Last updated: June 2, 2026

Privacy Policy

1. Introduction

This Privacy Policy describes how Vasilache Viorel Catalin ("we", "our", or "us"), a sole proprietor based in Romania and the data controller for Loopisy, collects, uses, stores, and shares your personal information when you use the Loopisy mobile applications for iOS and Android, your Loopisy account, our public website at loopisy.com (including marketing, support, and legal pages only — subscriptions are not sold on the web), and related services ("the service"), including when you use optional Loopisy Premium subscriptions purchased through the Apple App Store or Google Play. Our Terms & Conditions govern use of the service and are incorporated by reference where applicable.

Who operates Loopisy: "Loopisy" is the app and service name. The legal operator and data controller is Vasilache Viorel Catalin (sole proprietor, Romania). The app is published on the Apple App Store and Google Play under the developer name Vasilache Viorel Catalin, not a separate company entity.

Loopisy is a subscription/freemium collaborative planning app (calendar, notes, lists, meal plans, travel). Users authenticate with email, Google, or Apple Sign-In. Content is stored in Google Firebase and shared within private Spaces via in-app email invitations. Free users may see Google AdMob banner ads (with consent where required); Premium users subscribe through Apple or Google via RevenueCat.

Canonical legal URLs (linked from the app and entered in App Store Connect / Google Play Console):

This policy describes what the app actually does. We do not use dedicated third-party analytics SDKs (such as Firebase Analytics, Mixpanel, or Amplitude). Statements about cookies apply only to this website, not to in-app analytics tracking.

By using Loopisy, you agree to the collection and use of your information as described in this Privacy Policy. Where we are required to obtain your consent, we will do so at the appropriate time.

If you have questions or requests, contact us at support@loopisy.com. We aim to respond within 10 business days.

2. Information We Collect

2.1 Account and profile data

When you create an account, we store profile and account metadata in Firebase Authentication and Google Cloud Firestore, including:

  • User ID (Firebase UID)
  • Display name
  • Email address and email-verified status
  • Avatar (a preset icon key you choose in the app — not a user-uploaded photograph)
  • Profile accent color
  • Account creation date and last login date
  • List of Space IDs you belong to
  • Premium subscription status (isPremium)
  • Firebase Cloud Messaging (FCM) device tokens when you enable push notifications (used with Apple Push Notification service on iOS and FCM on Android)

Registration and sign-in: You may register or sign in with email and password (including password reset by email), Google Sign-In, or Sign in with Apple (iOS). If you use Google or Apple, we receive basic profile information (typically name and email) from those providers. During registration or onboarding, the app presents links to these Terms and this Privacy Policy at loopisy.com/terms and loopisy.com/privacy.

Subscription and entitlement data: If you subscribe to Loopisy Premium, Apple or Google (depending on platform) processes the payment. We do not receive your full payment card number. We and our infrastructure use RevenueCat to help manage entitlements. We store in Firestore a boolean indicating whether your account currently has Premium access (isPremium), and a per-Space tier used to apply certain limits for Spaces you administer, as described in our Terms. RevenueCat webhooks and our Google Cloud Functions (region: europe-west1) update entitlement state on our servers when store subscription events occur. Your Firebase Authentication user identifier is used as the primary app user identifier with RevenueCat so subscription state can be tied to your Loopisy account.

Communications: If you contact us by email, we retain those communications to respond to you.

2.2 User-generated content and Space data

Content you create is stored in Firestore and scoped to Spaces. It is accessible only to members of the relevant Space; we do not publish it via public links. Collaborative items may include metadata such as editor user ID, display name, timestamps, and version information.

  • Spaces: name, description, color, type (individual or group), members (user ID and email), and admin user ID
  • Invitations: invited person's email address, inviter user ID and display name, Space ID and Space name
  • Notes: text content (rich text)
  • Calendar: events, categories, reminders, recurrence rules, and optional location notes (free-text only — we do not collect GPS coordinates or device location for calendar entries)
  • Lists: to-do items, checklist items, shopping items, travel itineraries and reservations, meal plans, and recipes (including shopping lists generated from meal plans by rule-based logic, not artificial intelligence)

When a Space Admin invites someone, we store the invited person's email address in Firestore so they can receive an in-app invitation when they register (or immediately if they already have an account). Loopisy does not send invitation emails on your behalf.

