Livify & ASH Apps Privacy Policy

Effective Date: December 19, 2025

Introduction.

This Privacy Policy explains how ASH PRODUCTION DESIGNS LTD ("we" or "us"), as the developer and operator of certain mobile applications, collects, uses, and protects personal data. This Policy applies to Livify and any other mobile applications that we publish and that reference or link to this Privacy Policy (collectively, the "Apps" and individually an "App").

We are committed to complying with applicable data protection laws, including the UK General Data Protection Regulation (UK GDPR) and similar international laws, to safeguard your privacy.

By using any of our Apps, your personal data will be processed as described in this Privacy Policy. If you do not agree, please do not use the Apps.

About Us and Contact Information

The Apps (including Livify) are developed and operated by ASH PRODUCTION DESIGNS LTD ("we", "us").

• Company name: ASH PRODUCTION DESIGNS LTD
• Business location: United Kingdom
• Contact email (privacy & support): support@livifyapp.co

For the purposes of applicable data protection laws, including the UK General Data Protection Regulation (UK GDPR) and EU GDPR where applicable, ASH PRODUCTION DESIGNS LTD acts as the data controller of your personal data. This means we determine how and why your personal data is processed in connection with the Apps covered by this Privacy Policy.

If we launch additional applications in the future that require a separate privacy policy, those apps will clearly link to their own applicable policy.

1. Information We Collect

We collect several types of personal information from you when you use our Apps. This includes information you provide directly, data automatically collected through the Apps, and information from third-party services you choose to connect. We limit our collection to what is necessary for the purposes described in this Policy.

Depending on which App and features you use, we may collect:

• Account Information:

  When you create an account in one of our Apps, we collect your name and email address (and possibly a username) to identify you and communicate with you. We may also collect a profile photo or avatar if you choose to add one. You will create a password for your account, which is stored in an encrypted form for security.

• Wellness and Habit Data (e.g., in Livify):

  Certain Apps (such as Livify) allow you to input personal wellness information, habit tracking details, and wellness and lifestyle entries (for example, mood logs, exercise routines, or other habit trackers you choose to use). All such health and wellness data is provided voluntarily by you and is stored to enable the App's core features (e.g., showing your progress or personalized insights). We only process the health or habit information that you decide to enter into the App.

  Please note: while we take privacy seriously, any health-related information you log in an App is not professional medical information and is handled as personal data subject to this Policy.

• Budgeting and Financial Data (e.g., in Livify's budgeting tools):

  If you use budgeting features in an App, we collect the financial data you input, such as budgeting targets, expense records, savings goals, or other finance-related information. This data is used to provide you with budgeting tools and insights.

  Important: These budgeting tools are for personal tracking purposes only and are not connected to your bank or financial accounts unless you manually input data. We do not collect sensitive financial account numbers or payment card numbers through budgeting features.

• Device and Usage Data:

  Like many apps, our Apps automatically collect certain technical information about your device and how you use the App. This may include your device model, operating system version, unique device identifiers, and system settings, as well as logs of your in-app actions and feature usage.

  We also collect analytics data through third-party tools (such as Firebase Analytics) to understand App performance and user engagement. This usage data helps us troubleshoot issues, improve functionality, and develop new features. For example, we may log when you complete a habit entry, how often certain screens are used, or which features are most popular.

  We may also collect your IP address or general location information only to infer the country or region of our users for analytics and legal compliance purposes. We do not collect precise GPS location from your device.

• Transaction and Subscription Data:

  When you make a purchase in an App (such as subscribing to premium features in Livify), the payment is processed by the relevant app store (e.g., Apple's App Store). We do not receive your credit card number or other full financial account data; the app store provides us only with information necessary to validate the transaction (such as an anonymized transaction ID or confirmation that payment was successful).

  If you have a subscription, we maintain a record of your subscription status (active, expired, renewal date, etc.) and the app store or our subscription partner may inform us of cancellations or refunds. Note: All billing for subscriptions is handled by the app store, not by us, and we do not directly collect or store your payment information.

• Optional Data Synchronization and Integrations:

  Some Apps may offer integrations or the ability to sync data from other services (for example, importing data from Apple Health in Livify, if you choose to do so). If you use these features, we will collect whatever data you choose to import (such as step count, calorie data, etc.) and treat it as personal data under this Policy. Integration with external sources is completely optional and under your control.

