Privacy Policy

We Respect and Protect Your Privacy

Your privacy matters to us. This Privacy Policy explains how we collect, use, and protect your personal information when you visit our website or download our app.

What You Should Know

Information We Collect

Last updated: May 2026

The short version: Your personal health data — mood tracking, check-ins, journey roadmap, voice notes, and photos — stays on your device only and is never shared. Community posts and stories you choose to publish are stored on SUGI's server and are visible to other SUGI users. No data is ever sold, shared with third parties, or used for advertising.

SUGI is a wellbeing companion app for people with visible differences and their supporters.

This policy explains exactly what information the app stores, where it is stored, the legal basis for storing it, and how you can delete it at any time.

1. Who this policy applies to

This policy applies to all users of the SUGI mobile application. If you are under 18, a parent or guardian should read this policy and supervise your use of the app.

Your personal health data never leaves your device. However, if you choose to post in the Community or Stories sections, that content is sent to SUGI's server and visible to other users — please do not include your real name or any identifying information in public posts.

2. Two types of data — local and server

SUGI stores two distinct categories of data:

  • Local-only data: Your mood tracking, check-ins, journey roadmap, quests, voice notes, profile drawing, and progress photos. This data never leaves your device. SUGI's developer cannot access it.

  • Community data: Posts, replies, and stories you choose to publish. This content is sent to SUGI's server, stored in a secure database, and visible to other SUGI users. Your chosen nickname is shown alongside your posts. This data is pseudonymous — no real name, email address, or other identifying information is required or collected.

You are never required to use the Community or Stories features. The app's core wellbeing features work entirely offline.

3. What the app stores — complete list

Refer to the table below Section 17. for the complete list.

4. What we do NOT collect

  • We do not collect your real name, email address, phone number, or any contact details.

  • We do not collect your precise or approximate location.

  • We do not collect contact lists, call logs, or SMS messages.

  • We do not transmit photos, voice recordings, or health data off your device.

  • We do not use any third-party analytics SDKs (e.g. Firebase Analytics, Mixpanel, Amplitude).

  • We do not send crash reports or usage data to any third-party service. If the app crashes, an anonymous error message is sent to SUGI's own server only — with no user identifier.

  • We do not build advertising profiles.

  • We do not sell, rent, or share your data with any third party, ever.

  • We do not store your condition type, mood scores, symptoms, notes, or progress photos on any server — all health data stays on your device only.

5. Anonymous crash reporting & usage statistics

To help us fix bugs and improve the app, SUGI collects two categories of anonymous technical data. Neither contains any user identifier, device identifier, IP address, or personal information:

  • Crash reports — if the app crashes, an error message and stack trace (developer-readable code location) is sent to SUGI's own server. No personal data is included.

  • Screen usage counts — when you open a screen, an anonymous event name (e.g. "screen:community") is logged server-side. No session identifier or sequence data is stored.

This processing is carried out under our legitimate interest (GDPR Art. 6(1)(f)) in maintaining a functional and safe application. You may opt out by disabling network access for the app.

6. Community & Stories — public content

When you post in the Community or Stories sections, your post content and your chosen nickname are stored on SUGI's server and visible to all SUGI users.

Before your first public post, the app will ask you to confirm you understand this. You can delete any post you have made at any time from within the app.

Please do not include your real name, contact details, home address, school, workplace, or any other information that could identify you in a public post.

Content moderation: All posts are screened automatically before being saved. Posts containing hate speech, slurs, targeted harassment, or calls for self-harm are rejected and not stored.

7. Special category (health) data under GDPR Article 9

Several data types are classified as 'special category' data under GDPR Article 9 because they relate to your physical or mental health: condition type, treatments explored, daily check-in scores, symptom tags, and check-in notes.

All special category data is stored exclusively on your device and is never transmitted to any server. Processing requires explicit consent under Article 9(2)(a), which you give during onboarding. You may withdraw this consent at any time by deleting all your data (see Section 10).