2.3 Optional in-app feedback

If you choose to submit feedback from Account settings, we store in Firestore (ratings collection): your user ID, display name, free-text feedback, selected improvement-area tags, and a timestamp. Submission is voluntary.

2.4 Information collected automatically

Authentication data: We collect and store authentication tokens issued by Firebase Authentication to keep you signed in securely.

Device integrity (Firebase App Check): We use Firebase App Check to help verify that requests to our backend come from genuine app instances on real devices, reducing abuse. App Check may process device attestation signals as described in Google's App Check documentation.

Device information: Firebase may collect basic device identifiers and operating system information as part of its standard authentication, storage, and App Check operations.

Push notification tokens: If you enable push notifications, we store FCM device tokens to deliver Space invitations, collaborative edit alerts in group Spaces (individual Spaces do not notify other members about edits), and event reminders. Delivery uses Firebase Cloud Messaging together with Apple Push Notification service (APNs) on iOS. You can disable notifications in the app or in your device settings.

Crash and diagnostic data: If the app crashes, basic diagnostic information may be collected to help us identify and fix problems.

Website visitors: When you visit our public website, the hosting provider (Vercel Inc.) and our infrastructure may process technical and connection data such as IP address, browser type, referring URL, date and time of access, and similar server log information. This processing is limited to operating, securing, and improving the site and is described further in Vercel's Privacy Policy.

SDK and store partners: RevenueCat, Google Play, the App Store, AdMob (where ads are shown), and Firebase may automatically process limited technical identifiers and transaction-related metadata in line with their own documentation and your device or account settings.

2.5 Local and on-device data

The app stores certain data locally on your device to support performance, offline use, and preferences:

  • Encrypted local storage (MMKV): theme, language, onboarding state, dashboard layout, list filters, draft items, and UI preferences. The encryption key is stored in the device Keychain (iOS) or Keystore (Android) and is device-bound.
  • Firestore offline cache: a local cache (approximately 50 MB) so you can view and edit content offline; it syncs when you reconnect.

Local data remains on your device until you uninstall the app, clear app data, or delete your account (after which server-side data is handled as described in Section 7). We do not operate a separate third-party analytics SDK in the app (for example we do not integrate Mixpanel, Amplitude, or the Firebase Analytics SDK package).

2.6 Information we do not collect

Loopisy does not request or access your device camera, microphone, contacts address book, or GPS / precise location. We do not collect user-uploaded profile photos. We do not integrate the Facebook SDK, OpenAI or other generative-AI APIs, Stripe, or dedicated third-party analytics vendors (such as Mixpanel or Amplitude). We do not operate our own first-party product analytics or behavioural advertising networks, and we do not track your in-app behaviour for marketing beyond what third parties described in Section 5 require to deliver authentication, hosting, ads (for eligible free-tier users), or subscriptions. We do not build individual marketing profiles from your lists, notes, or calendar content. We do not offer public or unlisted share links; Space content is not indexed or published outside the service.

2.8 Device permissions and access

Loopisy may request or use the following device capabilities:

  • Push notifications — to deliver Space invitations and alerts when other members change shared content (in group Spaces), and for reminders you configure
  • Internet access — to sync your account and Space content with our cloud services
  • Vibration (Android) — optional tactile feedback for notifications, where supported by your device

We do not request access to your camera, photo library, device location, contacts, or microphone. Loopisy does not currently implement Apple's App Tracking Transparency (ATT) prompt. You can enable or disable push notifications in the app and in your device settings.

2.9 Aggregated and de-identified data

We may derive aggregated or de-identified statistics (for example counts of active users or error rates) that cannot reasonably be used to identify you. We use such information to operate and improve the service and may share it in aggregated form.

