Privacy Policy
Effective Date: December 14, 2025
Version: 1.2 (last updated June 5, 2018 – revised 2025)
Norman Norris (“we”, “us”, or “Norman”) respects the privacy of all users (“you”, “users”, or “Data Subject”). This Privacy Policy explains how we collect, use, disclose, and protect personal information when you use any of our iOS applications or related services (collectively, the “Products”).
1. What Information We Collect
a. Personal Information You Provide Directly
- Name, email address, phone number, mailing address, birthday, profile picture.
- Account credentials (username, password, Apple Account token if you sign‑in with “Sign in with Apple”).
b. Information Collected Automatically (Device & Usage)
- Device identifier, IP address, OS version, device type, IDFA/IDFV (with ATT consent), location data (if you enable location services).
- Usage logs, crash reports, in‑app events, click‑stream data, session duration.
c. Information Collected from Third‑Party Sources
- Data received when you link a social media account or other external service to our Products.
d. AI / Machine‑Learning Data (New Section)
- On‑device processing: No data leaves your device.
- Cloud processing: Only anonymized or pseudo-anonymized data is transmitted, and you can disable the feature in Settings.
- Consent: The first time an AI feature is used, a system‑generated permission prompt will ask for your consent. You may opt out at any time.
e. Cookies, Pixels, Web Beacons
We may use cookies and similar technologies to remember your preferences, analyse traffic, and deliver personalized advertising (subject to ATT consent).
2. How We Use Your Information
| Purpose | Example |
|---|---|
| Provide & maintain Products | Account creation, login, push notifications. |
| Analytics & improvement | Crash reporting, usage statistics, A/B testing. |
| Personalisation / AI features | Tailor suggestions based on your interaction patterns. |
| Marketing & communications | Send newsletters, promotional offers (you can opt‑out). |
| Legal compliance & protection | Respond to lawful requests, protect against fraud. |
3. Legal Bases for Processing (GDPR)
| Basis | When Used |
|---|---|
| Consent | AI feature data, marketing emails (opt‑in). |
| Contract performance | Providing the product you purchased. |
| Legal obligation | Retaining records for tax/compliance. |
| Legitimate interests | Security monitoring, product improvement. |
| Vital interests | Protecting you or others from harm. |
| Public task | Responding to a legal request. |
4. Sharing Your Information
- Service providers (hosting, analytics, payment processors) – only as necessary for the purpose you agreed to.
- Legal requirements (court orders, subpoenas).
- Business transfers (mergers, acquisitions) – with the same privacy protections.
- Third‑party advertisers (only aggregated, non‑identifiable data; no personal identifiers unless you opt‑in).
5. International Data Transfers
Your information may be stored or processed in the United States, the European Economic Area, or other jurisdictions. We rely on Standard Contractual Clauses (SCCs) and other appropriate safeguards for any cross‑border transfers.
6. Your Rights (GDPR & CCPA)
- Access, rectify, erase, restrict, or port your personal data.
- Withdraw consent at any time (including AI feature processing).
- Do‑Not‑Sell My Personal Information (California residents) – send a request to
[email protected].
7. Data Retention
We retain personal data only for as long as necessary to:
- Provide the Product;
- Fulfil legal obligations;
- Resolve disputes or enforce agreements;
- Conduct analytics and improve services.
Typical retention periods:
- Account data – until account deletion request.
- Analytics logs – up to 24 months (anonymised after that).
8. Security of Your Information
We implement reasonable administrative, technical, and physical safeguards:
- TLS 1.2+ encryption for data in transit;
- Encryption at rest for any stored identifiers;
- Access limited to authorized personnel only.
Note: No security measure is 100 % fool‑proof; we cannot guarantee absolute protection.
9. Data Breach Notification
If a breach affecting your personal data occurs, we will:
- Notify you via email within 72 hours of discovery (or sooner if required by law).
- Provide details on the nature of the breach, data involved, and steps you can take to protect yourself.
10. Cookies & Tracking Technologies
We may use:
- Session cookies (expire when you close the app).
- Persistent cookies (retain preferences, analytics).
You may disable or delete cookies in iOS Settings → Safari → Block Cookies. Note that disabling certain cookies may affect app functionality.
11. Children’s Privacy (COPPA)
Our Products are not directed to children under 13. We do not knowingly collect personal data from children under 13. If we learn that such data has been collected, we will delete it promptly upon request.
12. Third‑Party Links
Our apps may contain links to external sites. This policy does not apply to those sites; please review each site’s own privacy notices.
13. Revision History
| Version | Date | Summary of Changes |
|---|---|---|
| 1.0 | 2018‑06‑05 | Original policy (text only). |
| 1.1 | 2023‑09‑12 | Added AI clause, GDPR basis table, security improvements. |
| 1.2 | 2025‑12‑14 | Added ATT/IDFA disclosure, CCPA “Do‑Not‑Sell”, data‑breach notice, markdown formatting. |
14. Contact Information
Norman Norris
Website: https://normnorris.com/privacy-policy/
Email: [email protected]
If you have any questions, concerns, or wish to exercise your data‑subject rights, please contact us using the email address above.
This privacy policy was last updated on December 14, 2025.