8. Children and minors

SUGI is intended for users aged 18 and over. We comply with the US Children's Online Privacy Protection Act (COPPA), the UK Age Appropriate Design Code, and GDPR Article 8.

Health data (mood, check-ins, condition type) is stored only on the device and is never transmitted to SUGI. The Community and Stories features involve server-side storage of posts. Parents and guardians of users under 18 should supervise use of the Community and Stories sections.

All data — both local and server-side — can be deleted at any time using the method described in Section 10.

9. How your data is stored and secured

Local data (health information, roadmap, voice notes, photos):

  • Stored in your phone's on-device storage (AsyncStorage and document folder).

  • Not encrypted at the application layer beyond your device OS encryption.

  • May be included in iCloud or Google device backups — disable in device Settings if preferred.

Server data (community posts, stories, anonymous device ID):

  • Transmitted over HTTPS (TLS 1.2+). Never sent in plaintext.

  • Stored in a PostgreSQL database. Device tokens are stored as SHA-256 hashes only — the original token is never held server-side.

  • No passwords or payment details are stored.

  • Rate limiting is applied to prevent spam: a maximum of 10 posts per hour per device.

10. Your rights and how to delete your data

Under GDPR you have the right to access, correct, erase, and receive a portable copy of your data. To exercise these rights:

  1. Open the app and go to the Profile tab.

  2. Scroll to the bottom and tap "Delete all my data".

  3. Confirm in the dialog. All local data is erased immediately. All server-side posts, stories, and your anonymous device identity are also deleted from SUGI's server at the same time.

You may also delete individual community posts and stories from within the app at any time without deleting your entire account.

Alternatively, uninstalling SUGI removes all locally stored data. Note that iCloud or Google backups may retain a copy until those backups are also deleted. Server-side data (community posts and stories) will remain until you use "Delete all my data" or delete individual posts.

11. Permissions the app requests

SUGI may request the following device permissions. All are optional:

  • Microphone — Voice Notes feature only. Audio is saved locally only, never uploaded.

  • Photo library (read) — importing progress photos only. Photos are saved locally only, never uploaded.

  • Camera — taking progress photos only. Photos are saved locally only, never uploaded.

You may revoke any permission at any time in your device's Settings app.

12. Fonts loaded at startup

SUGI loads custom fonts (Inter, Outfit, Playfair Display, Pacifico) via the @expo-google-fonts package. Font files are bundled inside the app — no network request is made to Google Fonts or any external server at runtime.

13. Data controller

SUGI is operated as a sole trader / indie application. The data controller responsible for your information is the developer of SUGI, reachable at:

Email: support@sugi.pro
Website: www.sugi.pro

14. How long we keep your data

  • Community posts, stories, and your nickname — kept until you delete them individually or use "Delete all my data".

  • Anonymous device identifier (hash) — deleted immediately when you use "Delete all my data".

  • Crash reports — retained for up to 12 months, then automatically deleted.

  • Usage event logs — retained for up to 90 days in server logs, then rotated.

  • Local data (mood logs, check-ins, roadmap, voice notes, photos) — stored on your device until you uninstall the app or use "Delete all my data".

15. Your privacy rights

Regardless of where you live, you have the following rights:

  • Right to access — request a copy of the data we hold about you.

  • Right to rectification — ask us to correct inaccurate data.

  • Right to erasure — delete all your data at any time from the Profile tab, or email us.

  • Right to data portability — request your community posts and stories in a machine-readable format. Email support@sugi.pro.

  • Right to object — object to processing based on legitimate interest (e.g. crash reporting). Email us and we will discuss how to accommodate this.

To exercise any of these rights, email support@sugi.pro. We will respond within 30 days.

16. Contact

For questions about this policy, to exercise your rights, or if you are a parent or guardian with concerns:

Email: support@sugi.pro
Website: www.sugi.pro

We aim to respond within 30 days.

17. Changes to this policy

We may update this policy. When we do, we will update the date at the top of this page. Where changes are material, we will notify you within the app. Continued use of SUGI after changes are posted means you accept the updated policy.