ZoneIn Privacy Policy

App: ZoneIn

Bundle identifier: com.tryzonein.app

Platform: iOS

Privacy Policy URL: tryzonein.com/privacy

Last updated: Apr 21, 2026

Effective date: Apr 21, 2026

Joint data controllers: Tash-had Saqif and Elijah Kajinic

Privacy contact: contact@tryzonein.com

Privacy at a glance

This summary is written in plain language. The detailed sections below are the full Privacy Policy.

ZoneIn is a self-control app. It helps you block apps, app categories, websites, and website categories that you choose, using Apple Screen Time, FamilyControls, DeviceActivity, and ManagedSettings APIs.
Most core data stays on your device. Your block schedules, focus sessions, selected blocking targets, override records, dashboard summaries, and local app/extension state are stored locally on your device. ZoneIn does not operate a first-party backend server for this data.
Your selected apps and websites are represented by Apple tokens. ZoneIn stores opaque Apple Screen Time selection tokens. The developers do not receive readable app names, website domains, URLs, messages, passwords, or content from those tokens.
Screen Time usage reports are processed on-device. ZoneIn uses Apple DeviceActivity reporting to show screen-time metrics on your device. Raw Screen Time reports are not uploaded to a first-party server.
Sign in with Apple is required in production builds. ZoneIn requests the full name and email scopes from Apple during authentication, but the current app stores only Apple’s stable user identifier on-device. That identifier is also used with RevenueCat for purchase attribution.
Paid overrides are processed by Apple and RevenueCat. Apple handles App Store in-app purchases. RevenueCat provides the paywall and purchase infrastructure. ZoneIn does not receive or store your payment card number.
Firebase Remote Config supports limited app configuration. ZoneIn uses Firebase Remote Config to deliver configuration values and feature rollouts without requiring every change to be shipped in a new app version.
Firebase Analytics supports product analytics. ZoneIn uses Firebase Analytics for coarse product interaction and purchase-flow analytics. It does not intentionally send raw selected app names, website domains, Apple user IDs, transaction IDs, raw purchase prices, or raw Screen Time reports to Firebase Analytics.
Notifications are used for focus reminders and re-engagement. If you allow notifications, ZoneIn may send a 5-minute warning before a scheduled block begins and a one-time day-3 reminder if you launch the app but have not created a focus session or scheduled block. Notification content may include your scheduled session name and the count of selected apps/websites, and tapping the day-3 reminder may open the Create Schedule sheet and log a coarse analytics event.
No ads and no cross-app tracking. ZoneIn does not use IDFA, does not use App Tracking Transparency because it does not track you across other companies’ apps and websites, and does not sell or share personal information for cross-context behavioral advertising.
Hard Mode is device-wide when active. Hard Mode is the in-app name for ZoneIn’s app-removal restriction feature. If enabled during an active block, Apple’s ManagedSettings app removal restriction can prevent removal of apps on the device generally, not just ZoneIn.

1. Scope of this policy

This Privacy Policy explains how Tash-had Saqif and Elijah Kajinic collect, use, store, disclose, and protect personal information in connection with ZoneIn, the iOS app available under bundle identifier com.tryzonein.app.

This policy covers the ZoneIn iOS app and the app extensions that support its Screen Time functionality. It also includes a separate, short section for tryzonein.com, because the companion website has its own analytics and logging practices that are separate from the app.

This policy describes both data that may be transmitted to third-party service providers and data that is processed or stored locally on your device. We describe important local processing because it can affect your privacy and your device experience, even when that data is not uploaded to a ZoneIn server.

2. Who we are

ZoneIn is released on the Apple App Store under the personal developer name Tash-had Saqif. Tash-had Saqif and Elijah Kajinic are joint co-developers and joint data controllers for ZoneIn.

Item	Details
Primary developer / App Store release name	Tash-had Saqif
Joint controller / co-developer	Elijah Kajinic
Country and state	New York, United States
Privacy email	contact@tryzonein.com
Mailing address	PO Box 230150 178 Columbus Ave New York, NY 10023-9998 USA
EU / UK representative	Not appointed at this time. ZoneIn may be made available worldwide through the App Store, including in the European Union and United Kingdom, subject to Apple availability, local laws, and supported storefronts. The controllers are located in New York, United States and do not currently have an EU or UK establishment. If GDPR Article 27 or UK GDPR Article 27 requires an EU and/or UK representative for ZoneIn’s actual availability and processing, we will appoint the required representative and update this policy. Until then, privacy requests can be sent to contact@tryzonein.com.

