Privacy Policy
Introduction
ipsolabs ("we", "us", "our") operates the myAtlas application ("the App"). This Privacy Policy explains how we collect, use, and protect your information when you use the App.
Key principle: myAtlas is a local-first application. Your tasks, notes, and personal content are stored on your device and never transmitted to our servers unless you explicitly enable cloud sync.
Information We Collect
Information stored locally only (never sent to us)
- Tasks, notes, lists, and all content you create in the App
- Vault files (Markdown documents on your device)
- App preferences and settings
- Encryption keys (stored in your device's secure storage)
Information collected when you create an Ipso Account
If you choose to create an account (optional), we collect:
- Email address — used for account identification and password recovery
- Authentication tokens — managed by AWS Cognito for secure sign-in
- User ID — a unique identifier assigned to your account
Information collected when you subscribe to Pro
If you purchase a subscription, the following is processed by our payment provider:
- Subscription status — active, expired, trial, or cancelled
- Purchase receipts — processed by RevenueCat (our subscription management provider) and the respective app store (Apple App Store or Google Play)
- Anonymous subscriber ID — used to sync subscription status across devices
We do not receive or store your payment card details. All payment processing is handled by Apple or Google.
Information collected automatically
- Crash reports — sent to Sentry and Firebase Crashlytics to help us fix bugs. These may include device type, OS version, and stack traces. They do not include your personal content.
- Basic analytics — app launch events and feature usage patterns (anonymized)
How We Use Your Information
- Account management — to authenticate you and sync your subscription status across devices
- Subscription delivery — to verify your Pro subscription and enable paid features
- Bug fixing — to identify and resolve crashes and errors
- App improvement — to understand which features are used and improve the App
We do not:
- Sell your personal information to third parties
- Use your data for advertising
- Read, analyze, or access your local content (tasks, notes, files)
- Train AI models on your data
Cloud Sync (Optional Paid Feature)
If you enable cloud sync (Pro subscription):
- Your task data is encrypted on your device using AES-256-GCM before transmission
- Encrypted data is stored in AWS DynamoDB
- We cannot read your encrypted data — only your device holds the encryption key
- You can transfer your encryption key between devices via QR code
- Disabling cloud sync removes your data from our servers
Third-Party Services
We use the following third-party services:
| Service | Purpose | Data Shared | Privacy Policy |
|---|---|---|---|
| AWS Cognito | Authentication | Email, user ID | AWS Privacy |
| AWS DynamoDB | Cloud sync storage | Encrypted task data | AWS Privacy |
| RevenueCat | Subscription management | Anonymous subscriber ID, purchase receipts | RevenueCat Privacy |
| Sentry | Crash reporting | Device info, stack traces | Sentry Privacy |
| Firebase Crashlytics | Crash reporting | Device info, crash data | Google Privacy |
Data Retention
- Local data: Stored on your device indefinitely. You control deletion.
- Account data: Retained while your account is active. Deleted upon account deletion request.
- Subscription data: Retained by RevenueCat per their retention policy.
- Crash reports: Retained for 90 days by Sentry and Firebase.
Your Rights
You have the right to:
- Access your data — your local data is always accessible on your device
- Delete your account — use the "Delete Account" button in the App, which removes your Cognito identity and cloud data
- Export your data — your tasks are stored as standard Markdown files, which you can copy at any time
- Opt out of crash reporting — contact us at privacy@ipsolabs.io
GDPR (European Users)
If you are in the European Economic Area, you additionally have the right to:
- Request a copy of personal data we hold about you
- Request correction of inaccurate data
- Request restriction of processing
- Data portability (your data is already in portable Markdown format)
- Object to processing
- Lodge a complaint with a supervisory authority
CCPA (California Users)
California residents have the right to:
- Know what personal information is collected
- Request deletion of personal information
- Opt out of the sale of personal information (we do not sell personal information)
Children's Privacy
The App is not directed at children under 13. We do not knowingly collect information from children under 13. If you believe we have collected such information, contact us at privacy@ipsolabs.io.
Security
We implement industry-standard security measures:
- AES-256-GCM client-side encryption for cloud sync data
- TLS 1.2+ for all network communication
- AWS Cognito for secure authentication
- Encryption keys stored in platform-native secure storage (Keychain on iOS, Keystore on Android)
Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes through the App or by email.
Contact Us
For privacy-related questions or requests:
- Email: privacy@ipsolabs.io
- Website: https://ipsolabs.io/privacy