Privacy Policy

SleepTrack Audio ("we," "us," or the "App") is a privacy-first Android application that helps you track your sleep patterns and media listening habits (e.g. audiobooks and podcasts) to provide personalized "resume" recommendations. This Privacy Policy describes what information the App processes, how it uses that information, how it is stored and protected, and your rights regarding your data. Our fundamental principle is local-first processing: sleep sessions, playback history, recommendations, bookmarks, and insights are processed on your device for the App's core functionality.

Information We Collect and Process

SleepTrack Audio is designed to collect only the information necessary for its core functionality. Core app data is stored locally on your device. The categories of data we handle include:

Sleep Data (Health Connect)

If you grant permission, the App integrates with Google Health Connect to read your recorded sleep sessions from connected sources (for example, any fitness tracker or smartwatch that saves sleep data to Health Connect). The current app requests read-only sleep permission (android.permission.health.READ_SLEEP). We use sleep session records, including start/end times, source information, and sleep details if supplied by Health Connect, solely to detect when you likely fell asleep and woke up. We do not write or modify any data in Health Connect, and we only access sleep information you have allowed.

Media Playback Data

The App monitors media playback on your device via a notification listener service and Android media-session APIs. In practice, SleepTrack Audio can detect when you are playing audio (for example, from Spotify, Audible, podcast players, Audiobookshelf, or local media players) and gather minimal metadata about the playback. This metadata can include the media app package name, media title, chapter/artist fields where exposed by the media app, playback position, timestamp, and duration/progress. No actual audio content is ever recorded or saved – we capture playback status and metadata, not the audio itself, transcripts, or private message notifications.

User Tags, Bookmarks, and Notes

You have the option to annotate your listening or sleep history with personal notes, tags, or bookmarks. Any such user-generated annotations are stored locally as part of your app data. They exist solely for your personal use and to help you organize and recall information. We do not transmit your notes or tags anywhere outside the device.

User Preferences and Settings

The App stores your preferences and settings on your device (using Android's secure storage mechanisms). This includes configurations such as whether sleep tracking/monitoring is enabled, your typical sleep hours, notification and reminder settings, sleep timer choices, and other in-app toggles.

Diagnostics and Local UX Events

By default, SleepTrack Audio does not send analytics data or crash reports to our servers. The current app keeps internal UX counters and diagnostics locally unless a future build asks for, and receives, your explicit opt-in for external diagnostics. Firebase Analytics and Crashlytics SDKs are included in the app package but collection is disabled by default in the manifest. If an opt-in diagnostics feature is activated in a future version, it will not include your sleep times, media titles, notes, Health Connect records, or listening content.

Account and Purchase Data

SleepTrack Audio does not require an account for its core features. If you buy the one-time No Ads purchase, Google Play Billing processes the transaction under Google's terms and provides purchase status to the App so we can unlock the feature. If you enable Google Drive backup, Google Sign-In is used to authorize access to your Google Drive appDataFolder; the App requests the minimal Drive app-data scope and may receive basic Google account information needed to perform that backup.

How We Use Your Information

We use the collected information solely to provide, personalize, and improve the SleepTrack Audio experience. We do not use your data for advertising profiles or any purposes beyond the app's core functionality. Specifically:

Core Sleep-Tracking Functionality

Your sleep data and media playback data are combined on-device to infer the moment you likely fell asleep during audio playback. This is the App's core feature: determining a "resume point" in your audiobook or podcast for the next day.

Morning Resume Notifications

If you have allowed SleepTrack Audio to send notifications, the App can send you a gentle morning notification with your recommended resume point. These notifications are generated only after a sleep session is detected and a recommendation is available.

In-App Insights and Analytics (On-Device)

SleepTrack Audio provides you with visualizations and summaries of your own sleep and listening data within the app. All such insights are computed locally on your device using your stored data.

User-Initiated Features

When you use optional features of the app, your data is used only as needed to carry out the feature. For example, if you set a Sleep Timer, add a bookmark, or use the export feature, the App uses your data locally to fulfill these functions.