3. About ZoneIn

ZoneIn is an iOS self-control and screen-time management app. It is designed for users who want to restrict their own device usage. It is not designed as a parental-control service for supervising someone else.

ZoneIn asks you to sign in with Apple and grant Apple Screen Time / FamilyControls authorization. You can then create immediate focus sessions or recurring schedules that block selected apps, app categories, websites, and website categories. The blocking is enforced through Apple DeviceActivity and ManagedSettings APIs and may continue while the main ZoneIn app is closed.

ZoneIn supports paid temporary overrides. An override temporarily lifts active blocks after an Apple in-app purchase processed through RevenueCat. Available override durations may include short, medium, or longer temporary access windows, as shown in the app and Apple purchase sheet.

Prices, availability, product identifiers, and paywall wording may vary based on App Store configuration, RevenueCat offerings, taxes, currency, and regional availability. The Apple purchase sheet controls the final price and transaction terms at the time of purchase.

ZoneIn also includes an optional feature called Hard Mode. When active, Hard Mode can prevent app removal across the device during an active block. This is an Apple ManagedSettings behavior and is not limited to the ZoneIn app icon.

4. Data we collect and process

The table below summarizes the main categories of data processed by ZoneIn. “Local only” means the data is stored on your device and is not uploaded to a first-party ZoneIn server based on the current app design described to us.

Category	Examples	Where it is stored or processed	Purpose
Account and authentication data	Sign in with Apple stable user identifier. Apple may provide full name and email during authentication because ZoneIn requests those scopes.	Apple user identifier is stored on-device. Full name and email returned by Apple are not currently retained by ZoneIn. Apple user identifier is used with RevenueCat as the app user ID.	Authenticate users, maintain a ZoneIn account state, attribute purchases, support account deletion and purchase restoration.
Local user configuration	Signed-in state, onboarding completion, notification-permission request state, appearance preference, and basic timestamps.	Local SwiftData / local device storage.	Operate the app, remember setup state, apply preferences, support local app functionality.
Block schedules	Schedule name, enabled state, start and end times, active days, and encoded Screen Time selection token.	Local SwiftData and shared App Group storage for extension enforcement.	Create and enforce recurring blocking schedules.
Focus sessions	Session name, start and end times, active or paused state, remaining time, related schedule reference if applicable, and encoded Screen Time selection token.	Local SwiftData and shared App Group storage for extension enforcement.	Create, pause, resume, end, and enforce immediate focus sessions.
Override records	Override timing, duration, related block reference if applicable, and limited purchase or transaction metadata if available.	Local SwiftData. Purchase metadata is also processed by Apple and RevenueCat.	Apply paid temporary overrides, re-engage blocks when the override ends, support purchase troubleshooting and anti-fraud records.
Screen Time selection data	Selected applications, app categories, web domains, and web-domain categories represented as Apple opaque tokens.	Local device storage and shared App Group storage. Not uploaded to a first-party ZoneIn server.	Apply shields and enforce the blocking choices you selected.
Screen Time usage reports	Screen-time summaries, activity buckets, usage categories or tokens where available, pickup counts, comparisons, and blocked-duration summaries.	Processed on-device through Apple DeviceActivityReport and local app-extension state. Raw reports are not uploaded to a first-party ZoneIn server.	Show your dashboard and help you understand your device usage.
Local app and extension operational state	Local state needed to enforce blocks, manage overrides, coordinate schedules, apply Hard Mode, cache configuration values, and show dashboard summaries.	Local device storage and shared App Group storage used by the app and its extensions.	Allow the main app and Screen Time extensions to coordinate blocking even when the main app is closed.
Purchase data	Product identifiers, purchase state, transaction identifiers, offering/paywall metadata, customer information, receipt-related metadata, override duration tier.	Apple App Store in-app purchase systems, RevenueCat, and limited local app records.	Process paid overrides, verify purchases, prevent fraud, restore or troubleshoot purchases, show paywalls and offerings.
Firebase Remote Config data	Firebase installation identifiers, configuration request data, returned configuration values, and standard technical metadata.	Firebase / Google and local App Group cache.	Deliver remote configuration values and support limited app behavior changes without requiring a binary update.
Firebase Analytics data	Coarse product interaction, app-flow, reminder, and purchase-flow event names and parameters.	Firebase / Google. No IDFA is collected through the FirebaseAnalyticsWithoutAdIdSupport variant.	Understand broad product usage, improve features, diagnose funnel issues, and measure whether key flows are working. Not used for cross-app tracking or advertising.
Notification permission state and interactions	Whether ZoneIn has asked for notification permission; iOS-level permission for alerts, badges, and sounds if granted; scheduled notification content and metadata such as schedule name, scheduled time, selected app/website count, and whether a notification is tapped.	Local device state and iOS settings. If Firebase Analytics is enabled, a coarse notification tap or re-engagement event may be sent to Firebase.	Warn you before scheduled blocks begin, send a one-time day-3 reminder if you have not created a block yet, open the Create Schedule sheet from that reminder, and measure whether the reminder helps users complete setup.
Support communications	Email address, message content, attachments, device/app details you choose to include when contacting contact@tryzonein.com.	Standard email handling used by the controllers. No separate support/helpdesk platform is identified at this time.	Respond to support requests, privacy requests, bug reports, and feedback.