3. How We Use Your Information

We use the information we collect only for the following purposes:

  • Providing the service: To authenticate you, store your data, sync it across your devices, and enable real-time collaboration with other Space members.
  • Improving the service: To identify and fix technical problems, to review voluntary in-app feedback you submit, and to understand how the service is being used at a general level.
  • Security and abuse prevention: To verify app and device integrity through Firebase App Check and to protect accounts and Space data.
  • Push notifications: To send optional alerts about Space collaboration, invitations, and reminders you or other members configure, when you have enabled notifications on your device.
  • Communicating with you: To respond to your support requests, notify you of material changes to these policies, and send service-related messages.
  • Legal compliance: To comply with applicable laws and regulations, and to enforce our Terms and Conditions.
  • Subscriptions: To determine eligibility for Loopisy Premium features, to remove advertising for subscribers, to apply Space tier rules, and to reconcile subscription status using server-side processes connected to RevenueCat and the applicable app store environment.

We do not use your information for automated decision-making or profiling that produces legal or similarly significant effects within the meaning of the GDPR or UK GDPR. Updating your subscription status based on records from Apple, Google, or RevenueCat is a routine entitlement sync, not solely automated profiling that decides whether you receive unrelated services or legal outcomes.

4. Legal Basis for Processing (EU, EEA, and UK Users)

If you are located in the European Union, European Economic Area, or United Kingdom, we process your personal data under the following legal bases under the GDPR or UK GDPR, as applicable:

  • Performance of a contract (Article 6(1)(b)): Processing your account data and user-generated content is necessary to provide you with the service you have requested. Where you purchase Loopisy Premium, processing related to entitlement verification and delivery of Premium features is necessary to perform our contract with you.
  • Legitimate interests (Article 6(1)(f)): We process basic diagnostic data, limited technical website logs (via our hosting provider), Firebase App Check signals, and voluntary in-app feedback to maintain the security, reliability, and integrity of the service and to improve the product, where this does not override your rights and interests.
  • Legal obligation (Article 6(1)(c)): We may process data where required to comply with applicable law.
  • Consent (Article 6(1)(a)): Where we rely on consent — for example for non-essential advertising — we will ask for it separately and you may withdraw it at any time.

5. Data Sharing

5.1 Within Spaces

Content you create within a Space is visible to all members of that Space, who may view and edit it. By inviting someone, you consent to sharing Space content with them. We store invited email addresses in Firestore when an invitation is created, including before the invitee registers. Invitations are delivered in the app; we do not email invitations on your behalf.

The Space Admin can manage the Space, invite and remove members, and delete the entire Space (which removes all content in that Space). Push notifications about collaborative edits are sent to other members in group Spaces when notifications are enabled; individual Spaces do not send member-activity notifications to others. There is no public sharing and Loopisy does not provide a native operating-system share sheet to publish Space content outside the app. We do not control how other Space members use content they can access.

5.2 Sub-processors and service providers

We share personal data with the following processors and service providers solely to operate and deliver the service. Where required under the GDPR or UK GDPR, we rely on appropriate contractual terms (including data processing agreements or equivalent terms) offered by those providers:

