App · Privacy · GDPR
SevenGrid App Privacy Policy
Last updated: May 23, 2026 · preliminary until v1.0 launch
This page is a preliminary statement. The full, legally binding privacy policy for the SevenGrid mobile app will be published with the v1.0 launch on the Google Play Store. Until then, the app is in internal testing and not publicly available.
The privacy policy for the marketing website sevengrid.app is independent and already live: → Website privacy policy.
What is already certain
SevenGrid is designed as a local-first app. All habit data, weekly reflections, settings, and note content are stored exclusively in an SQLite database on your device. There is no account, no login, no cloud sync, and no central user database.
Data categories processed (in detail with v1.0)
- Habit data: habit names, colors, icons, weekly goals, check-ins, streaks. Stay on your device.
- Weekly reflections: three free-text fields plus a mood value. Stay on your device.
- App settings: theme, language, reminder time, quiet hours. Stay on your device.
- Crash reports: via Sentry, EU region (Frankfurt). Anonymized (no IP logging, no user tags,
sendDefaultPii: false). Purpose: improve stability. - Pro purchase validation: via RevenueCat (USA, EU-US Data Privacy Framework certified). An anonymized app-user ID, no profile data. Purpose: validate the lifetime one-time SevenGrid Pro upgrade.
- Google Play: app distribution and in-app-purchase processing. Data processing according to the Google Privacy Policy.
- Android Auto-Backup: the app's database may by default be included in your personal Google Drive backup (end-to-end-encrypted with your Google account key, which Google itself cannot read). You can disable this per app in your Android system settings at any time.
What there is definitely NOT
- No tracking, no targeting, no advertising IDs.
- No analytics (no Google Analytics, no Firebase Analytics, no Mixpanel, no Amplitude).
- No newsletter signup, no mailing list, no marketing push notifications.
- No sharing of habit or reflection content with third parties. Ever.
- No AI model, no LLM, no cloud service sees your reflection texts.
Legal basis (preliminary overview)
Processing of local app data is based on contract performance (Art. 6 (1) (b) GDPR) and legitimate interests (Art. 6 (1) (f) GDPR) in providing a functional app. Crash reports and Pro purchase validation are likewise based on legitimate interest (stable app delivery, technically necessary validation of the one-time purchase).
Controller
Full provider information in the imprint.
Until the final version
Questions about data processing are answered personally at sevengrid@byteside.io, usually within 48 hours. A GDPR Art. 15 access request can be made free of charge at any time, even during this preliminary phase. The final, complete statement covering all mandatory disclosures (retention periods, data-subject rights, supervisory authority, etc.) will be published alongside the Google Play listing for the v1.0 launch.