Important Screen Time note: App and website choices can be private even when stored as opaque tokens. We treat Screen Time selections and usage reports carefully. We do not use them for advertising, and we do not upload raw Screen Time report data to a first-party ZoneIn server.

5. Sources of data

ZoneIn receives or processes data from the following sources:

You. You create schedules, focus sessions, block selections, override purchases, settings, and support messages.
Your device and iOS. iOS provides permission status, local storage, Screen Time authorization, DeviceActivity events, usage reports, notification settings, and ManagedSettings enforcement.
Apple. Apple provides Sign in with Apple authentication data, App Store purchase and transaction information, Screen Time APIs, and system-level permission and purchase flows.
RevenueCat. RevenueCat provides paywall, offering, purchase, receipt, and customer-info infrastructure.
Firebase / Google. Firebase provides Remote Config and, if enabled in production, Analytics event processing.
Companion website systems. The website tryzonein.com has separate analytics logging through Firebase Analytics for basic visit signals.

6. How we use data

ZoneIn uses data for these purposes:

Authenticate you with Sign in with Apple.
Store your local ZoneIn configuration and preferences.
Let you create, edit, run, pause, resume, and end focus sessions and schedules.
Apply blocks to apps, categories, websites, and website categories you select.
Coordinate enforcement between the main app and iOS extensions.
Show your on-device Screen Time dashboard.
Process paid override purchases through Apple and RevenueCat.
Temporarily lift active blocks during an override and re-engage them when the override expires.
Apply or remove Hard Mode app-removal restriction behavior when enabled and applicable.
Deliver remote configuration values that support limited app behavior.
Analyze coarse product interaction and purchase-flow analytics if Firebase Analytics is enabled.
Respond to support, feedback, privacy, deletion, and legal requests.
Maintain security, prevent fraud, debug local extension failures, and comply with legal obligations.

ZoneIn does not use your data to build advertising profiles. ZoneIn does not sell your personal information. ZoneIn does not share your personal information for cross-context behavioral advertising.

7. Screen Time, FamilyControls, and on-device processing

ZoneIn depends on Apple’s Screen Time-related frameworks, including FamilyControls, ManagedSettings, ManagedSettingsUI, DeviceActivity, DeviceActivityReport, Shield Configuration, and Shield Action extensions.

ZoneIn requests Screen Time authorization for .individual use. This means the app is designed for self-imposed device restrictions by the device owner, not for parental supervision of a child account.

What Screen Time permission allows ZoneIn to do

Let you pick apps, app categories, websites, and web-domain categories to block.
Store those selections as Apple-provided opaque tokens.
Apply shields to selected apps, categories, websites, or domains during active blocks.
Monitor start and end times for schedules, focus sessions, and override expiration.
Process Screen Time activity reports on-device for the dashboard.

What ZoneIn does not do with Screen Time data

ZoneIn does not upload raw Screen Time report histories to a first-party server.
ZoneIn does not send selected app names or website domains to Firebase Analytics.
ZoneIn does not send raw app usage histories to RevenueCat.
ZoneIn does not use Screen Time selections or Screen Time usage reports for advertising.
ZoneIn does not attempt to reverse-engineer Apple’s opaque tokens into readable app names, website URLs, or domains.

Some local data is shared between the main app and extensions using local App Group storage. This is necessary because enforcement can continue when the main app is closed.

