Privacy Policy

Last Updated: 9 May 2026

EN · TR

Summary

Back to Life is built around your privacy. Everything you enter into the app — your quit date, money saved, journal entries, achievements, and any personal notes — is stored only on your device. It is never sent to us or any third party.

The app does fetch its educational content (recovery stages, milestones, scientific information) from a Google Firebase server. That request, like any internet request, transmits standard technical data such as your IP address. No personal account, name, or email is ever collected or transmitted by the app.

Notifications are scheduled and delivered entirely on your device. We do not operate any server that knows who you are.

1. Who We Are (Data Controller)

Back to Life ("the App", "we", "our", "us") is operated by [DATA CONTROLLER NAME — e.g. Boran Karaca / KRC Group — REPLACE BEFORE SUBMISSION], located at [ADDRESS — REPLACE BEFORE SUBMISSION], Türkiye.

For any privacy-related question, you can reach us at [CONTACT EMAIL — REPLACE BEFORE SUBMISSION].

2. Information You Provide to the App

To make the App useful, you may enter information such as:

  • Your quit date (the date you stopped the behavior you are recovering from)
  • The amount of money you previously spent (used to calculate savings)
  • Personal notes, journal entries, goals, and reflections
  • Custom achievements or milestones you create

This information stays on your device. It is stored locally using your device's secure storage (AsyncStorage on iOS and Android). It is not uploaded to our servers, not shared with us, and not transmitted to any third party. We have no way to read, recover, or back up this data.

If you uninstall the App or reset your device, this data is permanently deleted. We recommend backing up your device through Apple iCloud or Google's standard backup mechanisms if you want this data to survive a device change.

3. Information Transmitted to Third Parties

Google Firebase (Cloud Firestore)

The App uses Google's Firebase Cloud Firestore service to deliver up-to-date educational content — for example, the descriptions of each recovery stage, milestone explanations, and the scientific basis behind the program. This is read-only: the App downloads content from Firebase but never sends your personal data to it.

When the App contacts Firebase, the following technical data is automatically transmitted to Google as the service operator:

  • Your IP address (as with any internet request)
  • An anonymous Firebase Installation ID (a random identifier used by the SDK to manage the connection)
  • Standard SDK telemetry such as App version, operating system, and device model

This data is processed by Google under the Firebase Data Processing and Security Terms and Google's own privacy policy. We do not link this technical data to any user identity, because the App does not collect a user identity in the first place.

Firebase servers may be located outside Türkiye and outside the European Union, including in the United States. Google relies on Standard Contractual Clauses and other lawful transfer mechanisms for international transfers.

Apple App Store / Google Play Store

When you download the App, the App Store or Google Play processes your purchase or download according to their own privacy policies, which are independent of ours.

What We Do Not Use

The App does not use:

  • Firebase Authentication (no user accounts, no sign-in)
  • Firebase Analytics or Google Analytics (no usage tracking)
  • Firebase Crashlytics or any other crash-reporting SDK
  • Advertising networks or ad SDKs
  • Cross-app or cross-website tracking

4. Notifications

The App can send you reminders and milestone notifications (for example, when you reach your first week, first month, or first year). These notifications are scheduled and delivered entirely on your device using the operating system's local notification system, based on the quit date you provide.

No push notification token, no device identifier, and no notification content is transmitted to us or to any third-party push service. You can disable notifications at any time from your device's system settings.

5. Legal Basis for Processing

To the extent that any limited processing of personal data takes place (such as Google receiving your IP address when content is fetched from Firebase), we rely on the following legal bases:

  • KVKK (Türkiye, Law No. 6698): Article 5(2)(f) — processing is necessary for the legitimate interests of the data controller, where this does not violate the fundamental rights and freedoms of the data subject (delivering up-to-date app content).
  • GDPR (EU, Regulation 2016/679): Article 6(1)(b) — processing necessary for the performance of a contract (providing the App's functionality), and Article 6(1)(f) — legitimate interests in operating and maintaining the App.

6. Your Rights

Under KVKK (Türkiye)

Under Article 11 of Law No. 6698 on the Protection of Personal Data, you have the right to:

  • Learn whether your personal data is being processed
  • Request information about how it is processed
  • Learn the purpose of processing and whether it is used in accordance with that purpose
  • Know the third parties to whom personal data is transferred, in Türkiye or abroad
  • Request correction of incomplete or inaccurate data
  • Request deletion or destruction of your personal data within the framework of the law
  • Object to a result analyzed exclusively through automated systems
  • Claim compensation for damages arising from unlawful processing

Under GDPR (European Union)

If you are in the European Union, you also have the right to:

  • Access your personal data (Article 15)
  • Rectify inaccurate data (Article 16)
  • Erase your personal data ("right to be forgotten", Article 17)
  • Restrict processing (Article 18)
  • Receive your data in a portable format (Article 20)
  • Object to processing (Article 21)
  • Lodge a complaint with your local supervisory authority

Because we do not operate a server that holds your personal data, in practice most of these rights are exercised directly through your device: you can view, edit, and delete all your data inside the App, and uninstalling the App permanently erases it. For requests relating to data held by Google as our processor, please contact us at [CONTACT EMAIL — REPLACE BEFORE SUBMISSION] and we will assist where possible.

7. Data Retention

Data you enter into the App is retained on your device until you delete it inside the App or uninstall the App. Technical data transmitted to Google Firebase is retained according to Google's Firebase data retention practices.

8. Security

The App relies on the security mechanisms of your device's operating system to protect locally stored data. Communication with Firebase is encrypted in transit using HTTPS/TLS. Because we do not operate a backend that stores personal data, the most common categories of data breach (server compromise, credential theft) do not apply to your personal information.

9. Children's Privacy

The App is intended for adults. It is not directed to children under 13, and we do not knowingly collect personal data from children. If you are a parent or guardian and believe a child has used the App, you can simply uninstall it to permanently remove all related data from the device.

10. Changes to This Policy

We may update this Privacy Policy from time to time, for example when we add new features or new third-party services. We will update the "Last Updated" date at the top of this page. For material changes, we will make reasonable efforts to notify users through the App or this website.

11. Contact

If you have any questions, comments, or requests regarding this Privacy Policy or your personal data, please contact us at:

Email: [CONTACT EMAIL — REPLACE BEFORE SUBMISSION]
Address: [ADDRESS — REPLACE BEFORE SUBMISSION], Türkiye

← Back to Home