NULL Memo

Effective Date: April 3, 2026

1. Overview

NULL Memo ("the App", "we", "our") is a memo application available on Android and iOS. This Privacy Policy explains how we handle your information when you use the App.

The short version: NULL Memo is an offline-first app. All memos and data you create are stored locally on your device and are never transmitted to our servers. We do not sell, share, or monetize your personal data.

2. Information We Do Not Collect

We do not collect, store, or have access to:

• The content of your memos, lists, or any data you enter into the App

• Your name, email address, or any personally identifiable information

• Your location

• Your contacts, photos, microphone, or camera data

• Any data from your device beyond what is described in Section 3 below

3. Information We Do Collect

We collect a limited set of technical data to ensure the App functions correctly and to improve the user experience. This falls into two categories:

3.1 Crash Reports (Sentry)

We use Sentry to automatically collect crash reports when the App encounters an error. This helps us identify and fix bugs. Sentry may collect:

• Device type, operating system version, and App version

• Stack traces and error logs at the time of a crash

• A randomly generated device identifier (not linked to your account or personal identity)

Sentry acts as a data processor on our behalf. Sentry is GDPR-compliant and processes data in accordance with its Privacy Policy and DPA documentation. Data is processed under the lawful basis of Legitimate Interests (Article 6(1)(f) GDPR) to maintain App stability.

3.2 Analytics (Mixpanel)

We use Mixpanel to collect anonymized usage analytics. This helps us understand how users interact with the App so we can make it better. We collect:

• Basic app events (e.g. app opened, page created, memo added, memo deleted)

• Device type and operating system version

• App version

• A randomly generated identifier (not linked to your account or personal identity)

We do not collect the content of any memos or user-generated text via Mixpanel. We do not use Mixpanel for advertising or user profiling.

Mixpanel is GDPR-compliant and offers a Data Processing Agreement (DPA) in accordance with EU regulations. For more information, see Mixpanel's Privacy Policy and GDPR compliance documentation. Data is processed under the lawful basis of Legitimate Interests (Article 6(1)(f) GDPR) to improve App functionality.

4. Data Storage and Security

All memos and user-generated content are stored exclusively on your device using Android local storage. This data never leaves your device and is not accessible to us.

Crash report and analytics data collected by Sentry and Mixpanel are stored on their respective servers, which are located within the European Economic Area (EEA) or subject to appropriate data transfer safeguards (e.g. Standard Contractual Clauses).

6. Your Rights Under GDPR (European Users)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have the following rights under the General Data Protection Regulation (GDPR):

• Right of access — you may request a copy of any personal data we hold about you

• Right to rectification — you may request correction of inaccurate data

• Right to erasure — you may request deletion of your data ("right to be forgotten")

• Right to restriction of processing — you may request that we limit how we process your data

• Right to data portability — you may request your data in a portable format

• Right to object — you may object to processing based on legitimate interests

Because we collect only anonymized, randomly-generated identifiers via Sentry and Mixpanel (not linked to your identity), it may not be possible to identify you specifically in their datasets. However, you may contact us at the address below and we will make every reasonable effort to assist.

7. Data Retention

Crash report data collected via Sentry is retained for 30 days by default.

Analytics data collected via Mixpanel is retained for a period consistent with Mixpanel's standard retention policy, and is used solely for aggregate analysis to improve the App.

User-generated content (your memos and lists) resides only on your device and is never transmitted to us. You may delete this data at any time by deleting the App.

8. Children's Privacy

The App is not directed at children under the age of 13 (or under 16 in certain EEA countries). We do not knowingly collect personal data from children. If you believe a child has provided us with personal information, please contact us and we will take steps to delete it.

9. Third-Party Services

The App uses the following third-party services:

Sentry — Crash reporting. Privacy Policy | DPA

Mixpanel — Usage analytics. Privacy Policy | GDPR

We do not use any advertising SDKs, social media trackers, or marketing platforms.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will update the effective date at the top of this document. We encourage you to review this policy periodically. Continued use of the App after any changes constitutes your acceptance of the updated policy.

11. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your data, please contact us at:

THE BORED STUDIO

Email: support@theboredstudio.com

Last updated: April 3, 2026