If you are located in Turkey, this entity acts as the data controller (veri sorumlusu) within the meaning of the Turkish Personal Data Protection Law No. 6698 (KVKK).
01
Overview
This privacy policy describes how the LockdIn application ("App") processes data related to its users. By using the App, you acknowledge the practices described in this policy.
Our core principle is minimal data access: we only process data that is strictly necessary for the App to function, and we do not sell it to any third party.
02
Data We Process
The App does not collect directly identifying personal data such as your name, email address, phone number, or location.
The App may process the following categories of data, which may qualify as personal data under applicable law depending on their technical configuration:
Pseudonymous or anonymous usage data — in-app interactions, screen views, and feature usage statistics collected via PostHog. This data may include device identifiers or IP addresses processed in anonymised or pseudonymised form.
Subscription status — managed entirely through Google Play Store. This data is processed directly by Google; we receive only a subscription state flag (active / inactive) and have no access to your payment details.
Even where device or usage data is processed, it is configured to minimise the ability to identify you directly. However, under KVKK and GDPR, pseudonymous data may still be considered personal data if re-identification is technically possible.
03
Legal Basis for Processing
We process data on the following legal grounds:
Performance of a contract — subscription status is processed to provide the service you have purchased (KVKK Art. 5(2)(c); GDPR Art. 6(1)(b)).
Legitimate interests — anonymous and pseudonymous analytics are processed to improve App stability and user experience. We have assessed that this interest is not overridden by your privacy rights given the minimal nature of the data (KVKK Art. 5(2)(f); GDPR Art. 6(1)(f)).
04
Camera Permission
The App requests access to your device's camera to enable certain features.
The camera is only active while you are actively using the relevant feature — it is never accessed in the background.
Photos and images captured via the camera are stored locally on your device and are never transmitted to our servers or any third party.
Image data is not subject to biometric analysis, facial recognition, or AI-based processing of any kind.
Image data is used solely to operate the feature you requested and is not processed for any other purpose.
You may revoke this permission at any time through your device's Settings.
05
Storage Permission
The App may require storage permission to save content to your device or access content already stored on it.
Any data accessed in this process remains under your sole control and is never transmitted to our servers.
06
Analytics (PostHog)
We use PostHog to help us understand how the App is used and where it can be improved.
Data is collected in anonymised or pseudonymised form, configured to prevent direct identification.
It covers which features are used and general in-app behaviour patterns.
It is never sold or shared with third parties beyond PostHog's role as a data processor.
PostHog acts as a data processor on our behalf and is contractually bound to process data only for the purposes we specify.
Subscription Billing (Google Play & Apple App Store)
Subscription transactions are processed through Google Play Store or Apple App Store infrastructure, depending on your platform. Your payment information is handled exclusively by Google or Apple — we have no access to it. We receive only a subscription status indicator.
Some of our third-party service providers — including PostHog and Google — may process data on servers located outside Turkey or the European Economic Area.
PostHog offers EU-region hosting options; our configuration prioritises data residency within the EU where possible.
Google operates globally under standard contractual clauses and adequacy mechanisms recognised under applicable law.
Where data is transferred internationally, we take reasonable steps to ensure that adequate safeguards are in place consistent with KVKK Article 9 and GDPR Chapter V requirements.
09
Data Retention
We retain data only for as long as necessary for the purposes described in this policy:
Analytics data (PostHog) — retained for up to 12 months, after which it is automatically deleted or further anonymised.
Subscription status — retained for the duration of your subscription and for a reasonable period thereafter as required by applicable law.
Camera and storage data — not retained by us; processed transiently on-device only.
10
Data Security
We implement appropriate technical and organisational measures to protect the data we process. Because we do not collect directly identifying personal data, the risk of a personal data breach causing significant harm is substantially reduced.
Analytics data transmitted to PostHog is encrypted in transit and stored within infrastructure that meets industry-standard security requirements.
