Privacy Policy

Effective: 1 May 2026Last updated: 1 May 2026Applies to all Graphite Labs apps & services

Your privacy matters. This policy explains what data Graphite Labs collects, why we collect it, how it is used, and your rights over it. We are committed to keeping the data behind your experience with our apps personal and protected.

Contents

Who we are
Data we collect
How we use your data
Third-party services
Data storage & security
Data retention
Your rights
Children’s privacy
Changes to this policy
Jurisdiction & legal basis
Contact

1. Who We Are

Graphite Labs is a small, independent studio based in South Africa, designing and engineering deliberate mobile software for iOS and Android. References to “we,” “us,” or “our” in this policy refer to Graphite Labs. For privacy inquiries, contact us at [email protected].

2. Data We Collect

We collect only what is necessary to provide and improve our apps and services (collectively, the “Services”). Depending on which app you use, this may include:

Account info:Name, email address, and authentication credentials when you create an account.
App usage:Feature interactions, session duration, and usage patterns to help us improve the experience.
Device info:Device type, OS version, and app version for diagnostics and compatibility.
In-app content:Any content you create or submit within our apps, as described in each app’s specific privacy notice.
Correspondence:Messages and enquiries you send us directly.

We do not collect sensitive biometric data or financial information, and we do not sell your data to advertisers.

3. How We Use Your Data

We use the data we collect to:

Deliver and personalise your experience with our apps.
Sync your data across your devices.
Identify and fix bugs, improve performance, and develop new features.
Send you important account or service communications.
Comply with our legal obligations.

We do not use your personal content to train AI models without your explicit, opt-in consent.

4. Third-Party Services & Platform Providers

Our apps may integrate with platform providers (Apple, Google) and other third-party services. When you use these integrations:

We access only the data scopes you authorise.
We use this data exclusively to deliver the relevant functionality.
Each provider operates under their own data retention and privacy policies.

We receive limited information from Apple and Google when you install or purchase our apps, as governed by their respective privacy policies. We are not responsible for the data practices of third-party providers.

5. Data Storage & Security

Your data is stored on secure cloud infrastructure with encryption in transit (TLS) and at rest. We apply industry-standard security practices including:

Access controls limiting who can view your data internally.
Regular security reviews of our infrastructure and third-party integrations.
Prompt notification in the event of a data breach affecting your information.

No system is perfectly secure. While we take strong precautions, we cannot guarantee absolute security.

6. Data Retention

We retain your data for as long as your account is active or as needed to provide the Services. If you delete your account:

Your profile and associated data are deleted within 30 days.
Anonymised, aggregated analytics may be retained indefinitely.
Legal or compliance obligations may require us to retain certain records longer.

7. Your Rights

Depending on your location, you may have the following rights over your personal data:

Access:Request a copy of the data we hold about you.
Correction:Update inaccurate or incomplete data.
Deletion:Request erasure of your account and associated data.
Portability:Receive your data in a structured, machine-readable format.
Opt-out:Withdraw consent for non-essential data processing at any time.

To exercise any of these rights, email us at [email protected]. We respond to requests within 30 days.

8. Children’s Privacy

Our Services are not directed to children under 13. We do not knowingly collect personal data from individuals under 13. If we become aware that we have collected data from a child under 13, we will delete it promptly.

If you believe we have inadvertently collected such data, please contact us at [email protected] and we will take immediate action.

9. Changes to This Policy

We may update this Privacy Policy as our practices evolve or as required by law. We will notify you of significant changes via in-app notification or email. The “last updated” date at the top of this page reflects the most recent revision. Continued use of our Services after a policy update constitutes your acceptance of the revised terms.

10. Jurisdiction & Legal Basis for Processing

Graphite Labs is based in South Africa and operates globally. If you access our Services from outside South Africa, you do so at your own initiative and are responsible for compliance with your local laws.

For users in the European Economic Area, United Kingdom, or other jurisdictions with applicable data protection laws, our legal bases for processing your personal data include: performance of our contract with you, our legitimate interests in operating and improving the Services, compliance with legal obligations, and your consent where explicitly requested.

11. Contact

Privacy questions, requests, or concerns:

[email protected]