8. Sign in with Apple

Full name
Email address

Apple may provide those fields during the authentication flow. Based on the current app design, ZoneIn retains only Apple’s stable user identifier on-device. ZoneIn does not currently retain the full name or email address returned by Apple during authentication.

ZoneIn uses the Apple user identifier as the app user ID for RevenueCat. This lets RevenueCat attribute purchases, restore purchases, and associate customer information with your ZoneIn account state.

Apple’s processing of Sign in with Apple and Apple Account data is governed by Apple’s own privacy terms and policies.

9. Payments and paid overrides

ZoneIn offers paid temporary overrides through Apple in-app purchases. A paid override temporarily lifts active blocks for the purchased duration. After the override ends, blocking can automatically re-engage.

Apple processes the App Store purchase. ZoneIn does not receive or store your payment card number, bank account number, or full billing credentials.

RevenueCat provides paywall, offering, purchase-processing, receipt-validation, and customer-info infrastructure. RevenueCat receives purchase metadata and the app user ID used by ZoneIn, which is currently the Apple user identifier. RevenueCat may also process product identifiers, offering identifiers, entitlement/customer status, transaction-related metadata, device/app metadata, and receipt information needed to provide its service.

ZoneIn stores limited override records locally, including the duration, start and end time, amount in cents, and transaction ID if available. This local record is used to apply and end overrides correctly.

Refunds, chargebacks, failed purchases, taxes, billing issues, and App Store purchase history may be handled by Apple. RevenueCat and Apple may retain transaction information according to their own policies and legal obligations.

10. Analytics and Remote Config

Firebase Remote Config

ZoneIn uses Firebase Remote Config to deliver limited configuration values and feature rollouts without requiring users to download a new app version.

Firebase Remote Config receives standard Firebase installation identifiers and technical data needed to select and return configuration values. ZoneIn may cache returned configuration values locally so the app and its extensions can operate consistently.

Firebase Analytics

ZoneIn uses Firebase Analytics for coarse product interaction and purchase-flow analytics. This helps us understand whether key app flows are working, diagnose broad funnel issues, and improve the product experience.

Analytics data may include coarse event names, high-level flow context, status or result values, broad timing or count buckets, app instance identifiers, and standard app/device metadata. These analytics are not intended to identify the apps or websites you choose to block.

ZoneIn does not intentionally send the following to Firebase Analytics:

Selected app names.
Selected website domains or URLs.
Apple user ID.
Transaction ID.
Raw purchase price.
Raw Screen Time report data.
IDFA or advertising identifiers.

ZoneIn uses the FirebaseAnalyticsWithoutAdIdSupport variant and does not use Firebase Analytics for targeted advertising or cross-app tracking.

ZoneIn does not currently provide an in-app analytics opt-out. If applicable law in a jurisdiction where ZoneIn is offered requires additional analytics choice or consent controls, ZoneIn will update its product controls and this policy accordingly.

11. Notifications

ZoneIn asks for permission to send alerts, badges, and sounds so it can deliver focus-related reminders and account for notification interactions in product analytics where analytics is enabled.

ZoneIn may send a scheduled-block warning 5 minutes before a recurring scheduled block begins. The notification title may include the schedule/session name you entered, and the body may include the count of selected apps and websites that will be blocked. If you edit the schedule, ZoneIn is designed to update or replace the corresponding scheduled notification so that the timing, title, and body reflect the edited schedule.

ZoneIn may also send a one-time day-3 re-engagement reminder if you download and launch the app but have not created a focus session or scheduled block. If you create a focus session or scheduled block before the reminder is delivered, ZoneIn is designed not to show that reminder. This reminder is designed to be sent only once. Tapping it may open ZoneIn, present the Create Schedule sheet, and log a coarse analytics event so we can understand whether the reminder helps users complete setup.

Notifications can appear on your lock screen, Notification Center, banners, Apple Watch, or other Apple notification surfaces depending on your iOS settings. Avoid using sensitive information in schedule names if you do not want it to appear in a notification.

You can change notification permissions at any time in iOS Settings. iOS and Apple notification services control delivery, and ZoneIn cannot guarantee that any notification will be delivered on time or at all. ZoneIn does not use notifications for advertising or cross-app tracking. These notifications are designed to be scheduled or triggered through Apple’s iOS notification APIs. If ZoneIn later adds a server-side push provider, push-token collection, Firebase Cloud Messaging, or a custom notification backend, we will update this policy before collecting or using that additional data.