Legal Bases (EU GDPR)

Where the General Data Protection Regulation (GDPR) applies, we rely on the following legal bases under Art. 6(1) GDPR:

• Performance of a contract (Art. 6(1)(b)): to provide the core app functionality (sleep detection, resume suggestions, local insights).
• Consent (Art. 6(1)(a)): for optional features you explicitly enable, such as Health Connect access, Google Drive backup, ads where consent is required, and future opt-in diagnostics.
• Legitimate interests (Art. 6(1)(f)): to ensure the security and integrity of the app and website, including basic server logging and abuse prevention.
• Legal obligation (Art. 6(1)(c)): where processing is required to comply with legal duties (e.g., accounting/recordkeeping, responding to lawful requests).

Health Connect sleep data is processed locally in the App; we do not receive it. If you enable optional Google Drive backup, the App may back up sleep sessions together with your other App data to your Google Drive app data folder. Because sleep data can legally qualify as health data, the App accesses it only after your explicit Health Connect permission. Where Art. 9 GDPR is additionally required, we rely on your explicit consent under Art. 9(2)(a) GDPR. You can revoke the permission at any time in Android or Health Connect settings.

Website Data Processing

This website is primarily informational. We do not use analytics trackers. Limited processing occurs when you visit the site or contact us:

Server Logs and Website Delivery (Cloudflare Pages)

Our website is hosted, delivered, and protected via Cloudflare Pages by Cloudflare, Inc., 101 Townsend St., San Francisco, CA 94107, USA. When you access the website, Cloudflare processes technical data such as IP address, timestamp, requested URL, referrer, and user agent to deliver the pages, defend against attacks, and maintain service stability. Depending on routing and threat mitigation, processing may take place in data centers within the EEA and in third countries, in particular the United States. Legal basis: Art. 6(1)(f) GDPR (legitimate interests). Logs are retained only as long as necessary for security and troubleshooting and are then automatically deleted unless required for incident investigation.

Contact Emails

If you email us (e.g., [email protected], [email protected]), we process your message content and contact details to handle your request. Legal basis: Art. 6(1)(b) GDPR (pre-contractual steps/contract) or Art. 6(1)(f) GDPR (legitimate interests) depending on context. Emails are retained according to legal retention requirements and our operational needs.

No Contact Form

We do not currently offer a contact form on the website. Website enquiries are submitted only via email links. Accordingly, we do not collect form fields beyond the information you choose to include in your email.

No Tracking Cookies

We do not use analytics tools, tracking cookies, or third-party advertising scripts on the website. Cloudflare may set strictly necessary, security-related cookies to deliver the service; we do not use marketing cookies.

Data Storage and Security

We take a "local-first" approach to data storage and implement security measures appropriate for a mobile application:

Local Device Storage

All data that SleepTrack Audio collects or generates is stored locally on your device using an on-device database (built on Android's Room/SQLite database system). This means your SleepTrack Audio data resides in the protected app-storage area of your phone. No other apps on your device can directly access this information.

Data Retention and Automatic Cleanup

SleepTrack Audio is designed to avoid accumulating excessive data on your device. By default, the app will periodically purge older data that is no longer needed for core functionality:

• The App automatically deletes detailed media playback history records that are older than approximately 60 days
• Temporary files, caches, and other ephemeral data are regularly cleared out
• Pro users may adjust or disable certain retention limits

Security Measures

SleepTrack Audio employs standard security practices to protect your data:

• Android Sandbox: All data is stored in the app's private sandbox
• Secure APIs: We only use official, trusted APIs for accessing sensitive health data
• No Unencrypted Transmission: Core sleep/listening data is not transmitted to us; optional Google Drive backups and Google/AdMob services use encrypted provider connections
• Minimal Permissions: We follow the principle of least privilege in requesting permissions

Data Sharing and Disclosure

Your privacy is central to SleepTrack Audio's design. Core sleep and listening history stays on device. Third-party processing occurs only for specific optional or externally provided features described below.

No Sale or Unwarranted Sharing of Personal Data

We do not sell, rent, or trade your personal data with any third parties. We also do not share your data for advertising profiling or marketing by others.

