Privacy Policy

Derax · Effective Date: March 25, 2026

Derax ("we" or "us") is a Digital Wellbeing and self-management tool. We take your privacy seriously, which is why this app is built on a Local-First architecture. This policy explains in detail how we handle your information and how we protect your privacy.

1. Information We Collect (Minimization Principle)

We follow a strict data minimization principle and only collect what is necessary to deliver core functionality:

Installed App List: Read only when you actively configure your "lock list." We never collect any in-app content, browsing history, or search records.
NFC Identifier: Read only when you scan a physical tag, used to verify unlock authorization or trigger focus mode.
Screen Time Permission (iOS): Used exclusively via the Family Controls API to restrict the apps you specify. We do not collect any usage statistics — this permission is solely used to enforce system-level app restrictions.
Core Configuration: Your lock list, schedules, and NFC bindings are stored in a local database on your device.

We explicitly commit to never collecting:

Screenshots or screen recordings
Keyboard input (passwords, messages, etc.)
Location data
Contacts or photos
Device identifiers (e.g. IDFA, serial number)
Any data used for advertising or tracking

2. How We Use Permissions

As a Digital Wellbeing app, every permission we request is solely to help you with self-regulation. None are used for surveillance or spyware purposes.

iOS:

Family Controls / Screen Time: Used to enforce "strict mode" — when you voluntarily trigger an NFC scan or scheduled plan, the system restricts access to specified apps. We request only the minimum permissions needed and do not collect, store, or transmit any usage duration or behavioral data.
NFC: Used to communicate with physical tags and trigger focus sessions.

Android:

Accessibility Service (AccessibilityService): Monitors foreground app changes to check whether the current app is on your lock list. We only compare package names — we never read screen content, record input, or access any personal data.
Display Over Other Apps: Used to show the focus overlay screen when a locked app is opened.
Battery Optimization Exemption: Ensures the focus service runs reliably in the background without being killed by the system.

3. Data Storage & Processing (100% Local)

We have no backend servers for storing personal data. All your configurations, activity logs, and usage data are encrypted and stored locally on your device. Nothing is ever uploaded to the cloud.

No Server Architecture: All data lives only on your device.
No Cloud Sync: Screen time data, app lists, and NFC records never leave your device.
Data Deletion: You can permanently delete all locally stored data at any time by uninstalling the app. Once uninstalled, we have no way to recover any data.

4. Third-Party Data Sharing

Zero Sharing: We do not share your personal information with any third-party companies, advertisers, or data brokers.
No Ad Tracking: This app contains no third-party advertising SDKs and does not use IDFA for cross-app tracking.
Crash Analytics: We may use anonymous crash reporting tools (e.g. Crashlytics) to maintain app stability. These reports contain no personally identifiable information (PII) or screen usage content.

5. Children's Privacy (COPPA & GDPR)

Since this app may be used in parental control scenarios, we strictly comply with applicable regulations:

Children's Privacy: We do not knowingly collect personal information from children under 13. When used as a parental control tool, parents are responsible for supervising their child's usage.
Compliance: We comply with the U.S. Children's Online Privacy Protection Act (COPPA) and the EU General Data Protection Regulation (GDPR) regarding data processing requirements.
Data Protection: For minor users, we apply the same local-storage-only principle and do not upload any behavioral data.

6. Prohibited Uses

To maintain a healthy ecosystem, this app and its permissions are strictly prohibited from being used for:

Employee Surveillance: Employers may not force employees to install this app to monitor work devices.
Spyware: This app may not be used to monitor another person's device usage without their knowledge.
Malicious Locking: This app may not be used for extortion or to maliciously block access to core device functions (e.g. calls, SMS).

We reserve the right to terminate service if any such abuse is discovered.

7. User Consent & Voluntary Use

Voluntary Activation: All locking features are triggered voluntarily by the user (e.g. scanning an NFC tag or enabling a schedule). Users can exit lock mode at any time through designated actions (e.g. waiting for a countdown or entering an emergency passcode).
Informed Consent: When Screen Time permission is requested for the first time, the system displays a clear prompt. The permission only takes effect after the user taps "Allow."

8. Policy Updates & Contact Us

If this policy changes significantly, we will notify you via an in-app notice or our official website. If you have any questions about this Privacy Policy or wish to exercise your data rights, please contact us:

Email: vincent@deeraygroup.com
Website: https://www.deerayelectronics.com