11
Your Rights
Under KVKK (Article 11) and GDPR (Articles 15–22), you have the following rights regarding your data:
Right of access — you may request confirmation of whether we process data relating to you and obtain a copy.
Right to rectification — you may request correction of inaccurate data.
Right to erasure — you may request deletion of your data where it is no longer necessary for the purposes for which it was collected.
Right to restrict processing — you may request that we limit how we use your data in certain circumstances.
Right to object — you may object to processing based on legitimate interests.
Right to data portability — where applicable, you may request your data in a structured, machine-readable format.
Given that we do not collect directly identifying information, some rights may be difficult to exercise in practice (e.g., we cannot link an erasure request to an anonymous analytics record). In such cases, we will explain the limitation and assist as far as technically possible.
To exercise any of these rights, please contact us at the address listed in Section 00 or Section 14. We will respond within 30 days.
If you are located in the European Economic Area and believe your rights under GDPR have been violated, you have the right to lodge a complaint with the supervisory authority of your EU member state (e.g., CNIL in France, BfDI in Germany, ICO in Ireland, AEPD in Spain).
12
Children's Privacy
The App is not directed at children under the age of 18. We do not knowingly collect or process personal data from minors. If you believe a minor has used the App and data has been collected in violation of this policy, please contact us and we will take prompt action.
13
Changes to This Policy
We may update this privacy policy from time to time to reflect changes in the App or applicable law. If we make significant changes, we will notify you via an in-app notification. The current version is always available on this page, with the "Last updated" date revised accordingly.
14
Contact
For any questions, requests, or complaints regarding this privacy policy or the processing of your data, please contact us:
If you are located in Turkey and believe your rights under KVKK have been violated, you also have the right to lodge a complaint with the Personal Data Protection Authority (Kişisel Verileri Koruma Kurumu — KVKK): kvkk.gov.tr.
15
United States — California & State Privacy Rights
If you are a resident of California or another US state with applicable privacy legislation (including Virginia, Colorado, Texas, and others), you may have additional rights under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), or the relevant state law.
Right to know — you may request disclosure of the categories and specific pieces of personal information we have collected about you, the purposes for which it is used, and any third parties with whom it is shared.
Right to delete — you may request deletion of personal information we have collected from you, subject to certain exceptions.
Right to correct — you may request correction of inaccurate personal information.
Right to opt out of sale or sharing — we do not sell your personal information or share it for cross-context behavioural advertising purposes. No opt-out is required, but you may contact us to confirm this practice.
Right to non-discrimination — we will not discriminate against you for exercising any of your privacy rights.
We do not sell personal information. The anonymous and pseudonymous analytics data processed via PostHog is not used for targeted advertising and does not constitute a sale or sharing of personal information under CCPA/CPRA.
Regarding children: the App is not directed at children under the age of 13 and does not knowingly collect personal information from children under 13, in compliance with the Children's Online Privacy Protection Act (COPPA). Our general policy of not accepting users under 18 is a broader business decision.
To exercise your California or US state privacy rights, please contact us at the address in Section 14. We will respond within 45 days as required by law.
16
Brazil — LGPD Rights
If you are located in Brazil, the processing of your personal data is also governed by the Lei Geral de Proteção de Dados (LGPD — Law No. 13,709/2018). We process your data on the following legal bases under LGPD Article 7:
Contract performance (Art. 7, V) — subscription status is processed to provide the service you have purchased.
Legitimate interest (Art. 7, IX) — anonymous and pseudonymous analytics are processed to improve App stability and user experience, balanced against your privacy rights given the minimal nature of the data.
Under the LGPD, you have the following rights (Art. 18):
Confirmation and access — you may confirm whether we process your data and request a copy.
Correction — you may request correction of incomplete, inaccurate, or outdated data.
Anonymisation, blocking, or deletion — you may request anonymisation, blocking, or deletion of unnecessary or excessive data, or data processed in non-compliance with LGPD.