ProviderPurposeData involvedPrivacy Policy
Vercel Inc.Hosting and delivery of our public website and related static assetsWebsite connection and server log data (for example IP address, browser type)vercel.com/legal/privacy-policy
Google LLC — Firebase (Authentication, Firestore, Cloud Messaging, App Check)Account authentication, cloud storage, push notification delivery infrastructure, and device integrity verificationAccount data, all user-generated content, FCM device tokens, App Check attestation signalspolicies.google.com/privacy
Google LLC — Cloud Functions (europe-west1)Server-side jobs such as push notification delivery, subscription status sync with RevenueCat, and Space cleanupUser and content metadata needed to perform those jobs (for example user IDs, Space IDs, FCM tokens, subscription flags)policies.google.com/privacy
Google LLC — Google Sign-InOAuth loginEmail address and name (provided by Google)policies.google.com/privacy
Apple Inc. — Sign in with AppleOAuth login on iOSEmail address and name (Apple may provide a private relay email)apple.com/legal/privacy
RevenueCat Inc.Subscriptions, in-app paywall, Customer Center, and entitlement reconciliation (including webhooks to our backend)Purchase and subscription history, entitlement status, linked to your Firebase UIDrevenuecat.com/privacy
Apple Inc. — App StoreiOS app distribution and in-app subscription payment processingTransaction and billing data handled by Apple as merchant of recordapple.com/legal/privacy
Google LLC — Google PlayAndroid app distribution and in-app subscription payment processing (when available)Transaction and billing data handled by Google as merchant of recordpolicies.google.com/privacy
Google LLC — AdMobBanner advertising for free-tier users; ad consent via Google User Messaging Platform (UMP), especially in the EEA, UK, and SwitzerlandAd-related identifiers, device information, and IP address as described in Google's advertising policiespolicies.google.com/privacy
Expo (EAS)App builds and over-the-air (OTA) JavaScript updatesStandard app delivery and update metadata (not your Space content)expo.dev/privacy

We do not use the Facebook SDK, OpenAI or other generative-AI APIs, Stripe, or dedicated third-party analytics vendors to process your personal data in Loopisy.

5.3 Advertising

Eligible free-tier users may see in-app banner ads on most app screens, served by Google AdMob. Ads are not shown on authentication, paywall, or onboarding screens. Premium subscribers do not see in-app banner ads. We configure the app to request non-personalized ads where supported; Google may still process limited ad-related data as described in its policies. In the EEA, UK, and Switzerland, ad consent is collected through Google's User Messaging Platform (UMP). For details and how to change your choices, see Ad choices. Ads appear in the native mobile apps only, not on this website.

5.4 Legal disclosures

We may disclose your information if required to do so by law, court order, or governmental authority, or where we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, or investigate fraud.

5.5 Business transfers

If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you via the app or email before your data becomes subject to a different privacy policy.

5.6 No sale of data

We do not sell, rent, or trade your personal information to third parties for their own marketing purposes.

5.7 Cookies and similar technologies

Our website may use cookies, local storage, or similar technologies that are strictly necessary to operate the site (for example security, load balancing, or language preferences) or that are set by our hosting provider (Vercel) as described in its policy. We do not use analytics or advertising cookies on this website. You can control many browser cookies through your device settings. The mobile app does not use web cookies; it uses platform-level storage (secure OS storage, encrypted MMKV, Firebase session mechanisms, and Firestore offline cache) as described in Section 2.

App Store and Google Play compliance

Loopisy does not ship a separate in-app Privacy Policy or Terms text. The app opens or references these website pages. When you list the app in store consoles, the declarations below must match this policy.

When you list or update Loopisy on the Apple App Store or Google Play, the following must stay consistent with this Privacy Policy and our Terms:

  • Privacy Policy URL: enter https://loopisy.com/privacy in App Store Connect, Google Play Console, and anywhere the app links users to legal information
  • Terms URL: https://loopisy.com/terms — same use as above; the app links here rather than hosting Terms inside the binary
  • Apple Privacy Nutrition Label (App Store Connect) and Google Play Data safety (Play Console) are separate questionnaire forms — not documents inside the app. They must match the data categories, purposes, and third parties in Section 2 and Section 5 of this policy (account data, user content, invitations, push tokens, purchases, AdMob on free tier, Firebase, RevenueCat, etc.)
  • In-app subscriptions: before purchase, the app must show auto-renewal, billing period, price, and cancellation instructions consistent with Terms Section 9 and platform rules
  • Advertising: free-tier AdMob banners, Google UMP consent where required, and in-app Ad privacy choices must align with the Ad choices section; we request non-personalized ads and do not use ATT/IDFA for cross-app tracking
  • Accuracy: do not declare analytics, cookies, or data uses in store forms unless they reflect the live app as described here

6. Data Storage and International Transfers

Your account and Space content are stored in Google Firebase (Firestore and Authentication). Google operates data centres in the United States and the European Union (and may use other regions as part of its global infrastructure). Server-side functions that process subscription webhooks, push delivery, and related jobs run in Google Cloud Functions in europe-west1 (Belgium, EU).

