Spoons — Privacy Policy

Contact: privacy@getspoons.app or hello@getspoons.app

Read This First (60 seconds)

In the app: We collect nothing. Your spoon logs live on your phone. Even if we wanted to see them, we couldn't. They're not on our servers.

The app updates through app stores but has no internet connection. It can't send your data anywhere.

On the website: Your email (only if you join the waitlist or contact us). That's it.

No cookies to opt in. No sneaky data collection. No tracking which pages you visit. This keeps the website fast and secure.

We never: Sell your data. Show ads. Track you.

You can:

• Unsubscribe: Click the link at the bottom of any email
• Delete logs: Uninstall the app (logs only exist on your device)
• Delete support emails: Email privacy@getspoons.app

Questions? privacy@getspoons.app

1) Overview

There is no data to handle. It never reaches us and we never see it.

In the app: Zero data collection. Your spoon logs live on your device. The app updates through app stores but has no internet connection. It can't send your data anywhere.

Even if we wanted to see your logs, we couldn't. They don't exist on our end.

On the website: No cookies. No sneaky advertisements. No invasive pop-ups.

Just your email for two things:

1. Waitlist (one email when Spoons launches)
2. Optional blog updates (energy tracking tips, burnout posts - you choose, unsubscribe anytime)

Nothing else.

Why trust us? This isn't just a promise. It's legally binding. If we break it, you can sue us.

Our website already has 0 trackers and will always remain that way. We built the app with no server connection - we can't change that without rebuilding from scratch, which we'll never do.

Why We Built It This Way

Other autism apps have neurotypical assumptions baked in from day one. Sketchy data collection. Strongly steered toward parents of autistic children. NOTHING for us.

We built Spoons specifically for autistic adults to be completely reliable and work at 0 spoons.

Our first decisions:

Offline-first. No server connection. Your data never leaves your device.

Usable in under 8 seconds. To avoid meltdowns and shutdowns like most apps cause. We minimized friction entirely to work in crisis moments at 0 spoons.

We didn't want to promise to protect your data.

We wanted to make it impossible for us to access it in the first place.

Other apps make vague promises about data protection. Professional wording disguised as lying.

This isn't a promise. It's how we built the app.

2) What Data We Collect

A) In the Spoons App: ZERO

We do NOT collect:

• ❌ Your spoon logs (stored on your device only)
• ❌ Your location
• ❌ Your device information
• ❌ Your usage patterns
• ❌ Any analytics or tracking data
• ❌ Any personal information whatsoever

The app works completely offline and never sends data to any server.

B) On the Website: Minimal

1. Email Address (Optional - Waitlist Only)

When: If you sign up for the waitlist at getspoons.app

What we collect:

• Your email address
• Signup date

How we use it:

• Send app launch announcement
• Send optional weekly updates (unsubscribe anytime)

Where stored: Mailchimp

Your control: Click "unsubscribe" in any email or email privacy@getspoons.app

2. Search Performance Data (Google Search Console)

When: People find your site through Google search

What we collect: We use Google Search Console to see how people find us through search. This shows us:

• Search queries that led to our site ("spoons tracker," "autism energy," etc.)
• Which pages got clicked from search results
• Country where the searcher is located (general, not precise)
• Device type used for the search (desktop/mobile/tablet)
• Search performance (how many times we appeared in search, how many clicked)

This is search performance data, not on-site tracking. We see what brought you here from Google, but not what you do once you're on the site.

What we DON'T collect:❌ Your IP address❌ Which pages you visit once you're on the site❌ How long you stay❌ Where you click❌ Personal identifiers❌ Cross-site tracking❌ Advertising profiles

How we use it: See which blog posts attract search traffic. Understand what autistic adults are searching for. That's it.