12. Companion website

The website tryzonein.com is operated by the same joint data controllers. Visiting the website and using the ZoneIn iOS app are separate data-processing contexts.

The website has its own analytics logging, distinct from the app. The website currently uses Firebase Analytics for basic visit signals.

The website may collect basic visit signals such as page views, timestamps, browser and device information, referral information, and similar usage signals through Firebase Analytics. This website data is separate from your on-device ZoneIn Screen Time data.

The website analytics retention period is 2 months under the current Google Analytics default data-retention setting unless a different setting is later configured. The website does not currently respond to Global Privacy Control signals and is not described here as using website analytics for advertising, retargeting, or cross-context behavioral advertising.

13. Third-party services

ZoneIn uses the following third-party services. These services may process data under their own privacy policies and contractual terms.

Service	Purpose	Categories of data received	Policy link
Apple	Sign in with Apple, Screen Time / FamilyControls APIs, DeviceActivity, ManagedSettings, App Store in-app purchases, App Store distribution.	Apple Account authentication data, Apple user identifier, purchase and transaction data, permission status, system-level data needed to operate Apple frameworks. Apple may process additional data under Apple’s own policies.	Apple Privacy Policy
RevenueCat	Hosted paywall UI, offering retrieval, customer information, purchase handling, receipt validation, app-user identity sync, purchase attribution.	Apple user identifier as ZoneIn app user ID, purchase metadata, product/offering identifiers, receipt and transaction-related metadata, customer status, app/device metadata needed to provide the service.	RevenueCat Privacy Policy
Firebase Remote Config (Google LLC)	Remote configuration delivery and limited runtime behavior changes.	Firebase installation identifiers, configuration request data, returned configuration values, standard technical metadata.	Google Privacy Policy and Firebase Privacy and Security
Firebase Analytics (Google LLC)	Product analytics if enabled in production.	Coarse product interaction and purchase-flow events, app instance identifiers, and standard app/device metadata. No IDFA / AdSupport collection is intended.	Google Privacy Policy and Firebase Privacy and Security

ZoneIn does not currently use a custom first-party server, Firebase Authentication, Firestore, Firebase Cloud Messaging, Firebase Storage, Crashlytics, advertising SDKs, AppTrackingTransparency prompts, or IDFA.

14. Legal bases for processing

ZoneIn may be made available worldwide, including in the EU/EEA and United Kingdom through the App Store. Where GDPR, UK GDPR, or similar laws apply, the legal bases for processing may include:

Contract or steps before contract. To provide the app, authenticate you, run focus sessions and schedules, process paid overrides, and provide support.
Consent. For permissions such as Screen Time / FamilyControls, notifications, and analytics where consent is required by law or platform policy.
Legitimate interests. To secure the app, prevent fraud, debug local extension operation, improve product flows, and understand aggregate usage, where those interests are not overridden by your rights.
Legal obligations. To comply with tax, accounting, consumer protection, App Store, dispute, and legal requirements.

You may withdraw consent where processing is based on consent. Withdrawal does not affect processing that occurred before withdrawal.

15. Data retention

Data category	Retention
Local app data	Local schedules, sessions, override records, configuration, Screen Time tokens, local app/extension state, dashboard summaries, and limited local diagnostics remain on your device until you delete them, delete your account through the in-app flow once implemented, clear app data if the app provides that option, or uninstall the app. Some iOS-managed data may also be governed by iOS behavior.
RevenueCat data	Retained according to RevenueCat’s retention policy and legal obligations. RevenueCat may retain purchase and customer records needed for receipt validation, fraud prevention, support, accounting, and legal compliance.
Apple purchase data	Retained by Apple according to Apple’s App Store, Apple Account, tax, and legal requirements.
Firebase Remote Config identifiers	Firebase installation identifiers are retained according to Firebase’s policies unless deleted through available Firebase deletion mechanisms. Firebase may remove deleted identifier data from live and backup systems over a period stated in its own policies.
Firebase Analytics data	2 months, based on the current Google Analytics default data-retention setting unless you later configure a different setting in the Google Analytics / Firebase console.
Support communications	Retained as long as reasonably necessary to respond, maintain support records, comply with law, resolve disputes, and protect rights, unless deletion is requested and no legal reason requires retention.
Companion website analytics	2 months, based on the current Google Analytics default data-retention setting unless you later configure a different setting in the Google Analytics console.