We do not collect any special categories of personal data about you unless you provide it through the wellness or similar features (for instance, health-related data you log could be considered sensitive personal data). We do not use health or wellness data for advertising, and we only process it to provide the features you choose to use. Our Apps do not access your device's contacts, photos, or other personal files, unless you explicitly grant permission (for example, if a feature allows uploading an avatar or exporting data, and even then such data is used only for that feature).

2. How We Use Your Information

We use the collected information for the following purposes, all in accordance with applicable law. Depending on the App and features you use, some or all of these may apply:

• Providing and Improving the Service:

  We process your personal data to operate each App's core functionalities. For example:

  • In Livify, we use your wellness and habit inputs to display your progress or generate insights/trends over time.
  • Budgeting data is used to create your personal budget reports.
  • Device and usage data are used to ensure the Apps function properly on different devices and to fix bugs or compatibility issues.
• Personalization:

  To the extent an App offers personalized features (such as habit streaks, tailored recommendations, or motivational messages), we use your logged data to tailor these features to you.

• Analytics and Product Development:

  We use aggregated usage data and analytics tools (e.g. Firebase Analytics) to understand how users interact with our Apps. This helps us identify popular features, improve user experience, and decide what new features to build. Analytics are typically performed on aggregated and/or pseudonymous usage data and event logs.

• Communication:

  We use your contact information (such as email) to send you service-related communications. These include verification emails, password reset emails, receipts for purchases, important updates about the Apps, and responses to support requests. We may also send optional product updates or wellness tips via email, but only if you have agreed to such communications. You can opt out of non-essential emails at any time (for example, by using the unsubscribe link in such emails).

• Customer Support:

  If you contact us for help, we will use the information you give us to assist you. We may access your relevant data in our systems to troubleshoot the problem. Any personal data you provide during a support request will be used only to resolve your request and train our support processes, and is kept confidential.

• Subscriptions and Account Management:

  If you subscribe to premium content or features in an App, we use your subscription status information to give you access to those features. We may also remind you of upcoming renewals or if your subscription lapses. Refunds and cancellations are handled via the app store (e.g., Apple's App Store). We do not process refunds directly, but we may update your account based on information from the app store (such as revoking premium access if a refund is granted).

• Legal Compliance and Security:

  We may process or disclose personal data as required to comply with laws, regulations, and lawful requests (e.g., court orders), enforce our legal rights, meet accounting or tax obligations, or handle legal disputes. We also use data (such as logs) to monitor for and prevent fraudulent, abusive, or unlawful activities, including enforcing age restrictions and our Terms of Service.

We will only use your personal data for the purposes above and will not use it in a manner that is incompatible with these purposes. If we need to use your data for a new purpose, we will update this Privacy Policy or obtain your consent if required by law.

Legal Bases for Processing (UK/EU GDPR)

Where the UK GDPR and/or EU GDPR applies, we process personal data on the following legal bases:

• Performance of a contract:

  Processing is necessary to provide the Apps and features you request in accordance with our Terms of Service (for example, creating and managing your account, syncing data, and displaying your entries).

• Legitimate interests:

  Processing is necessary for our legitimate interests in operating, maintaining, securing, and improving the Apps (such as analytics, troubleshooting, fraud prevention, and service optimisation), provided those interests are not overridden by your rights and freedoms.

• Consent:

  Where required, we rely on your consent (for example, for optional health or wellness data, optional integrations, or non-essential communications). You may withdraw your consent at any time.

• Legal obligation:

  Processing is necessary to comply with legal or regulatory obligations, such as accounting, tax, or responding to lawful requests from authorities.

If you have any questions about the legal basis for a specific processing activity, you can contact us at support@livifyapp.co.

3. Cookies and Tracking Technologies

Because our products are primarily mobile Apps, they do not use traditional web cookies in the same way websites do. However:

• The Apps may store small pieces of data on your device (e.g., secure tokens) to keep you logged in or remember certain preferences.
• Our website (if you visit our support or informational site) may use cookies to remember your preferences or analyze site traffic. Where required, we will display a cookie notice on the website.

For in-app analytics, we rely on third-party SDKs (Software Development Kits) like Firebase Analytics, which may automatically collect device identifiers and usage data. These tools help us recognize general usage patterns, but they do not name you.