Firebase SDKs

The App includes Firebase Analytics and Crashlytics SDKs, but collection is disabled by default. Current core functionality does not require sending your sleep or listening data to Firebase. If a future version enables opt-in external diagnostics, it will be consent-based and limited to diagnostic information.

Google Play Billing and Google Drive Backup

Google Play Billing is used for the one-time No Ads purchase and purchase restoration. Google Drive backup is optional and stores a JSON backup in your own Google Drive appDataFolder after you connect your Google account. Backup data can include sleep sessions, media positions, recommendations, and timestamps. We do not operate a server that can access those Drive backups.

Website Hosting, Delivery, and Security (Cloudflare Pages)

For the website, we use Cloudflare Pages for hosting, content delivery, and security, including DDoS protection. Cloudflare acts as our data processor under a Data Processing Addendum (DPA) and processes only the technical data necessary to provide these services. We do not permit Cloudflare to use the data for advertising or profiling.

Advertising and Affiliate Partners

Free users may see ads delivered via Google's AdMob SDK. The App requests non-personalized ads only, uses consent-aware ad loading, and does not pass sleep records, media titles, notes, or app database content to ad requests. Users with the one-time No Ads purchase do not see ads. The App may also show clearly labeled Audible affiliate cards; tapping one opens Audible/Amazon in your browser with an affiliate tag, and the partner's privacy policy applies after you leave the App.

Your Rights and Controls

Because SleepTrack Audio is focused on user privacy and control, we have built the app to empower you to exercise various privacy rights easily:

Access and Data Portability

You have full access to your data through the app's dashboard and history screens. Additionally, we provide an Export feature that lets you obtain your data in common formats (JSON, CSV, HTML, plain text).

Rectification (Correction of Data)

You can correct inaccurate data by editing it at the source (Health Connect, media apps) or by deleting incorrect entries within the app.

Deletion of Data (Right to Erasure)

You can delete your data at any time:

• Delete individual items through the app's UI
• Clear all app data via the app's reset feature
• Uninstall the app to delete all local data

Revoking Consent / Managing Permissions

You can revoke any permissions at any time:

• Health Connect permission
• Notification Access for media monitoring
• Post Notifications permission
• Advertising and consent settings
• Google Drive backup connection

No Discrimination

We will never restrict your access to app features or degrade your user experience because you exercise a privacy right.

Right to Object

Where we process personal data on the basis of Art. 6(1)(f) GDPR, you have the right to object at any time on grounds relating to your particular situation (Art. 21 GDPR).

Right to Lodge a Complaint

You also have the right to lodge a complaint with a supervisory authority. For our website operator in Lower Saxony, Germany, the competent authority is Der Landesbeauftragte für den Datenschutz Niedersachsen, Prinzenstraße 5, 30159 Hannover, Germany. You can use the official online complaint form.

Children's Privacy

SleepTrack Audio is intended for use by adults and is not designed to attract children. We do not knowingly collect personal information from anyone under the age of 13. If we discover that we have inadvertently collected information from a child under 13, we will delete that information as soon as possible.

International Data Transfers

Core app processing happens locally on your device. International transfers may occur when you use Google-provided services such as AdMob, Google Play Billing, Google Sign-In/Drive backup, future opt-in Firebase diagnostics, or when you access our website through Cloudflare Pages. For such providers, we rely on appropriate safeguards such as Standard Contractual Clauses (SCCs) and participation in frameworks like the EU–U.S. Data Privacy Framework, where applicable.

Cookies and Tracking

We do not use cookies or similar tracking technologies on this website. If in the future we add non-essential analytics or embeds, we will request your consent before activating them.

Changes to This Privacy Policy

We may update or revise this Privacy Policy from time to time to reflect changes in the app's features or legal requirements. If we make material changes, we will notify you through the app or other appropriate channels. Changes will become effective on the date they are posted.

Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or your data, please contact us:

We will do our best to respond in a timely and comprehensive manner. Your trust is important to us, and we welcome your feedback on any privacy or security matter.