Provider: Google Search Console - Privacy: https://policies.google.com/privacy

3. Support Emails

When: If you email hello@getspoons.app or privacy@getspoons.app

What we collect:

• Your email address
• Your message content
• Any attachments (e.g., screenshots)

How we use it:

• Answer your question
• Fix bugs
• Improve the app

Where stored: Proton Mail (privacy-focused email provider with encryption at rest)

Retention: 2 years, then deleted

4. Subscription Data: We Don't Collect It

Billing is handled by Apple and Google:

• They collect your payment info (we never see it)
• They tell us only: "This anonymous user has an active subscription"
• We never know your name, payment method, or personal details

For Apple's privacy: https://www.apple.com/legal/privacy/
For Google's privacy: https://policies.google.com/privacy

3) How We Use Your Data

Email addresses:

• Send waitlist updates
• Respond to support requests
• That's it. Nothing else.

Website analytics:

• Understand which blog posts are helpful
• Fix broken pages
• That's it. Nothing else.

We will NEVER:

• ❌ Sell your data
• ❌ Use it for advertising
• ❌Share it (except with service providers: Mailchimp for emails, Proton for support emails, Webflow for website hosting)
• ❌ Track you across other sites
• ❌ Build profiles about you

4) How We Protect Your Data

In the app:

• Your logs never leave your device = nothing to protect on our end
• No account = no password to steal
• No cloud = no cloud breaches

Email & website:

• HTTPS encryption
• Mailchimp security (industry standard)
• Proton Mail encryption (end-to-end for support emails)

What we can't protect:

• Exports you share with others
• Device backups (iCloud/Google Drive) if you enable them
• Your device security (use a passcode!)

5) Third-Party Services

App Distribution:

• Apple App Store - Privacy: https://www.apple.com/legal/privacy/
• Google Play - Privacy: https://policies.google.com/privacy

Website & Email:

• Webflow (website hosting) - Privacy: https://webflow.com/legal/privacy
• Mailchimp (waitlist emails) - Privacy: https://www.intuit.com/privacy/statement/
• Proton Mail (support emails) - Privacy: https://proton.me/legal/privacy
• Make/Integromat (connects website to Mailchimp) - Privacy: https://www.make.com/en/privacy

Important: These services have their own policies. None of them see your spoon logs (because we don't have them either).

6) Your Rights

Access Your Data

Email privacy@getspoons.app with subject: "Data Access Request"

We'll send you:

• Your email address (if you joined waitlist)
• Signup date
• Any support emails you sent

Note: Your spoon logs aren't included because we don't have them

Delete Your Data

• Waitlist email: Click "unsubscribe" in any email
• Everything: Email privacy@getspoons.app with subject: "Delete My Data"
• Spoon logs: Uninstall the app (they're only on your device)

Timeline: Within 30 days (usually 48 hours)

Export Your Data

• Spoon logs: Tap "Export" in app settings (CSV)
• Email data: Email privacy@getspoons.app with subject: "Export My Data"

Regional Rights

European Union / UK (GDPR):

• Right to access, delete, export (covered above)
• Right to restrict processing
• Right to object to processing
• Right to complain to your Data Protection Authority

California (CCPA):

• Right to know, delete, opt-out of sale
• We don't sell data, so opt-out is automatic

Brazil (LGPD):

• Right to access, correct, delete
• Right to data portability

Australia:

• Right to access and correct
• Complaint to OAIC if needed

All regions:

• Your local privacy laws apply
• Email privacy@getspoons.app to exercise rights

7) Data Retention

Spoon logs: On your device until you delete them

Email addresses: Until you unsubscribe (then deleted within 30 days)

Support emails: 2 years, then deleted

Website analytics: Aggregate data for 2 years (no personal identifiers)

‍

If Spoons closes or I'm unable to run it:

I will never sell Spoons to another company. This is a personal commitment, not a business strategy.

If Spoons must shut down (death, disability, or unforeseen circumstances):

- All waitlist subscribers will be emailed 90 days before shutdown (or as soon as legally possible)

- All email addresses will be permanently deleted within 30 days

- Support emails will be deleted within 30 days

- There will be no "acquisition" or "transfer to new ownership"

- Your spoon logs remain unaffected (they're only on your device)

In the unlikely event of forced company transfer (legal judgment, estate issues):

- The acquiring party must agree to these exact privacy terms OR all data is deleted before transfer

- You will be notified with maximum advance notice

- You will have the option to delete your email from our list before any transfer

This is legally binding.