You may be able to limit analytics by:

• Adjusting settings within the App (where available), and/or
• Using your device's privacy settings (e.g., your device privacy settings (including App Tracking Transparency controls where applicable), which we respect.

4. How We Share Your Information

We treat your personal data as private and confidential. We do not sell your personal information to third parties. However, we do share information in certain circumstances, as described below, to run our business and provide the Apps' services:

a) Service Providers

We use reputable third-party service providers to host data, send emails, analyze App usage, and process subscriptions. These providers process data on our behalf under strict confidentiality and security obligations. The main providers we use include, for example:

• Supabase: We use Supabase (a cloud database and authentication service) to store user data securely in the cloud. This includes your account information and the data you input into the Apps (such as Livify data). Supabase acts as our data processor, meaning they store and handle data under our instructions.
• RevenueCat: We use RevenueCat to manage in-app subscriptions and purchases across platforms. When you subscribe, RevenueCat receives information such as an anonymous user ID, subscription tier, and expiration date. RevenueCat does not receive your full payment information, but it does process receipts and subscription events so we can unlock premium content and track entitlement status.
• App Stores (e.g., Apple App Store): All purchases in our Apps are processed by the respective app store using your store account. They will have access to your payment details and purchase history under their own terms and privacy policies. We receive confirmation of transactions, but not your sensitive payment details.
• Analytics Providers (Firebase Analytics): We integrate Google's Firebase Analytics (and similar tools) to collect anonymized or pseudonymized usage statistics. These tools may receive device identifiers and usage events (like "user opened budget screen"). We configure these tools in a privacy-conscious way where possible.
• Email Service Provider: We use a third-party email delivery service (currently Resend) to send transactional emails such as verification emails, password resets, and account notifications. This provider processes your email address and message content solely for the purpose of delivering communications on our behalf.

We ensure that all service providers are bound by contracts that require compliance with data protection laws and that they only use your data for the purposes we specify.

b) Business Transfers

If our business (ASH PRODUCTION DESIGNS LTD or one of the Apps) is involved in a merger, acquisition, sale of assets, or other business reorganization, your personal data might be transferred to the successor or new owner. We would ensure the new owner is bound by terms that protect your data in line with this Policy and will notify you where required.

c) Legal Obligations and Protection

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or government agency). We may also disclose data to:

• Comply with legal obligations
• Protect and defend our rights or property
• Prevent or investigate possible wrongdoing
• Protect the personal safety of users or the public

Any such disclosure is done in accordance with applicable data protection laws.

d) With Your Consent

In situations where you explicitly give us consent to share your data with third parties, we will do so. For example, if an App allows exporting or sharing your data with another service and you choose to do so, we will share data only with your authorization. You can revoke this consent at any time.

e) Aggregate or De-Identified Information

We may share information that has been aggregated or de-identified so that it cannot reasonably be used to identify you. For example, we might publish a report saying "X% of users track a hydration habit" without revealing any personal details.

We do not share personal data with any third-party advertisers for cross-context behavioral advertising. Our Apps currently contain no third-party ads. If that ever changes, we will update this Privacy Policy and provide appropriate choices.

5. Data Retention

We retain your personal data for as long as necessary to fulfill the purposes for which it was collected, including to satisfy any legal, accounting, or reporting requirements. This means:

• Account Data:

  We keep your account information (like your name, email, and data you have entered) as long as you maintain an account with any of our Apps. If you delete your account or it has been inactive for an extended period, we will initiate deletion or anonymization of your personal data (except where we must retain certain information for legal reasons).

• Wellness/Habit and Budget Data:

  Data you input (e.g., in Livify) is stored to provide the service. If you delete a particular entry, that specific data will be removed from active systems (but may remain briefly in backups). If you delete your account entirely, associated wellness, habit, and budgeting data will be permanently deleted or anonymized so that it is no longer associated with you, subject to legal retention requirements.

• Subscription and Transaction Records:

  We keep records of your purchases and subscriptions for as long as needed for financial auditing and compliance (typically at least 6 years under UK tax law). These records usually include purchase dates, amounts, and related details, but not full payment details.

