Privacy Policy
Last updated: 12 June 2026 · Effective: 27 June 2026
1. Who we are
Cronicular is an iOS calendar application. The app is operated by Crucible (sole trader, United Kingdom). We are the data controller for personal information processed through Cronicular.
2. What we collect
Account data
When you sign in we receive:
- A user ID issued by Apple (Sign in with Apple) or an email address you supply.
- (We do not store your name — Apple may provide it at sign-in, but we discard it.)
This data is stored in our backend (Supabase) and used to identify your account and sync your data across devices.
Calendar data, photos & contacts
Cronicular stores the events, anchors, rings, themes, plans and preferences you create inside the app, on-device and synced to Supabase against your account. Photos you attach to anchors stay on your device on the free tier; on Pro they are uploaded to our storage (Supabase) so they sync across your devices. If you use 'Import Contact Birthdays', your contacts' names and birth dates are read from your device and stored as anchors in Supabase against your account (only when you choose to run the import).
Apple Health & health profile (optional)
If you grant permission, Cronicular reads sleep, workout and activity samples from Apple Health to display them on the dial. Apple Health (HealthKit) data never leaves your device — it is not sent to our servers. However, any health details you enter manually (such as date of birth, biological sex, blood type, or manually-logged values) are included in your account backup if you use 'Push to Cloud', and are then stored in Supabase against your account.
Diagnostic data
Crash logs and performance traces are collected via Sentry. This diagnostic data is linked to your account ID (so we can trace a bug to a session) but contains no personal information such as your name or email. It is used only to fix bugs and improve reliability.
Advertising data
The free tier of Cronicular shows ads supplied by Google AdMob. When you allow tracking (via the iOS App Tracking Transparency prompt) AdMob receives your device advertising identifier (IDFA) to personalise ads. If you decline, only non-personalised ads are shown.
In-app purchase data
If you upgrade, Apple processes the payment. We receive a purchase receipt and entitlement state — we do not receive your payment card details.
Sharing you choose to do
Some features let you share your own data with others — always by your choice, and revocable at any time:
- Shared calendars & rings: when you invite someone, the events and anchors on that calendar or ring become visible to (and editable by, where you allow it) the people you invite.
- Public dial link: if you create a public link to your dial, anyone with the link can view the calendars you chose to include, until you revoke it.
- Connected apps (API): if you generate an access token to connect an external app or AI assistant, that app can read and add events and anchors on your behalf until you revoke the token.
3. How we use your data
We process your data to:
- Provide the app's core functionality (calendar, rings, themes, sync).
- Authenticate you and keep your account secure.
- Diagnose crashes and improve reliability.
- Serve and measure ads (free tier only).
- Handle support requests you send us.
We do not sell your data, build advertising profiles outside AdMob, or use your calendar content for machine-learning training.
4. Legal bases (UK / EU users)
- Contract: to deliver the service you signed up for.
- Legitimate interests: to keep the app stable, secure, and free of abuse.
- Consent: for Apple Health access, App Tracking Transparency, and optional analytics. You can withdraw consent at any time in iOS Settings.
5. Sharing
We share data with a small number of processors:
| Processor | Purpose | Data |
|---|---|---|
| Supabase Inc. | Auth, database, file storage | Account ID, email, calendar data, imported contact birthdays, Pro anchor photos, manually-entered health details |
| Apple Inc. | Sign in with Apple, IAP, push notifications | User ID, purchase receipts |
| Google LLC (AdMob) | Ads (free tier) | IDFA (if you consent), coarse device info |
| Functional Software, Inc. (Sentry) | Crash reporting | Crash & performance data, linked to your account ID |
We do not share data with anyone else except where required by law.
6. Retention
We keep your account data while your account is active. If you delete your account, we permanently delete it within 30 days. Crash logs are retained for 90 days. Backups roll over within 60 days.
7. Your rights
You can:
- Access, correct, or export your data.
- Delete your account (in-app: Settings → Account → Delete account).
- Withdraw consent to Health, tracking, or analytics.
- Lodge a complaint with the UK ICO (ico.org.uk) or your local supervisory authority.
To exercise rights, email support@cronicular.com. We respond within 30 days.
8. Children
Cronicular is rated 4+ but is not directed at children under 13. We do not knowingly collect data from children under 13. If you believe we have, contact us and we will delete it.
9. International transfers
Supabase processes data in the EU (Frankfurt region). Apple and Google process data globally under their published transfer mechanisms (SCCs, UK IDTA).
10. Security
Data is encrypted in transit (TLS 1.2+) and at rest. Supabase row-level security restricts each user's data to their own account. Auth tokens are stored on-device in the iOS Keychain via expo-secure-store.
11. Changes
If we materially change this policy we will notify you in-app and update the date at the top of this page.
12. Contact
support@cronicular.com
Crucible · United Kingdom