Privacy Policy

Uglify — Screen Time Intervention App

Last updated: March 25, 2026 · Effective date: March 25, 2026

Summary

Uglify is a screen time intervention app. Your screen time data never leaves your iPhone. We use four third-party services: TelemetryDeck (anonymous analytics, EU-only, no personal data), Firebase Crashlytics (crash reports, no personal data), RevenueCat (subscription management, anonymous), and TikTok Business SDK (ad attribution, requires your consent via ATT prompt — if you decline, the SDK is fully disabled). You can delete all on-device data at any time. Full details below.

Who we are

Uglify (“we,” “us,” “our”) is developed and operated by Maksim Horbikau, a sole proprietor registered in Poland.

Data controller contact:

Name: Maksim Horbikau
Email: hello@uglify.app
Address: Zeromskiego 1, 01-887 Warsaw, Poland

We maintain data processing agreements (DPAs) with all third-party service providers that process data on our behalf, in compliance with GDPR Article 28.

Our privacy philosophy

Uglify is built on a simple principle: your usage data stays on your device. We do not operate servers that collect or store your screen time data. We have no interest in knowing which apps you use, how long you scroll, or when you open your phone. That information belongs to you and never leaves your iPhone.

Where we do use third-party services — for crash reporting, anonymous analytics, subscription management, and ad attribution — we choose privacy-respecting providers, minimize data collection, and disclose exactly what each service receives.

Apple Screen Time APIs

Uglify uses Apple’s restricted Screen Time APIs — FamilyControls, DeviceActivity, and ManagedSettings — under an entitlement granted by Apple. These APIs allow Uglify to:

Monitor when your selected apps are opened and for how long
Display shield screens that interrupt app usage when tier thresholds are reached (shields are always dismissible)

Apple’s privacy architecture ensures that app identity data is represented as opaque tokens. Uglify never sees the names, bundle identifiers, or content of your apps. We receive only anonymous tokens that represent your selected apps.

What data stays on your device (never transmitted)

The following data is generated and stored exclusively on your iPhone. We cannot access, retrieve, or view any of it.

App usage data. Session records (start/end timestamps, tier level, break status), cumulative daily screen time, and per-tier time breakdowns. Generated by Apple’s DeviceActivity framework and our App Intents, stored in a shared App Group container. Apple’s DeviceActivity framework returns opaque application tokens — not app names or bundle identifiers — meaning even the raw monitoring data is privacy-preserving by design. Archived session data is automatically purged after 90 days.

Your configuration. Which apps you monitor (stored as opaque FamilyControls tokens), your free time allowance, tier thresholds, daily reset hour, and pause/break state. Stored locally in the App Group container.

Your personalization answer. During onboarding, you may share why you want to use Uglify. This free-text answer is stored locally on your device and is never transmitted.

Onboarding state. Whether you have completed setup, which shortcuts and automations are configured. Stored locally.

What data is processed by third parties

Anonymous analytics (TelemetryDeck)

We use TelemetryDeck (TelemetryDeck GmbH, Germany) to understand how Uglify is used in aggregate. TelemetryDeck does not collect personal data. It does not store IP addresses, does not use IDFA, and does not track users across apps. It generates an anonymous, hashed user identifier that rotates and cannot be used to identify you. TelemetryDeck is based in the EU (Germany) and processes all data within the EU. TelemetryDeck does not constitute tracking under Apple’s App Tracking Transparency framework.

Crash reporting (Firebase Crashlytics)

We use Firebase Crashlytics (Google LLC) to detect and fix app crashes. When Uglify crashes, Crashlytics automatically sends crash logs and stack traces, device model, OS version, app version, a randomly generated Crashlytics installation UUID (not linked to your identity), device state at the time of crash. Crashlytics does not collect your name, email, Apple ID, usage data, or any content from monitored apps. Crashlytics does not constitute tracking under Apple’s ATT framework.

Subscription management (RevenueCat)

If you purchase an Uglify subscription or lifetime access, payment processing is handled by Apple through the App Store. We use RevenueCat (RevenueCat, Inc.) as our subscription infrastructure provider. RevenueCat receives an anonymous app user ID, subscription status, transaction receipts from Apple, device metadata. RevenueCat does not receive your name, email address, phone number, Apple ID, or any usage data.

Ad attribution (TikTok Business SDK)

We use the TikTok Business SDK for ad attribution. The TikTok Business SDK constitutes tracking under Apple’s ATT framework.

If you grant tracking permission: TikTok receives your IDFA, IDFV, IP address, device model, OS version, and app events.
If you decline: The TikTok Business SDK is fully disabled. No data is shared with TikTok.

Apple (App Store & StoreKit)

All payment transactions are processed by Apple.

App Tracking Transparency (ATT)

Uglify shows an ATT prompt due to the TikTok Business SDK. Choosing Allow enables IDFA-based ad attribution. Choosing Ask App Not to Track fully disables the TikTok SDK. TelemetryDeck, Firebase Crashlytics, and RevenueCat do not rely on ATT.

What data we collect directly

We collect no personal data by default. You do not need to create an account. If you contact us at hello@uglify.app, we will have your email and message content, deleted within 90 days. If you join our mailing list, your email is stored for product updates.

Your rights under GDPR

Right of access, rectification, erasure, restriction, portability, objection, withdrawal of consent, and right to lodge a complaint with UODO (Polish supervisory authority).

To exercise rights, email hello@uglify.app. Response within 30 days.

How Uglify modifies your device

Uglify modifies Color Filters, Classic Invert, Reduce White Point, and system volume. Volume remains muted after leaving monitored app (intentional design). Emergency exit via triple-click side button.

What happens when you uninstall

Uninstalling removes all on-device data. Third-party data retention: RevenueCat retains subscription records, Crashlytics retains crash logs 90 days, TikTok retains attribution data if opted in. Contact hello@uglify.app for third-party deletion.

Children’s privacy

Not directed at children under 13. We do not knowingly collect data from children.

International data transfers

TelemetryDeck: EU only. Crashlytics/RevenueCat: may transfer to US with SCCs. TikTok: if ATT opted in, transfers to US/Singapore with SCCs.

Security

On-device data protected by iOS sandboxing. No server-side attack surface.

Changes to this policy

We will notify of material changes at uglify.app/privacy and via in-app notification.

Contact

Email: hello@uglify.app

Address: Zeromskiego 1, 01-887 Warsaw, Poland