PRIVACY

Privacy Policy Last updated: April 19, 2026 Loud Unicorn LLC ("we," "us," "our") built BuyYourTime. This policy explains exactly what data BuyYourTime collects, why, and how it is handled. 1. What Data We Collect and Why App Configuration Data (core app functionality): - Blocked app selection — the list of apps you choose to block, stored locally on your device using UserDefaults. We do not see or have access to which apps you've selected. - Unlock expiry time — the timestamp when your current unlock window expires, stored locally so the app can re-apply blocking at the correct time. - Free unlock timestamp — when you last used your weekly free 1-hour unlock, stored locally to enforce the 7-day cooldown. Spending and Resistance History (stored locally, never transmitted): - Spending events — each time you make a purchase or use the free unlock, a record is stored locally containing the date, purchase amount in cents, and number of hours purchased. This data is used only to display your personal stats in the app. - Resistance events — each time you open the purchase screen and dismiss without buying, a record is stored locally containing the date and the cost of the cheapest option you declined. This is used to calculate your "money saved" stat. All of the above is stored exclusively using UserDefaults on your device. None of it is ever uploaded to our servers or accessible to us. Screen Time / FamilyControls Permission: BuyYourTime requires access to Screen Time / FamilyControls to block and unblock selected apps. This permission allows you to see a list of installed apps and choose which ones to block. The app selection data never leaves your device. We do not transmit, upload, or have server-side access to your Screen Time data or app selection choices. ManagedSettings / DeviceActivityMonitor: BuyYourTime uses ManagedSettings to apply and lift app shields, and DeviceActivityMonitor to automatically re-apply blocking when your unlock window expires. No activity data is sent to our servers. All processing happens locally on your device. 2. What We Do NOT Collect - We do not collect or store any personal information (name, email, phone number, location) - We do not use analytics SDKs (no Firebase, no Amplitude, no Mixpanel, no third-party analytics) - We do not use crash reporting services - We do not track your app usage patterns on our servers - We do not have access to your Screen Time data or the list of apps you've chosen to block - We do not use advertising SDKs or share data with ad networks - We do not access your contacts, photos, microphone, camera, or location - We do not transmit any data to our servers — BuyYourTime has no backend infrastructure 3. Data Storage — Local Device Only All data in BuyYourTime is stored exclusively on your device using UserDefaults. There is no cloud sync, no CloudKit, no Core Data syncing, and no remote server. Your blocked app list, unlock history, spending history, and preferences live only on your iPhone and are never transmitted over the network (except for StoreKit purchase verification, handled entirely by Apple). 4. Third-Party Services - Apple StoreKit 2 — consumable in-app purchase processing for unlock windows ($1.99, $4.99, $9.99). Apple processes all payments and handles all personally identifiable payment information. We receive only anonymized transaction receipts to verify successful purchases. Apple's privacy policy applies: apple.com/privacy - Apple FamilyControls / Screen Time API — used to block and unblock selected apps. All selection data stays on your device. Apple's privacy policy applies. - Apple ManagedSettings — used to apply and lift app shields based on your purchase status. - Apple DeviceActivityMonitor — used to detect when your unlock window expires and automatically re-apply blocking. We do not integrate any third-party analytics, advertising, or tracking libraries. 5. Children's Data BuyYourTime is not directed at or intended for children under 13. We do not knowingly collect personal information from anyone under 13. If you believe a minor has used the app, please contact us at support@loudunicorn.com. 6. Data Retention and Deletion All data is stored locally on your device. To delete all BuyYourTime data, simply uninstall the app. Uninstalling permanently removes all locally stored configuration, spending history, and resistance history. There is no server-side account or database to delete. We do not hold copies of your data. 7. Security Because all data is stored locally on your device and protected by iOS sandboxing, your data is as secure as your iPhone itself. We do not transmit data to external servers, so there is no network-based security risk from our side. The unlock expiry timestamp is stored in UserDefaults. While this is standard iOS practice for local app state, it is not encrypted beyond iOS's standard data protection. A jailbroken device could theoretically modify this value. BuyYourTime is intended as a good-faith habit tool, not a tamper-proof enforcement system. 8. Changes to This Policy We will notify you of material changes via an in-app notice. Continued use constitutes acceptance. The "Last updated" date at the top indicates when this policy was last revised. 