HEAVENS Places Privacy Policy

Last updated: 4 April 2026

This Privacy Policy explains how HEAVENS Co., Ltd ("we", "us", "our") handles personal data in connection with the HEAVENS Places app (the "App").

In normal use, most place, visit, photo, reminder, and location-processing data stays on your device. We only receive limited account, subscription, diagnostics, support, and feedback data unless and until we introduce additional cloud features with appropriate notice.

If you do not agree with this Privacy Policy, please do not use the App.

1. Who we are

HEAVENS Co., Ltd is the operator of the App.

• Privacy: privacy@heavensconnect.com

If you are in the UK or EEA, we are the controller of the personal data described in this policy unless stated otherwise.

2. What this policy covers

This policy covers personal data we collect, use, store, and share in connection with:

• your use of the App;
• your account, if you create one;
• subscriptions and purchases;
• support and feedback submissions; and
• diagnostics and service operations.

This policy does not cover third-party services such as Apple, Google, or other providers when they act under their own privacy policies.

3. Information we collect

3.1 Account and profile information

If you create an account or sign in, we may collect and process:

• your name;
• your email address;
• your sign-in method, such as email, Apple, or Google; and
• profile and email preference information you choose to provide.

This information is used to authenticate you, manage your account and profile, store your email preference choices, and provide account-related features. If you opt in to product updates, we may also use your contact details and preferences to manage those communications.

3.2 Subscription and purchase information

If you purchase or restore a subscription, we may receive subscription and entitlement information from the Apple App Store, RevenueCat, any other app store where we may offer the App in future, and our backend systems, such as:

• product identifiers;
• subscription status;
• expiry and renewal status; and
• entitlement metadata needed to determine access to Pro features.

We do not receive your full payment card details.

3.3 Feedback and support information

If you contact us or submit feedback through the App, we may collect:

• your email address, if provided;
• the content of your message or feedback; and
• related metadata needed to respond to you and manage the issue.

3.4 Diagnostics and technical information

We may collect technical and diagnostic information needed to keep the App reliable and secure, such as:

• crash reports;
• error logs;
• device and app version information; and
• limited usage context related to the error or crash.

3.5 Content you store in the App

The App lets you create and store content such as:

• places and visits;
• notes, checklists, questions and answers;
• photos and imported contact details;
• access information and other widget content; and
• reminders, travel plans, and visit summaries.

In normal use, this content is stored locally on your device and is not synced to our servers. Signing in on another device does not sync your places or visits.

3.6 Location data

If you enable location permissions, the App may access:

• foreground location;
• nearby-place and distance information;
• background location for automatic arrival and departure detection; and
• device-level geofencing and visit events.

Our app is designed so that location data is processed on your device as part of normal app use and is not sent to our servers.

Some location, mapping, and reverse-geocoding functionality may rely on Apple, Google, Expo, or other platform-level services on your device, which may process data under their own terms and privacy policies.

3.7 Optional permissions

Depending on which features you use, the App may request access to:

• camera, to take photos you attach to places or visits;
• photo library, to import selected photos;
• contacts, to import selected contact details into widgets; and
• notifications, to deliver reminders and warnings.

Where available in the App today, these features are designed so that the imported or created content is stored locally on your device unless we tell you otherwise.

4. How we use information

We use personal data to:

• provide and operate the App;
• authenticate users and manage accounts;
• determine access to subscriptions and Pro features;
• process purchases, restorations, and entitlements;
• respond to support requests and feedback;
• improve reliability, performance, and security;
• comply with legal obligations; and
• protect users, the App, and our business from misuse.

Where supported by your device, summary-generation features may use local on-device processing to help generate visit summaries.

5. Lawful bases for processing

Where UK GDPR or similar laws apply, we generally rely on the following lawful bases:

• Contract: to provide the App, account features, and any paid subscription you request.
• Legitimate interests: to operate, secure, improve, and support the App.
• Consent: for optional permissions such as location, camera, photo library, contacts, and notifications where consent is required by platform rules or law.
• Legal obligation: where we need to comply with applicable law.

6. Where data is stored

6.1 On your device

In normal use, the following are primarily stored locally on your device:

• places, visits, reminders, and travel plans;
• notes, photos, checklists, contact widgets, and similar content;
• locally processed location data used by the App; and
• local notification schedules.

6.2 In our service providers

Some limited personal data may be stored or processed by service providers we use to operate the App, including:

• Supabase, for account, authentication, profile, and entitlement-related data;
• RevenueCat, for subscription and entitlement management;
• Apple App Store, and any other app store where we may offer the App in future, for billing, renewals, and purchase handling; and
• Sentry, for crash reporting and diagnostics.

If you submit support or feedback through the App, related data may also be stored in our support or backend systems.

7. How we share information

We do not sell your personal data.

We may share personal data only:

• with service providers who help us operate the App;
• with Apple, relevant app store providers, and payment/subscription infrastructure as needed for purchases and subscription management;
• where required by law, regulation, legal process, or competent authorities; or
• in connection with a business transfer, merger, or reorganisation, subject to applicable law.

8. International transfers

Our service providers may process personal data outside the UK or your home jurisdiction. Where required by law, we take reasonable steps to use appropriate safeguards for international transfers.

9. Data retention

We keep data only for as long as reasonably necessary for the purposes described in this policy.

In general:

• on-device content remains until you delete it, remove the App, or clear your device data;
• account and profile data may be retained while your account remains active and for a reasonable period afterwards where needed for legal, security, or operational reasons;
• subscription and entitlement data may be retained as needed for billing, accounting, fraud prevention, and audit purposes; and
• diagnostics, support, and feedback data may be retained for as long as reasonably necessary to investigate issues and improve the App.

10. Your choices and rights

You can:

• control app permissions in your device settings;
• choose whether to grant location, camera, photo library, contacts, and notification access;
• update certain account details in the App, where available;
• contact us to request account deletion or privacy assistance, where applicable; and
• manage or cancel subscriptions through Apple App Store settings, or through the settings of the app store where you purchased the subscription.

If you are in the UK, EEA, or another region with applicable privacy rights, you may also have rights to access, correct, erase, restrict, object to, or port certain personal data, subject to legal limits and exemptions.

11. Security

We use reasonable technical and organisational measures to help protect personal data. However, no system is completely secure, and we cannot guarantee absolute security.

You are responsible for keeping your account credentials secure and for taking care when storing sensitive information in the App.

12. Children's privacy

The App is not intended for children under 13, and we do not knowingly collect personal data directly from children under 13 through the App.

If you believe a child has provided personal data to us in violation of this policy, please contact us.

13. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. We will update the "Last updated" date and, where appropriate, notify you in the App or by other appropriate means.

14. Contact

For privacy questions or requests, contact:

• Privacy: privacy@heavensconnect.com