Privacy Policy for lumeo focus timer

This Privacy Policy explains how lumeo focus timer (“lumeo”, “the app”, “we”, “us”) handles your information. lumeo is a focus timer app that runs primarily on your device. We’ve designed it to keep your data on your phone wherever possible.

If you have any questions about this policy, contact us at: hello@desaina.co

1. Who runs lumeo

lumeo is developed and maintained by Aina Kanatkyzy as an independent developer. The app is distributed through the Google Play Store under the package name com.lumeoapp.timeflow.

2. What data stays on your device

The following information is stored locally on your device in a private database. It is never transmitted to us or to any third party:

• Account information (only if you choose to create an account): your chosen display name, email address, and a cryptographic hash of your password. We never store your password in plain text. lumeo accounts are local — they are not synced to any server, and creating one does not transmit your information off-device.
• Focus sessions: task name, planned and actual duration, start and end timestamps, and the flower you earned (if any).
• Tasks: any task names you create.
• App preferences: your selected break duration and other settings.

Uninstalling the app permanently deletes all of this data.

3. What data we collect remotely

lumeo uses two services from Google to help us improve the app and identify problems. These services collect data automatically when you use the app:

3.1 Firebase Analytics

We use Firebase Analytics to understand how lumeo is used in aggregate. The events we record are:

• session_started — when you start a focus session, including the planned duration, whether you picked a flower, and whether breaks are enabled
• session_completed — when a focus session reaches its planned duration, including duration and the flower earned (if any)
• session_abandoned — when you stop a focus session early, including duration
• plant_earned — when you earn a flower (sessions of 5 minutes or longer), including the flower type and bloom stage
• garden_viewed — when you open the profile / album screen, including how many flowers you have

In addition, Firebase Analytics automatically collects standard usage data, including:

• A randomly generated app instance identifier
• Approximate session duration and engagement time
• Device model, operating system version, and app version
• Country (derived from IP address — the IP itself is not stored)

This data is anonymous. It does not contain your name, email, password, or the names of your tasks.

3.2 Firebase Crashlytics

If lumeo crashes, Firebase Crashlytics sends us a crash report so we can fix the issue. Each report includes:

• The stack trace of the crash
• Device model, operating system version, and app version
• A randomly generated installation identifier
• Whether the app was in the foreground or background

Crash reports do not contain your name, email, password, task names, or session data.

4. What we do NOT collect

To be explicit, lumeo does not collect, transmit, or have access to:

• Your password (only a one-way hash is stored locally)
• The names of your tasks
• The contents of your focus sessions
• Your contacts, photos, files, calendar, microphone, camera, or precise location
• Any advertising identifiers
• Health, fitness, financial, or biometric data

lumeo contains no advertisements and does not sell your data.

5. How we use the data we collect

We use Firebase Analytics and Crashlytics data to:

• Understand which features are used and which are not
• Identify and fix crashes and bugs
• Decide what to improve in future versions

We do not use this data for advertising, profiling, or targeting.

6. Third parties

The only third party that processes data on our behalf is Google, through the Firebase Analytics and Firebase Crashlytics services. Google’s handling of this data is governed by:

• Google’s Privacy Policy: https://policies.google.com/privacy
• Firebase data processing terms: https://firebase.google.com/support/privacy

We do not share or sell any data to anyone else.

7. Data retention

• Local data on your device: kept until you delete it within the app or uninstall the app.
• Firebase Analytics data: retained for 14 months, then automatically deleted by Google.
• Firebase Crashlytics data: retained for 90 days, then automatically deleted by Google.

8. Your rights

Because account data is stored only on your device, you control it directly:

• View or change your name / password: Settings → Account.
• Delete an account: Log out, then reinstall the app to start fresh. Uninstalling permanently deletes the local database.
• Opt out of analytics and crash reporting: At present, lumeo does not provide an in-app toggle to disable Firebase Analytics or Crashlytics. If you do not wish to share this anonymous data, please uninstall the app. We may add an in-app opt-out in a future release.

For step-by-step deletion instructions, see our Data Deletion page.

If you are in the EU, UK, or another region with data-protection laws (such as GDPR or UK GDPR), you have the right to request information about the data Google processes on our behalf. Because we do not store any personal identifiers, we cannot link Firebase data back to an individual, but you can also contact Google directly for requests covering their services.

9. Children’s privacy

lumeo is not directed at children under 13. We do not knowingly collect personal data from children under 13. If you believe a child has used the app and you would like the data removed, please contact us at the email above.

10. Security

Local account passwords are stored only as a cryptographic hash. The app’s database is private to lumeo on your device and cannot be accessed by other apps. Data sent to Firebase is transmitted over HTTPS.

No system is perfectly secure. If we become aware of a security incident affecting Firebase data, we will notify users through an app update and a notice on this page.

11. Changes to this policy

If we change this policy, we will update the “Last updated” date above and, for material changes, post a notice on the app’s Play Store listing. Continued use of the app after a change indicates acceptance of the new policy.

12. Contact

Questions, comments, or requests:

Email: hello@desaina.co

This policy is provided in good faith and reflects how lumeo currently handles data. It is not legal advice. If you have specific legal questions about the application of data-protection laws, please consult a qualified attorney.