Portability — you may request portability of your data to another service or product provider.
Deletion — you may request deletion of personal data processed with your consent.
Information about sharing — you may request information about public and private entities with which we share your data.
Right to object — you may object to processing carried out on the basis of legitimate interest.
Revocation of consent — where processing is based on consent, you may revoke it at any time.
If you believe your rights under LGPD have been violated, you have the right to lodge a complaint with Brazil's national data protection authority, the Autoridade Nacional de Proteção de Dados (ANPD): gov.br/anpd.
17
Asia-Pacific Jurisdictions
We are committed to complying with applicable privacy laws in the Asia-Pacific region. The following provides jurisdiction-specific information:
Japan (APPI) — If you are located in Japan, we process your data in accordance with the Act on the Protection of Personal Information (APPI). The purpose of processing your data is described in Section 02. You may request disclosure, correction, or deletion of your personal information by contacting us at the address in Section 14.
South Korea (PIPA) — If you are located in South Korea, we process your data in accordance with the Personal Information Protection Act (PIPA). You have rights to access, correction, deletion, and suspension of processing of your personal information. Requests may be submitted to us at the address in Section 14. For unresolved complaints, you may contact the Personal Information Protection Commission (PIPC): pipc.go.kr.
India (DPDP Act 2023) — If you are located in India, we process your personal data in accordance with the Digital Personal Data Protection Act, 2023. You have the right to obtain information about processing, correction, and erasure of your personal data, and to grieve against our decisions. Requests may be submitted to our contact address in Section 14.
China (PIPL) — The App is not intentionally directed at users in the People's Republic of China. If you are located in China and use the App, please note that we do not maintain a local representative in China as required by the Personal Information Protection Law (PIPL) for large-scale processors. We recommend consulting local legal advice before using the App.
Australia (Privacy Act) — If you are located in Australia, we handle your personal information in accordance with the Privacy Act 1988 and the Australian Privacy Principles (APPs). You may contact us to access or correct your personal information, or to make a complaint. Unresolved complaints may be referred to the Office of the Australian Information Commissioner (OAIC): oaic.gov.au.
18
Other Regions
If you are located in a jurisdiction not specifically addressed in this policy, we process your data in accordance with the applicable local privacy law of your region. Where required by local law, we will provide additional disclosures or obtain necessary consents.
We aim to apply the principles of data minimisation, purpose limitation, and transparency globally, regardless of whether your jurisdiction has specific legislative requirements.
For jurisdiction-specific questions or to exercise any applicable privacy rights not addressed above, please contact us using the details in Section 14.
Terms of Use at a glance
LockdIn
Terms of Use
Effective Date: April 25, 2026
Last Updated: April 25, 2026
Applicable Worldwide
Welcome to LockdIn. By downloading, installing, or using this application, you agree to be bound by these Terms of Use ("Terms"). Please read them carefully. These Terms apply to all users of LockdIn regardless of your country or region of residence.
T01
About LockdIn
LockdIn is a productivity application designed to help users focus through structured, timer-based work sessions. The app includes the following core features:
Timer-based focus sessions
Photo capture and attachment to sessions
Session history and productivity analytics
LockdIn is intended for personal, non-commercial use only.
T02
License Grant
Subject to your compliance with these Terms, LockdIn grants you a limited, revocable, non-exclusive, non-transferable, non-sublicensable license to download, install, and use the application solely for your personal, non-commercial purposes.
This license does not include any right to:
Sublicense, sell, resell, transfer, assign, or commercially exploit the app
Modify, adapt, translate, or create derivative works based on the app
Reverse engineer, decompile, disassemble, or otherwise attempt to derive the source code of the app
Remove, alter, or obscure any proprietary notices or labels within the app
This license is automatically revoked if you violate any of these Terms. Upon revocation, you must cease all use of the app and delete it from your devices.