9. Contact Loud Unicorn LLC support@loudunicorn.com Arizona, USA ──────────────────────────────────────── GDPR — Your Rights (EU/EEA Users) Last updated: April 19, 2026 This section applies to users in the European Union (EU) and European Economic Area (EEA) under the General Data Protection Regulation (GDPR). 1. Data Controller Loud Unicorn LLC is the data controller for personal data processed through BuyYourTime. Contact: support@loudunicorn.com 2. Legal Basis for Processing We process minimal personal data under the following legal bases (GDPR Article 6): Contractual necessity (Art. 6(1)(b)): Processing your blocked app list, unlock expiry, and purchase history is necessary to provide the core BuyYourTime service — blocking apps until a purchase is made. Consent (Art. 6(1)(a)): By granting Screen Time / FamilyControls permission, you consent to the app applying and lifting app shields on your device. This data stays on your device. 3. Your Rights Under GDPR Right of Access (Art. 15): You have the right to know what personal data we hold about you. Because all data is stored locally on your device and we do not operate a backend server, we do not hold copies of your data. You can view all stored data in the app's Stats screen. Right to Rectification (Art. 16): You can modify your blocked app selection at any time in Settings. Right to Erasure / "Right to be Forgotten" (Art. 17): You can delete all your personal data by uninstalling BuyYourTime. This permanently removes all local data. There is no server-side data to delete. Right to Restriction of Processing (Art. 18): You can restrict data processing by revoking Screen Time permission in iOS Settings > Screen Time. The app will no longer be able to block apps. Right to Data Portability (Art. 20): Because we do not store data on our servers, there is no centralized dataset to export. All data lives on your device. Contact support@loudunicorn.com if you need assistance. Right to Object (Art. 21): You can object to processing at any time by uninstalling the app or revoking permissions. Right to Withdraw Consent: You can withdraw Screen Time permission consent at any time in iOS Settings > Screen Time. 4. How to Exercise Your Rights Email: support@loudunicorn.com Response time: We will respond to verified requests within 30 days of receipt. 5. Supervisory Authority If you believe your data protection rights have been violated, you have the right to lodge a complaint with the supervisory authority in your EU/EEA member state of residence. 6. International Data Transfers BuyYourTime stores all data locally on your device. We do not transfer personal data to servers outside the EU/EEA. StoreKit purchase verification is handled by Apple and governed by Apple's GDPR commitments and Standard Contractual Clauses. 7. Contact GDPR inquiries: support@loudunicorn.com Loud Unicorn LLC, Arizona, USA ──────────────────────────────────────── CCPA/CPRA — Your Rights (California Residents) Last updated: April 19, 2026 This section applies to California residents under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA). 1. Categories of Personal Information We Collect Under CCPA categories, BuyYourTime collects: - Device identifiers (iOS device ID used for StoreKit transaction verification — handled by Apple, not by us) - Purchase history (date, amount, hours purchased) — stored locally on your device only - Behavioral data (resistance events: when you opened the purchase screen but did not buy) — stored locally only We do NOT collect: name, email, phone number, location, browsing history, biometric data, or any sensitive personal information as defined by CPRA. 2. How We Use Personal Information - To block and unblock selected apps based on purchase status - To verify purchases via StoreKit - To display your personal spending and resistance stats in the app 3. Do We Sell or Share Personal Information? No. We do not sell personal information. We do not share personal information with third parties for cross-context behavioral advertising. We do not have a backend server or third-party analytics integrations. 4. Your CCPA/CPRA Rights Right to Know (CCPA §1798.100): You have the right to know what personal information we collect. All data is stored locally on your device in the Stats screen. We do not maintain server-side copies. Right to Delete (CCPA §1798.105): You can delete all your data by uninstalling BuyYourTime. Contact support@loudunicorn.com to request deletion of any records we may hold (though we do not maintain user databases). Right to Correct (CPRA §1798.106): You can modify your blocked app list directly in the app at any time. Right to Opt-Out of Sale/Sharing (CCPA §1798.120): We do not sell or share personal information, so there is nothing to opt out of. Right to Limit Use of Sensitive Personal Information (CPRA §1798.121): We do not collect sensitive personal information as defined by CPRA. Right to Non-Discrimination (CCPA §1798.125): We will not discriminate against you for exercising your CCPA/CPRA rights. 5. How to Exercise Your Rights Email: support@loudunicorn.com We will verify your identity and respond within 45 days (extendable by 45 days if needed, with notice). 6. Authorized Agent California residents may designate an authorized agent to submit requests on your behalf. The agent must provide written proof of authorization. 7. Contact California Privacy Inquiries: support@loudunicorn.com Loud Unicorn LLC Arizona, USA