• Analytics Data:

  Analytics information is usually stored in aggregate form. Raw analytics logs may be retained for a limited period (which may vary based on configuration) and then deleted or anonymized. Aggregated metrics may be kept longer but do not identify individuals.

• Communications:

  Support emails and similar communications may be retained for as long as reasonably necessary for support and record-keeping.

After the applicable retention period ends, we securely delete or anonymize your personal data. If immediate deletion is not feasible (e.g., because it resides in backup archives), we securely store and isolate it from further processing until deletion is possible.

6. International Data Transfers

Our Apps are available to users around the world, and personal data may be transferred to and stored on servers outside your home country. We are based in the United Kingdom, and many of our systems (via Supabase and other providers) may be hosted in the European Economic Area (EEA) or the United States.

Whenever we transfer personal data out of the UK or EEA, we take steps to ensure appropriate safeguards, such as:

• Standard Contractual Clauses (SCCs) with service providers in countries that do not have an adequacy decision.
• Adequacy Decisions (e.g., data flows between the UK and EEA).
• Additional Technical Measures such as encryption in transit (HTTPS/TLS) and encryption at rest.

By using our Apps, you understand that your information may be transferred to our facilities and those third parties with whom we share it as described in this Policy.

If you would like more information about our international data transfer practices or need a copy of the relevant safeguards (such as SCCs), you can contact us using the information in the "Contact Us" section.

7. Security Measures

We take the security of your personal data very seriously and implement industry-standard security measures, including:

• Encryption of data in transit (HTTPS/TLS) and at rest (encrypted databases).
• Hashed and salted passwords (we never store plaintext passwords).
• Access controls limiting data access to authorized personnel with a legitimate need.
• Monitoring and testing of our systems for vulnerabilities and threats.
• Regular backups of data, stored securely and encrypted.
• Ongoing learning and training on security and privacy practices.

No system is 100% secure, but we work continuously to reduce risks. If a data breach occurs that affects your personal data, we will follow all applicable notification laws.

Your Responsibility:

• Choose a strong, unique password.
• Do not share your login details.
• Enable device-level security (PIN, biometrics, etc.).
• Be cautious of phishing attempts.

If you suspect unauthorized access, contact us immediately.

8. Your Rights and Choices

You have rights regarding your personal data. These may vary by jurisdiction, but generally include:

• Access Your Data
• Rectification (Correction)
• Deletion (Right to be Forgotten)
• Withdrawal of Consent (where processing is based on consent)
• Objection and Restriction (for certain processing, such as legitimate interests)
• Data Portability
• Right not to be subject to certain automated decision-making
• Right to lodge a complaint with a supervisory authority

If you are in the UK/EU, you can contact your local Data Protection Authority, such as the UK ICO. If you are in California, you may also have rights under the CCPA/CPRA, including:

• Right to know what categories of personal information we collect/use/disclose
• Right to access and delete certain information
• Right to know whether your data is "sold" or "shared" (we do not sell personal information or share it for cross-context behavioral advertising)
• Right not to be discriminated against for exercising your privacy rights

To exercise any of your rights, please contact us at support@livifyapp.co. We may need to verify your identity before fulfilling requests. We typically respond within one month, or inform you if more time is required.

9. Children's Privacy

• Our Apps are not intended for children under 13.
• We do not knowingly collect data from children. If we learn a child has provided personal data, we will delete it.
• If we become aware that we have collected personal data from a child under 13, we will promptly delete it and terminate the account.

Additional regional rules:

• In the UK/EU/EEA, we do not knowingly collect data from children under the applicable age of digital consent (typically 13-16, depending on country) without parental consent.
• In the United States, we follow COPPA (under-13 rule).

If you are a parent or guardian and believe your child has provided us with personal information, please contact us at support@livifyapp.co so we can delete it.

10. Updates to This Privacy Policy

We may update or modify this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or the Apps we offer.

• We will update the "Effective Date" at the top when we make changes.
• For significant changes, we may provide a more prominent notice (e.g., in-app notification or email).

Your continued use of our Apps after changes become effective will signify your acceptance of the updated Policy, where permitted by law. If you do not agree with the changes, you should stop using the Apps and may delete your account.

11. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

• Email: support@livifyapp.co

We will address your inquiries as promptly as possible. Thank you for using our Apps and for trusting us with your personal information. We are dedicated to protecting that trust.