Other service providers may process personal data in countries including the United States, the European Union, and other locations where they operate, including:

  • RevenueCat — subscription and entitlement data (commonly United States)
  • Apple and Google (App Store, Google Play, Sign-In, AdMob) — authentication, billing, and advertising data
  • Vercel — website hosting
  • Expo (EAS) — app build and update metadata

Because we and our processors are globally distributed, your personal data may be transferred to and processed in countries outside your own, including countries that may not provide the same level of data protection as your home jurisdiction.

6.1 Transfer safeguards (EEA, UK, and Switzerland)

Where personal data is transferred from the European Economic Area, United Kingdom, or Switzerland to countries that have not received an adequacy decision (such as the United States), we rely on appropriate safeguards as required by the GDPR and UK GDPR, including:

  • Standard Contractual Clauses (SCCs) incorporated in Google's data processing terms for Firebase and Google Cloud services, and equivalent terms offered by other processors where applicable
  • The UK International Data Transfer Agreement or UK Addendum to the SCCs where relevant for UK transfers
  • Supplementary measures described in processor documentation where required by applicable guidance

You may request further information about the transfer mechanisms we rely on by contacting support@loopisy.com. Processor-specific transfer tools are also described in their privacy policies and data processing addenda.

7. Data Retention and Account Deletion

7.1 While your account is active

We retain personal data for as long as your account is active or as needed to provide the service, including:

  • Account and profile data (Firestore users/{uid} and Firebase Authentication) — until you delete your account
  • Space content — until you or a Space Admin deletes the relevant Space or content
  • Pending invitations — until accepted, declined, expired, or removed
  • In-app feedback — while your account is active unless you request deletion
  • FCM push tokens — while notifications are enabled and your account is active
  • Diagnostic and authentication logs — up to 90 days, then deleted
  • Premium status (isPremium) — while your account is active, updated when store entitlements change

7.2 In-app Delete Account

You may delete your account in the app via Account → Edit Profile → Delete Account (two-step confirmation). This currently:

  • Deletes your Firestore user document (users/{uid})
  • Deletes your Firebase Authentication account

Delete Account does not:

  • Cancel an Apple App Store or Google Play subscription — you must cancel billing separately in your store account (the app warns you before deletion)
  • Guarantee removal of every piece of user-generated content you contributed across all Spaces. Content in group Spaces may remain after deletion, including metadata that references you (for example editor user ID, display name, or modifiedBy fields on events, lists, or notes). Full erasure of all collaborative content is not automatically performed today
  • Automatically delete all pending invitations, feedback entries, or other Firestore records that reference you — some records may persist depending on current cleanup rules and backend jobs

7.3 Removing Space content and other data

All content in a Space is removed when the Space Admin deletes the entire Space. If you need collaborative content you created removed from a shared Space without deleting the whole Space, ask the Space Admin or contact us at support@loopisy.com. We may delete or anonymize data where we can reasonably do so without disproportionately affecting other members' use of the Space.

Apple, Google, and RevenueCat maintain their own purchase and subscriber records under their retention schedules. Deleting your Loopisy account does not erase those independent records.

7.4 Local data and legal retention

Local encrypted preferences and Firestore offline cache on your device are removed when you uninstall the app or clear app storage. We may retain certain information longer where required for legal, accounting, fraud prevention, or enforcement purposes, or where deletion would impair the legitimate interests of other Space members (for example preserving shared lists other users still rely on).

We may improve automated cleanup over time; material changes will be reflected in this policy.

To exercise GDPR, UK GDPR, or CCPA/CPRA rights (including erasure beyond in-app deletion), contact support@loopisy.com. We will respond within 30 days, subject to verification and applicable exceptions described in this Section and Section 8.