ZoneIn does not currently maintain first-party server storage for core app models.

16. Data security

ZoneIn uses technical and organizational measures designed to protect personal information, including:

iOS app sandboxing.
Device-level encryption provided by iOS and the user’s device settings.
Local storage rather than a first-party backend for core app models.
HTTPS/TLS network traffic to Apple, RevenueCat, and Firebase.
Limited local telemetry retention.
Use of opaque Apple tokens for Screen Time selections.

No security system is perfect. We cannot guarantee that data will never be accessed, disclosed, altered, or destroyed. You should protect your device with a passcode, Face ID, Touch ID, and up-to-date iOS software.

17. Your choices and controls

Screen Time permission. You can grant or revoke Screen Time / FamilyControls authorization through iOS system settings. If you revoke it, ZoneIn may not be able to block apps or show the dashboard as designed.
Notification permission. You can grant or revoke notification permission in iOS Settings.
Sign in with Apple. You can manage apps using Sign in with Apple in your Apple Account settings. Revoking Sign in with Apple may affect ZoneIn account functionality.
Hard Mode. If Hard Mode is enabled during an active block, app removal may be restricted device-wide until the block ends, an override is active, or ZoneIn otherwise clears the restriction.
Paid override control. You may purchase an override to temporarily lift active blocks. You may also use “Lock Back In” to end an override early and re-engage blocking.
Analytics controls. ZoneIn does not currently provide an in-app analytics opt-out. If a law later requires additional analytics choice or consent controls in a jurisdiction where ZoneIn is offered, ZoneIn will update its controls and this policy.
Delete local data. Deleting the app generally removes app-local data from your device, subject to iOS behavior and any active Hard Mode app-removal restriction. If ZoneIn is distributed through the App Store, it will include an in-app account-deletion initiation mechanism consistent with Apple requirements.

18. Privacy rights

To exercise privacy rights, email contact@tryzonein.com. We may need to verify your identity before fulfilling a request. Because ZoneIn stores most core app data locally and does not operate a first-party backend, some requests may require action on your device or may be limited to data held by third-party providers such as RevenueCat, Firebase, Apple, or support email systems.

We aim to respond within 30 days, unless a different statutory period applies. For example, GDPR requests are generally handled within one month, and CCPA requests may allow a 45-day period with a permitted extension.

Account deletion

Apple requires apps that support account creation to let users initiate account deletion within the app or through a direct in-app link to the deletion page. ZoneIn currently accepts account-deletion requests through Settings → Send Feedback and by email to contact@tryzonein.com. If ZoneIn is distributed through the App Store, the app will include a dedicated in-app account-deletion initiation mechanism consistent with Apple requirements.

You may also request account deletion by emailing contact@tryzonein.com. Deleting your ZoneIn account is intended to delete or de-identify ZoneIn-controlled account records and associated personal information that we are not legally required to retain. It may also require deleting local app data on your device and requesting deletion or de-identification from applicable processors where feasible.

Apple, RevenueCat, Firebase, and email providers may retain certain records under their own legal, fraud-prevention, tax, security, and operational requirements.

GDPR / UK GDPR rights

Where GDPR or UK GDPR applies to your use of ZoneIn, you may have the right to:

Access your personal data.
Correct inaccurate personal data.
Delete personal data.
Restrict processing.
Receive data portability.
Object to certain processing.
Withdraw consent where processing is based on consent.
Lodge a complaint with a supervisory authority.

Some rights depend on the legal basis for processing and the context of the request.

California rights under CCPA / CPRA

To the extent the CCPA/CPRA applies, California residents may have the right to:

Know what personal information we collect, use, disclose, sell, or share.
Access categories and specific pieces of personal information.
Delete personal information, subject to exceptions.
Correct inaccurate personal information.
Opt out of sale or sharing of personal information.
Limit use and disclosure of sensitive personal information, where applicable.
Not be discriminated against for exercising privacy rights.

ZoneIn does not sell personal information. ZoneIn does not share personal information for cross-context behavioral advertising. ZoneIn does not use sensitive personal information for purposes that require a right to limit under CCPA/CPRA, unless this policy is updated to say otherwise.

The ZoneIn app does not currently use browser-based Global Privacy Control signals because it is a native iOS app and does not sell or share app personal information for cross-context behavioral advertising. The website does not currently respond to Global Privacy Control signals.