T03
Eligibility & Age Requirements
You must be at least 13 years of age to use LockdIn. Users in jurisdictions where the minimum digital age of consent is higher (such as 16 in certain EU member states) must meet that higher local requirement.
By using LockdIn, you represent and warrant that you meet the applicable age requirement in your jurisdiction. If you are a minor, you confirm that you have obtained the consent of a parent or legal guardian.
LockdIn does not knowingly collect personal data from children under the applicable minimum age. If we become aware that a user is under the required age, we will take steps to discontinue service to that user.
T04
Device Permissions, Data Storage & Privacy
4.1 Local-First Architecture
LockdIn is built on a local-first principle. All user-generated content — including notes, photos, session records, and personal preferences — is stored exclusively on your device. This data is never uploaded to or accessible by LockdIn's servers.
Important consequences of this architecture:
Your personal content is entirely private and under your control
Uninstalling the app will permanently delete all locally stored data
We are unable to recover any data lost due to device failure, factory reset, or accidental deletion
4.2 Camera Access
LockdIn may request access to your device's camera solely for the purpose of capturing photos to attach to your focus sessions. Camera access is:
Always subject to your explicit permission via your device's operating system permission prompt
Used exclusively within the app for session photo capture — never for background access, surveillance, or any other purpose
Never used to transmit images to external servers; all photos captured through LockdIn remain stored locally on your device at all times
You may revoke camera permission at any time through your device's system settings. Revoking this permission will disable the photo capture feature but will not affect any other functionality of the app.
4.3 Notifications
LockdIn may request permission to send push notifications to your device in order to deliver timer alerts, session reminders, and other productivity-related prompts. Notification access is:
Always subject to your explicit permission via your device's operating system
Used solely to support core timer functionality and session management
Never used for third-party advertising or unsolicited marketing communications
You may enable or disable notifications at any time through your device's system settings (Settings → Notifications → LockdIn). Disabling notifications will not affect your locally stored data or other app features.
4.4 Analytics (PostHog)
LockdIn uses PostHog to collect pseudonymous, device-level usage analytics. PostHog assigns a randomly generated identifier that is not directly linked to a user's name, email address, account identity, or any other directly identifying information. This identifier is used solely to aggregate usage patterns and improve app performance.
Data collected through analytics may include:
Feature usage patterns and session frequency
App performance metrics and crash reports
General interaction data (e.g., which screens are visited)
No names, email addresses, precise location data, photos, or session content are ever collected or transmitted. For more information on PostHog's data practices, please visit posthog.com/privacy.
4.5 Subscription & Payment
Premium features, if any, are purchased through the Apple App Store or Google Play Store. LockdIn does not directly collect, process, or store any payment information. All billing, subscription management, and refunds are governed exclusively by the applicable platform's terms and policies.
4.6 International Data Transfers
Analytics data processed by PostHog may be transferred to and stored in countries other than your country of residence, including the United States. Such transfers are conducted in accordance with applicable data protection laws, including Standard Contractual Clauses (SCCs) where required under GDPR and equivalent mechanisms under other applicable frameworks.
T05
Regional Privacy Rights
Depending on your country or region of residence, you may have additional rights with respect to your data. Because LockdIn stores all user content locally on your device and does not collect directly identifying personal data, most data subject rights can be exercised directly by managing or deleting the app on your device. For analytics-related requests, contact us at the address in Section 19.
[ European Union & EEA — GDPR ]
If you are located in the European Union or European Economic Area, you have rights under the General Data Protection Regulation (GDPR), including the right to access, rectification, erasure, restriction of processing, data portability, and the right to object to processing.
Regarding our legal basis for analytics processing: where required by applicable law (including the ePrivacy Directive), we rely on your consent. Otherwise, we may rely on our legitimate interest in improving app performance and usability (Article 6(1)(f) GDPR). You may withdraw consent or object to processing at any time by contacting us.
