Auvio – Privacy Policy

Effective Date: 27 August 2025

Controller: Lithica Studio Limited , Unit 13 Freeland Park BH16 6FA, United Kingdom

Lithica Studio Limited / Auvio provides an app for creating and playing customisable, infinitely looping soundscapes. This policy describes what we collect, how we use it, and your rights.

1) Information we collect

A. Account & identity
Optional sign-in: You can use Auvio without creating an account. In that case, we do not collect any personal information.
Sign in with Apple (SIWA): If you choose to create an account, we collect the name and email address provided by Apple. If you select Hide My Email, Apple provides us with a private relay address instead.
Internal account ID: If you create an account, we generate an identifier to associate your saved mixes with your account across devices.

B. Content you save
Mix data: names of mixes and their configuration (selected sounds, volumes, effects, ordering). Stored so you can sync across devices and restore after reinstall.

C. Subscriptions & purchases
StoreKit transaction metadata: non-payment transaction details (e.g., product ID, status, expiration) to determine access. We never receive card numbers or full billing info. Apple processes payment.

D. Notifications
Device push token (FCM/APNs): collected only if you opt in to notifications so we can deliver them to your device.

E. Analytics (minimal)
Firebase Analytics events: aggregated, non-identifying usage data (e.g., app opens, feature usage) to help improve stability and UX. We do not use this for advertising or cross-app tracking.

F. Diagnostics (only if enabled by you or added later)
If we enable crash reporting (e.g., Firebase Crashlytics), crash logs and device info related to the crash may be collected to debug issues.

We do not collect government IDs, precise location, contact list, photos, or microphone recordings, and we do not track you across other companies’ apps or websites.

2) How we use information

Provide and operate Auvio features (account, mix sync, playback).
Manage access to paid content via subscriptions.
Send push notifications you’ve opted in to.
Measure aggregate usage to prioritise improvements and stability.
Respond to support requests and enforce acceptable use.

We do not sell or rent personal information, and we don’t share it with advertisers.

3) Legal bases (EEA/UK only)

Where GDPR/UK GDPR applies, we process:

Contract – to provide the service you request (account, mixes, subscription access).
Consent – for notifications and any optional analytics where required.
Legitimate interests – to keep the app secure, prevent fraud/abuse, and understand aggregate usage (balanced against your rights).
Legal obligation – to comply with laws and valid requests.

4) Sharing with service providers

We share data only with processors needed to run Auvio:

Apple (App Store / StoreKit / Sign in with Apple / APNs): authentication, subscriptions, payment processing, and delivery of notifications.
Google Firebase (Google LLC): cloud database/storage for mixes, push messaging (FCM), and analytics.

These providers process data on our behalf under their terms and data-protection measures. We don’t permit them to use your data for their own advertising.

5) Data retention & deletion

Account & mixes: Mix configurations are stored in your account only after you choose to sync using the “sync spaces” feature. Data remains stored while your account is active.
Self-service deletion: in the app, go to Settings → Delete Account. This permanently deletes your account, Sign in with Apple identity we store, saved mixes, and associated cloud data.
Backups/logs: limited, time-bound backups may persist for a short period after deletion for disaster recovery and legal/fraud prevention, then are securely purged.
Push tokens: deleted when you disable notifications or delete your account.
Analytics: retained by Firebase per their standard retention windows.

6) Your choices & rights

Access / correction / deletion: request via Settings → Delete Account (for deletion) or email [email protected].
Portability & restriction/objection (EEA/UK): you may request a copy of your data and to restrict or object to certain processing.
Withdraw consent: disable notifications in iOS Settings or in-app.
Manage subscription: via iOS Settings → Apple ID → Subscriptions (or via the “subscription” button we provide in-app).

We will verify requests and respond within applicable legal timeframes.

7) Children

Auvio is not directed to children under 13 (or the minimum age in your jurisdiction). We do not knowingly collect personal information from children. If you believe a child has provided us personal data, contact [email protected] and we will delete it.

8) Security

We use technical and organisational measures to protect data, including:

Transport encryption (TLS) and platform crypto (e.g., Apple CryptoKit).
Least-privilege access to production systems.
Authentication via Sign in with Apple.

No method is perfectly secure; please contact us if you suspect unauthorised access.

9) International transfers

Our providers (Apple, Google Firebase) may process data on servers located outside your country. Where required, appropriate safeguards (e.g., Standard Contractual Clauses) are relied upon by those providers. By using Auvio, you understand your data may be transferred, processed, and stored in countries where our providers operate.

10) Do Not Track / tracking

We do not use the Advertising Identifier (IDFA) and do not engage in cross-app tracking or targeted advertising. Browser “Do Not Track” signals are not used by the app.

11) Third-party links

If the app links to external sites or documentation, their privacy practices apply. Review their policies when you leave Auvio.

12) Changes to this policy

We may update this policy from time to time. Material changes will be reflected by updating the Effective Date above and notifying you in-app or via other reasonable means.

13) Contact

Questions or requests about privacy?
Email: [email protected]
Postal: Lithica Studio Limited, Unit 13 Freeland Park BH16 6FA, United Kingdom