Authorized agents

Where applicable law allows, you may use an authorized agent to submit a request. We may require proof of authorization and may ask you to verify your identity directly.

19. Children’s privacy

ZoneIn is a general-audience app. It is not designed for or marketed to children under 13, and the developers do not knowingly collect personal information from children under 13. ZoneIn is designed as a self-control tool for the device owner, not as a child-directed service or parental-control service.

If you are a parent or guardian and believe a child under 13 has provided personal information to ZoneIn, contact contact@tryzonein.com. We will take reasonable steps to delete the information promptly, subject to legal and technical limitations.

Minimum age / App Store availability for ZoneIn: 4+.

If ZoneIn later changes its audience, age settings, parental-consent flows, or availability to minors, this policy should be updated before launch of those changes.

20. International data transfers

ZoneIn may be made available worldwide, including in the European Union, European Economic Area, and United Kingdom. The controllers are located in New York, United States. Apple, RevenueCat, and Google/Firebase are based in the United States and may process data in the United States and other countries where they or their service providers operate.

If personal information is transferred from the European Economic Area, United Kingdom, Switzerland, or another region with international-transfer rules to the United States or another country, safeguards may include Standard Contractual Clauses, the UK International Data Transfer Agreement or UK Addendum, data processing agreements, vendor transfer safeguards, Data Privacy Framework certifications where applicable, or other legally recognized transfer mechanisms. We will also appoint an EU and/or UK representative where legally required.

21. Apple-specific disclosures

App Tracking Transparency

ZoneIn does not use App Tracking Transparency because ZoneIn does not track you across apps or websites owned by other companies for advertising or data-broker purposes. ZoneIn does not collect IDFA.

FamilyControls, Screen Time, and opaque tokens

ZoneIn uses Apple Screen Time and FamilyControls APIs. App and website selections are represented by opaque Apple tokens. ZoneIn does not receive readable names or URLs from these tokens and does not attempt to identify selected apps or websites for analytics or advertising.

Device-wide Hard Mode app-removal restriction

ZoneIn can use Apple ManagedSettings denyAppRemoval as part of Hard Mode. When active, this restriction can prevent app removal across the device. It is not limited to removal of ZoneIn. This behavior is part of how iOS ManagedSettings works.

Hard Mode is sensitive because it affects device control. ZoneIn should clearly explain the app-removal restriction before enabling it.

Remote behavior changes

ZoneIn can change limited behavior remotely through Firebase Remote Config without a new app binary. Remote configuration values are used for limited feature rollout, operational configuration, and product-experience adjustments. They are not intended to expose raw Screen Time selections or readable app or website choices to Firebase.

22. Data ZoneIn does not collect

Based on the current app design described to us, ZoneIn does not collect or access the following categories through the app:

Precise location or coarse location.
Contacts.
Photos or photo library.
Camera.
Microphone.
Calendar.
HealthKit or health data.
Bluetooth.
IDFA or advertising identifiers.
Crash reports through Crashlytics or another third-party crash-reporting SDK.
Cloud sync of local ZoneIn models.
Messaging, social sharing, or user-generated public content.
Raw Screen Time report uploads to a first-party ZoneIn server.

Apple may collect diagnostics, crash information, App Store purchase history, or other data under Apple’s own settings and policies. That is separate from ZoneIn’s collection.

23. Changes to this policy

We may update this Privacy Policy from time to time. When we update it, we will change the “Last updated” date at the top of tryzonein.com/privacy.

We will provide an in-app notice on next launch for policy updates. Material changes will be flagged more prominently where appropriate. Continued use of ZoneIn after the effective date of the updated policy means you accept the updated policy, unless applicable law requires a different form of notice or consent.

24. Contact

For privacy questions, data rights requests, account deletion requests, and support relating to this policy, contact:

Email: contact@tryzonein.com
Mail: PO Box 230150, 178 Columbus Ave, New York, NY 10023-9998, USA
Joint data controllers: Tash-had Saqif and Elijah Kajinic

25. Governing law

This Privacy Policy is governed by the laws of the State of New York, United States, without regard to conflict-of-law rules.

This governing-law clause does not limit privacy rights that cannot be waived under applicable law, including rights that may apply to California residents under the CCPA/CPRA or to EU/UK users where GDPR/UK GDPR applies.