[ United States — CCPA / CPRA (California) ]
If you are a California resident, the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) may apply. LockdIn does not sell or share your personal information. The pseudonymous analytics identifiers assigned by PostHog are not used for cross-context behavioral advertising. You have the right to know, delete, and opt-out of sale (not applicable here). To submit a privacy request, contact us at the address in Section 19.
[ United States — COPPA ]
LockdIn does not knowingly collect personal information from children under 13 in the United States, in compliance with the Children's Online Privacy Protection Act (COPPA). If you believe a child under 13 has provided personal information through the app, please contact us immediately.
[ Brazil — LGPD ]
If you are located in Brazil, the Lei Geral de Proteção de Dados (LGPD) may apply. You have the right to access, correct, delete, and port your personal data, as well as to revoke consent for processing. Because LockdIn stores all personal content locally and only processes pseudonymous analytics data, most of these rights can be exercised by managing your device directly. For analytics-related requests, contact us at the address in Section 19.
[ Russia — Federal Law No. 242-FZ ]
LockdIn acknowledges Russia's data localization requirements under Federal Law No. 242-FZ. As LockdIn does not collect personal data from Russian users (all content is stored locally on your device), and analytics data is pseudonymous and not tied to an identified individual, we do not store personal data of Russian users on foreign servers.
[ Indonesia — Personal Data Protection Law (UU PDP 2022) ]
If you are located in Indonesia, your use of LockdIn is subject to Indonesia's Personal Data Protection Law (UU PDP 2022). LockdIn processes only pseudonymous analytics data and does not collect personal data as defined under UU PDP. You retain full control over your personal content, which is stored solely on your device.
[ Asia-Pacific — Other Jurisdictions ]
LockdIn respects applicable privacy laws across Asia-Pacific jurisdictions, including but not limited to the Personal Information Protection Law (PIPL) in China, the Personal Data Protection Act (PDPA) in Singapore and Thailand, the Privacy Act in Australia, and the Act on the Protection of Personal Information (APPI) in Japan. In all cases, LockdIn's local-first design means that no directly identifiable personal data is collected or transferred internationally.
T06
User Content
You retain full ownership of all content you create within LockdIn, including written notes and photos. This content exists solely on your device, and LockdIn has no access to it.
You agree not to use LockdIn to create or store content that is:
Illegal under any applicable local, national, or international law
Infringing upon the intellectual property rights of any third party
Harmful, abusive, threatening, defamatory, or obscene
T07
Intellectual Property
LockdIn and all associated content, trademarks, design, source code, features, and branding are the exclusive intellectual property of the developer. These Terms do not grant you any right, title, or interest in LockdIn's proprietary materials beyond the limited license described in Section 2.
T08
No Guarantee of Outcomes
LockdIn is a productivity assistance tool. It does not guarantee any specific productivity, academic, professional, personal, or health-related outcomes. Results vary depending on individual usage patterns and personal circumstances.
We make no representations that use of LockdIn will result in improved focus, performance, or wellbeing. You use the app at your own discretion and risk.
T09
Subscriptions & Purchases
LockdIn may offer optional premium features via in-app subscriptions processed through the Apple App Store or Google Play Store. By subscribing, you agree to the billing terms of the applicable platform.
Subscriptions automatically renew unless cancelled at least 24 hours before the end of the current billing period
All cancellation and refund requests must be directed to the respective app store
We reserve the right to modify, suspend, or discontinue premium features with reasonable prior notice
T10
Acceptable Use
You agree not to use LockdIn to:
Violate any applicable local, national, or international law or regulation
Violate Apple App Store or Google Play Store policies
Distribute spam, malware, or any harmful or malicious content
Attempt to gain unauthorized access to any part of the app or its underlying systems
Use automated tools, bots, or scripts to interact with the app
Interfere with or disrupt the integrity or performance of the app
Impersonate any person or entity or misrepresent your affiliation with any person or entity
T11
Disclaimer of Warranties
LockdIn is provided on an "AS IS" and "AS AVAILABLE" basis. To the fullest extent permitted by applicable law, we disclaim all warranties, express or implied, including but not limited to implied warranties of merchantability, fitness for a particular purpose, accuracy, and non-infringement.
