, email address, the contents of your message, and any other information you choose to provide.

3. How We Use Information

We use the information we collect to:

create, authenticate, and manage MogLock accounts;
provide onboarding, routines, sessions, streaks, progress features, and synced history;
store, sync, and display progress photos and related metadata;
provide optional camera-based verification and related scoring outputs;
operate notifications, reminders, and other settings you request;
operate the optional commitment-lock feature you configure;
process subscriptions, restore purchases, and manage premium entitlement state;
maintain read-only access to eligible history when premium access ends;
provide support and respond to requests;
secure, monitor, debug, and improve the Service;
detect, prevent, and address fraud, abuse, security issues, or technical problems; and
comply with legal obligations, resolve disputes, and enforce our agreements.

We may also aggregate or de-identify information so that it no longer identifies you and use that information for lawful business purposes.

4. Legal Bases for Processing

If you are in a jurisdiction that requires a legal basis for processing personal data, we generally rely on the following bases:

contract: to provide the Service you request, including authentication, syncing, subscription-state handling, and account support;
consent: when you enable notifications, camera access, photo access, Screen Time authorization, or other optional permissions or features;
legitimate interests: to secure, maintain, troubleshoot, improve, and defend the Service; and
legal obligation: to comply with law, regulation, court order, or lawful process.

5. How We Disclose Information

We may disclose information in the following circumstances:

To service providers and infrastructure partners that help us operate the Service, including providers for authentication, database and storage hosting, subscriptions, support, analytics, and security.
To Apple, Google, and other platform providers when required to authenticate you, process subscriptions, operate Screen Time-related features, or provide platform functionality you request.
To vendors, contractors, and advisors that need the information to perform services for us and are subject to appropriate confidentiality or legal restrictions.
If you ask or direct us to share information.
If required by law, legal process, or a valid governmental request.
To protect the rights, safety, property, or security of MogLock, our users, or others.
In connection with an actual or proposed merger, acquisition, financing, bankruptcy, asset sale, or similar corporate transaction.

As of the last updated date above, we do not sell personal information or share personal information for cross-context behavioral advertising.

6. Service Providers and Third-Party Partners

The Service currently relies on third-party partners, including:

Apple, for App Store billing, Sign in with Apple, notifications, and iOS platform services;
Google, if you choose Google Sign-In;
Supabase, for authentication, database, and cloud storage infrastructure; and
RevenueCat, for subscription infrastructure and entitlement-state handling.

These providers process information under their own terms and privacy policies, and they may process data on our behalf or as independent controllers depending on the service and applicable law.

7. Data Retention

We retain personal information for as long as reasonably necessary to provide the Service, maintain legitimate business records, comply with legal obligations, resolve disputes, and enforce agreements.

In general:

account, profile, routine, session, and synced photo data may be retained until you delete your account or we no longer need the information for legitimate business or legal purposes;
if premium access lapses, MogLock may preserve your history in a read-only state rather than deleting it;
local-only information may remain on your device until you remove it, sign out, delete the app, revoke permissions, or clear the related feature state;
commitment-lock configuration and shared extension state remain on-device until removed or reset;
backup, security, anti-fraud, and audit records may remain for a reasonable period; and
after an account-deletion request, some information may remain temporarily in backups, logs, or records where permitted or required by law.

Signing out of MogLock or deleting the app from your device does not by itself delete cloud-stored account data or cancel your App Store subscription.

8. Your Choices and Rights

Depending on where you live, you may have rights under applicable law to access, correct, delete, or restrict our use of your personal information, or to receive a copy of certain information in a portable format.

You may also:

update certain profile information and preferences in the app;
disable notifications in the app or in iOS settings;
revoke camera, photo-library, or Screen Time permissions in iOS settings;
sign out of the app;
manage or cancel your subscription through your Apple App Store account settings; and
request deletion of your MogLock account and associated MogLock data through any available in-app deletion flow or by contacting us.

Important distinctions:

signing out ends your current session and clears local app data, but it does not automatically delete your MogLock account or cancel your App Store subscription;
account deletion is a separate process from subscription cancellation; and
deleting a MogLock account does not automatically cancel an App Store subscription, which must be managed through Apple.

To exercise privacy rights or request help, contact us at support@moglock.app. We may need to verify your identity before fulfilling certain requests. If we deny a request where applicable law gives you a right to appeal, you may reply to our response and ask us to review the decision.

9. International Transfers

We and our service providers may process and store information in the United States and other countries that may have different data-protection laws than the country where you live. Where required by law, we will use appropriate safeguards for cross-border transfers.

10. Security

We use reasonable administrative, technical, and organizational safeguards designed to protect personal information. No method of transmission over the internet or method of storage is completely secure, and we cannot guarantee absolute security.

You are responsible for maintaining the security of your device, the sign-in methods you use with MogLock, and access to your Apple or Google accounts.

11. Children's Privacy

MogLock is not directed to children under 13, and we do not knowingly collect personal information from children under 13 without appropriate authorization where required by law. If you believe a child under 13 has provided personal information to us in violation of applicable law, contact us at support@moglock.app so we can investigate and take appropriate action.

If you are under the age of majority where you live, you should use MogLock only with the involvement of a parent or legal guardian where required by applicable law.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will post the updated version, update the "Last updated" date, and take any additional steps required by law.

13. Contact Us

If you have questions, requests, or complaints about this Privacy Policy or our privacy practices, email support@moglock.app.