8. Your Rights

8.1 How to submit requests

To exercise privacy or data-protection rights described in this Section, email support@loopisy.com from the address associated with your Loopisy account (or explain if you no longer have access). Include enough information for us to verify your identity and identify your request. We aim to respond within 30 days (or longer where permitted by law if the request is complex). You may also use in-app account tools where available (see Section 7).

8.2 All users

You may at any time:

  • Access and update your account information through the app settings
  • Delete your account through the app settings (see Section 7)
  • Contact support@loopisy.com to request access, correction, erasure, portability, or restriction of your personal data
  • Manage or cancel Loopisy Premium through the Apple App Store or Google Play subscription controls (and any in-app subscription management links we provide), as deleting your Loopisy account alone does not cancel store billing

8.3 EU, EEA, and UK users — GDPR / UK GDPR rights

If you are located in the European Union, European Economic Area, or United Kingdom, you have the following rights (subject to conditions and exemptions in applicable law):

  • Right of access (Article 15): Request a copy of the personal data we hold about you.
  • Right to rectification (Article 16): Request correction of inaccurate data.
  • Right to erasure (Article 17): Request deletion of your personal data. In-app account deletion removes your user profile and authentication record but may not erase all collaborative content or metadata in shared Spaces (see Section 7). We will respond to erasure requests within 30 days, balancing your rights with legal obligations and the legitimate interests of other Space members where applicable.
  • Right to restriction of processing (Article 18): Request that we restrict processing of your data in certain circumstances.
  • Right to data portability (Article 20): Request your data in a structured, machine-readable format.
  • Right to object (Article 21): Object to processing based on legitimate interests.
  • Right to withdraw consent: Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, contact us at support@loopisy.com. We will respond within 30 days. If you are unsatisfied with our response, you have the right to lodge a complaint with your national data protection authority. In Romania, this is the ANSPDCP (www.dataprotection.ro). In other EU member states, contact your local supervisory authority. If you are in the United Kingdom, you may contact the Information Commissioner's Office (ico.org.uk).

8.4 California residents (CCPA / CPRA)

If you are a California resident, the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), may grant you the following rights (subject to legal exceptions):

  • Right to know — the categories and specific pieces of personal information we collect (see Section 2)
  • Right to delete — personal information we hold, subject to exceptions such as shared Space content that may persist after account deletion (Section 7)
  • Right to correct — inaccurate personal information
  • Right to opt out of sale — we do not sell personal information for monetary consideration
  • Right to opt out of sharing — for cross-context behavioural advertising as defined under the CPRA

Sharing and AdMob: We do not sell your personal information. Google AdMob may process or "share" device and advertising-related information for cross-context behavioural advertising when you consent to personalized ads through Google's User Messaging Platform. We configure the app to request non-personalized ads by default where supported. You can manage or withdraw ad consent in the app under Account → Ad privacy choices and in Ad choices, which constitutes your CPRA opt-out of sharing for advertising purposes to the extent applicable.

We do not use or disclose sensitive personal information for purposes that would require a "Limit the Use of My Sensitive Personal Information" link under the CPRA in the context of Loopisy as currently offered. We do not discriminate against you for exercising privacy rights. You may designate an authorized agent to submit requests where permitted by law; we may verify your identity before responding.

California's "Shine the Light" law (Civil Code section 1798.83) permits California residents to request certain information regarding disclosure of personal information to third parties for their direct marketing purposes. We do not disclose personal information to third parties for their direct marketing purposes in a manner that triggers this obligation for Loopisy as described here. To exercise CCPA/CPRA rights, contact us at support@loopisy.com.

9. Children's Privacy

Loopisy is a general-audience productivity and life-planning app. We welcome users of all ages where permitted by applicable law, but the service is not directed to children and is not designed primarily for children under 13. It is not a child-directed service under the U.S. Children's Online Privacy Protection Act (COPPA) or equivalent laws.

Minimum age: You must be at least 13 years old to create your own Loopisy account anywhere in the world. If you are in the European Union, European Economic Area, United Kingdom, or Romania, you must be at least 16 years old to use the service on your own, unless verifiable parental or guardian consent is obtained where your local law allows a lower age (between 13 and 16) for information society services. These limits also appear in our Terms & Conditions.