We do not warrant that the app will operate uninterrupted, error-free, or free from malicious components. Your use of LockdIn is entirely at your own risk.
T12
Limitation of Liability
To the maximum extent permitted by applicable law, the developer and its affiliates shall not be liable for any indirect, incidental, special, consequential, or punitive damages — including loss of data, loss of profits, or loss of goodwill — arising out of or in connection with your use of or inability to use LockdIn.
Because all personal content is stored locally on your device, we expressly disclaim liability for any data loss resulting from device failure, app deletion, or operating system updates, except where such loss is caused by our gross negligence or willful misconduct.
Nothing in these Terms excludes or limits liability for: gross negligence, fraud, willful misconduct, death or personal injury caused by our negligence, or any other liability that cannot be excluded or limited under applicable mandatory law.
Some jurisdictions do not allow the exclusion or limitation of certain warranties or liabilities. In such jurisdictions, our liability is limited to the maximum extent permitted by law.
T13
Indemnification
You agree to indemnify, defend, and hold harmless the developer from and against any claims, liabilities, damages, losses, and expenses (including reasonable legal fees) arising out of or in any way connected with your use of LockdIn, your violation of these Terms, or your violation of any rights of a third party.
T14
Force Majeure
We shall not be liable for any failure or delay in performance of our obligations under these Terms to the extent caused by circumstances beyond our reasonable control, including but not limited to: acts of God, natural disasters, pandemic, war, civil unrest, government action, power or internet outages, or third-party service failures.
T15
Changes to These Terms
We reserve the right to update these Terms at any time. When we make material changes, we will update the "Last Updated" date at the top of this document and, where feasible, provide in-app notification.
Your continued use of LockdIn after any changes constitutes your acceptance of the revised Terms. If you do not agree with the updated Terms, you must discontinue use of the app.
T16
Termination
We reserve the right to suspend or terminate your access to LockdIn where we reasonably determine that you have materially violated these Terms or applicable law. Where practicable, we will provide notice before taking such action.
Upon termination, the license granted to you under Section 2 will immediately cease. Since your content is stored locally, it will remain on your device until you choose to delete it.
T17
Governing Law & Dispute Resolution
These Terms are governed by and construed in accordance with the laws of the Republic of Turkey, without regard to its conflict of law provisions.
Any disputes arising under or in connection with these Terms shall first be attempted to be resolved through good-faith negotiation. If unresolved within 30 days, disputes shall be submitted to the exclusive jurisdiction of the courts of İzmir, Turkey.
Notwithstanding the above, nothing in this section limits your rights to bring claims under mandatory consumer protection laws applicable in your country of residence. Users in the European Union retain the right to seek remedies before their local courts and to use the EU Online Dispute Resolution platform (ec.europa.eu/consumers/odr).
T18
Severability & Entire Agreement
If any provision of these Terms is found to be unenforceable or invalid under applicable law, that provision will be modified to the minimum extent necessary to make it enforceable, or severed if modification is not possible, without affecting the validity of the remaining provisions.
These Terms constitute the entire agreement between you and LockdIn with respect to your use of the app, and supersede all prior agreements or understandings.
T19
Contact
If you have any questions, concerns, or data rights requests relating to these Terms or your privacy, please contact us at:
legal@lockdin.app
We aim to respond to all inquiries within 30 days. For GDPR or KVKK-related requests, please indicate the nature of your request in the subject line.
— Thank you for using LockdIn.
O00
Other Legal Documents
Add additional legal pages here as separate sections (for example Privacy Notice, Cookie Policy, Distance Sales Agreement, etc.).
You can keep all legal documents in this one GitHub Pages file and navigate with the top tabs.