8) Children's Privacy

Age requirement: 13+

We don't knowingly collect data from children under 13.

If we discover a child under 13 provided data, we delete it immediately.

Parents: Contact privacy@getspoons.app if concerned.

Note: Spoons is designed for autistic adults, but teens 13+ can use it. If you're under 18, consider discussing the app with a parent or trusted adult - they might find it helpful to understand how your energy works.

9) International Users

Where your data lives:

• Spoon logs: On your device (whatever country you're in)
• Emails: Mailchimp servers (US and EU regions)
• Support: Proton servers (Switzerland - strong privacy laws)

If you're in the EU or UK:

• Full GDPR protections apply to your data
• Data transfers to US use Standard Contractual Clauses (legal agreements requiring US companies to protect your data at EU standards)
• You can request your data stay in EU-only servers - email privacy@getspoons.app

If you're in another country:

• Your local privacy laws apply
• Email privacy@getspoons.app to exercise your rights under your local laws

10) Cookies

In the app: No cookies

On website: One essential security cookie only.

We use Cloudflare (through Webflow hosting) for site security and DDoS protection. Cloudflare sets one cookie:

_cfuvid (Cloudflare security cookie)

• Purpose: Bot detection, rate limiting, DDoS protection
• Duration: Session only (deleted when you close your browser)
• Tracking: Does NOT track you or identify you personally
• Essential: Required for site security

We will never add:❌ Advertising cookies❌ Tracking cookies❌ Analytics cookies❌ Third-party marketing cookies

You can disable cookies in browser settings, but site security features may not work properly.

11) Security Incidents

If there's a data breach:

1. We investigate immediately
2. Notify you within 72 hours
3. Report to authorities as required
4. Fix the issue

How we notify:

• Email
• Website announcement
• In-app (if applicable)

Good news: Your spoon logs are on your device, so they can't be breached through our systems.

11A) Our Privacy Commitment

The Spoons app will ALWAYS be:

✅ Zero-data-collection in the app
✅ Your logs stay on your device only
✅ No tracking or analytics in the app
✅ No ads, ever

We will NEVER:

❌ Add cloud syncing that reads your logs without your explicit, opt-in consent (and even then, we'll never have access to unencrypted data)
❌ Add analytics that track your usage in the app
❌ Add ads or third-party trackers to the app
❌ Sell your data or share it with third parties (except service providers listed in Section 5)
❌ Change the app architecture to collect data

What this means:

App updates may add features (e.g., optional backup to your cloud storage that you control), but will never change our zero-knowledge architecture.

‍
We will never have access to your spoon logs. Period. We don't collect them, so we can't access them even if legally required to.

If we ever consider changes to this core commitment:

1. We will announce 90 days in advance
2. Explain exactly why and what would change
3. Give you the option to export all data and stay on the old version
4. Never force you to update to a version that violates this commitment

This is legally binding.

Your privacy is sacred. We will never break your trust.

12) Changes to This Policy

We may update this policy.

When we do:

• New effective date at top
• Material changes announced via email + website

Material changes:

• Collecting new data types
• New third-party sharing
• Reducing privacy rights

Your options:

• Stop using the service before changes take effect
• Unsubscribe from emails
• Continued use = acceptance

13) Contact

Privacy questions:

• privacy@getspoons.app
• hello@getspoons.app

Response time: Within 30 days (usually 48 hours)

Mailing address: [Add after company formation]

14) What Makes Spoons Privacy-First

✅ Zero data collection in the app
✅ Your logs never leave your device
✅ No tracking, no ads, no analytics in app
✅ Minimal website data (email + basic stats only)
✅ Export anytime, delete anytime
✅ No data selling, ever

Privacy isn't a feature - it's how we built Spoons.