Parents and guardians may invite family members who meet the minimum age into shared Spaces. Free-tier users may see advertising through Google AdMob; Premium subscribers do not. We do not knowingly collect personal information from users below the applicable minimum age. If we learn that we have collected such information, we will delete the account and associated data promptly.

If you are a parent or guardian and believe your child has provided us with personal information in violation of this policy, contact us at support@loopisy.com.

10. Data Security

We implement appropriate technical and organizational measures to protect your personal information, including:

  • Encrypted transmission: HTTPS/TLS for communication with our APIs and cloud services
  • Firebase Authentication for secure credential management; passwords are not stored in plain text
  • Firestore security rules and custom authentication claims so only authenticated users with appropriate Space membership can read or write Space data; clients cannot arbitrarily grant themselves Premium status
  • Firebase App Check to help verify that backend requests come from genuine app instances
  • Encrypted local storage (MMKV) with encryption keys bound to the device Keychain (iOS) or Keystore (Android)
  • Firestore offline persistence on your device (local cache) for offline access; protected by your device's OS-level security when the device is locked
  • Server-side entitlement updates for Premium status via Cloud Functions tied to app stores and RevenueCat, not client-only flags
  • No access to camera, microphone, contacts, or device location APIs

No method of transmission over the internet or electronic storage is completely secure. While we strive to protect your data, we cannot guarantee absolute security. In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify affected users and relevant supervisory authorities without undue delay where required by applicable law (including the GDPR and UK GDPR).

11. Third-Party Links and Services

The service may contain links to third-party websites or services. This Privacy Policy does not apply to those third parties. We encourage you to review the privacy policies of any third-party services you access.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy in the app, on our website, or via the email address associated with your account, with at least 14 days' advance notice for material changes.

The "Last updated" date at the top of this policy indicates when it was last revised. Your continued use of the service after changes take effect constitutes acceptance of the revised policy.

Ad choices

If you use Loopisy on the free plan, you may see banner ads on most screens in the native iOS and Android apps. Ads are not shown on authentication, paywall, or onboarding screens. Ads are served by Google AdMob (Google Ireland Limited / Google LLC, as applicable). We configure the app to request non-personalized ads where supported and do not show personalized ads or use your data for cross-app tracking. Loopisy does not implement Apple's App Tracking Transparency (ATT) prompt and does not access the advertising identifier (IDFA) for advertising purposes. You should answer "No" to tracking on Apple's Privacy Nutrition Label for cross-app tracking unless the app changes in the future.

Premium subscribers do not see in-app banner ads. This marketing website does not display AdMob advertisements.

If you are in the EEA, United Kingdom, or Switzerland, Google's User Messaging Platform (UMP) may present a consent message about ad-related data when you first use the app or when required by law. You can change or withdraw consent at any time in the app: open Account Ad privacy choices. That in-app control is the primary way to manage consent; this section explains where to find it.

The canonical URL for this section (including for Google AdMob privacy settings) is https://loopisy.com/privacy#ad-choices.

Google's ad technology is subject to Google's Privacy Policy and Google Advertising Policies.

13. Contact

For any questions, requests, or complaints regarding this Privacy Policy or your personal data, please contact:

Vasilache Viorel Catalin (sole proprietor)
Bd. Metalurgiei 81C-81D, Sector 4, București, Romania
Email: support@loopisy.com (privacy and data-rights requests)
Support: https://loopisy.com/support

Data protection contact / DPO: We have not appointed a Data Protection Officer (DPO). Under the GDPR, a DPO is not required for our current sole-proprietor operation and processing activities. For all privacy and data-protection matters, contact support@loopisy.com.

Loopisy is available in English, Romanian, and French (additional languages may be added). iOS bundle identifier: com.vasilachecatalin.inspo-plan; Android package name: com.vasilachecatalin.inspoplan.

We aim to respond to all inquiries within 10 business days.