Privacy Policy

1. Who we are

Moodmelon is an Android application published by Lite Developers ("we", "us", "our"). You can reach us at support@litedevs.com.

This policy describes what the Moodmelon Android app does with your data, the limited cases in which data leaves your device, and the choices you have.

2. What information the app handles

2.1 Information you create in the app

When you use Moodmelon, you may create:

• Mood entries (a mood label, intensity, optional note, and date)
• Your display name (used only to greet you within the app)
• Reminder time and other app preferences
• An optional app-lock state (biometric or device credential)

This information is stored locally on your device using Android's standard application storage. It is sandboxed to Moodmelon — other apps cannot read it. The app does not transmit this information to us or to any third party.

2.2 Diagnostics (only if you opt in)

Moodmelon does not operate its own backend, user accounts, or login system. The app does not receive your mood entries, notes, or name.

The first-run onboarding asks once whether you want to share diagnostic data. The default is off: if you tap "Not now", the app sends nothing. If you opt in (during onboarding or later from Settings → Privacy & lock → Share anonymous diagnostics), the app sends a limited set of diagnostic signals to Google Firebase on our behalf:

• Crash reports — stack traces of uncaught exceptions, plus device model, Android version, and app version.
• Performance metrics — cold-start latency, screen render time, and other aggregate timing data.
• Aggregate usage counters — which screens were opened and approximate session length. No content from any entry.

The app does not include the following in any diagnostic signal: your name, your mood notes, mood labels, intensities, dates, or any text you typed into the app.

The setting is the only switch that controls this. Development builds short-circuit and send nothing regardless of the setting.

The diagnostic data is technically pseudonymous rather than strictly anonymous — Google's SDK assigns a randomly generated app-instance identifier and Firebase servers observe your IP address at the moment of transmission. We have configured the SDK to not collect the Android Advertising ID or the Android Settings ID (SSAID), and we do not associate diagnostic data with any account or contact information (we do not collect any).

Where GDPR or UK GDPR applies, the legal basis for processing diagnostic data is your consent (Art. 6(1)(a)), which you can withdraw at any time from the setting above.

3. Permissions the app uses

• Notifications — to deliver the daily check-in reminder you opt into. Reminders are scheduled locally on your device; the app does not push notifications from a server.
• Biometric — if you enable App Lock, Android's biometric framework verifies your fingerprint or face on the device. Biometric data is never made available to Moodmelon.
• Storage access (when you export/import) — used only at the moment you tap Export or Import. The Android Storage Access Framework picks the file location and Moodmelon writes or reads a single JSON/CSV file you control.
• Network access — used only by the optional features that need it: Google Play in-app updates/review, and the Firebase diagnostics described in §2.2 (if you have left the setting on). The core mood-logging experience works offline.
• Run at boot — used to reschedule your daily reminder after the device restarts. The app does not read or transmit any data at boot.

4. Third-party services

Moodmelon uses a small number of Google-provided libraries. The Firebase libraries listed in §4.2 transmit data only if you have opted in via the diagnostics setting (§2.2). The Play services in §4.1 do not transmit data about your entries.

4.1 Google Play services

• Play In-App Review API — surfaces Google's native review prompt inside the app.
• Play In-App Update API — checks whether a newer version of the app is available on Google Play.

These calls are governed by the Google Privacy Policy and the Google Terms of Service.

4.2 Firebase — diagnostics (opt-in, default off)

When you opt in to diagnostics during onboarding or via the Privacy settings, the app uses three Firebase products operated by Google to send the signals listed in §2.2:

• Firebase Crashlytics — receives stack traces of uncaught exceptions so we can investigate crashes. The trace includes Android version, device model, and app version.
• Firebase Performance Monitoring — receives aggregate timing data such as cold-start latency and screen-load time.
• Firebase Analytics — receives aggregate event counters (which screens were opened, session length). We have disabled the SDK's collection of the Android Advertising ID, the Android Settings ID (SSAID), and ad-personalization signals.

Data sent to Firebase is processed on Google's infrastructure under the Firebase Privacy and Security Information page and Google's privacy policy. Processing may occur on servers outside your country.

Retention. Google retains Firebase Analytics event data for a default period (currently up to 14 months for event data and up to 60 days for user-level identifiers, subject to Google's own configuration). Crashlytics retains crash data for up to 90 days. We do not extend these defaults.

When you toggle diagnostics off in Settings → Privacy & lock, the app immediately calls each SDK's disable method at runtime; nothing further is sent until you toggle it back on.

4.3 Custom Tabs

When you open this privacy policy or a license link from within the app, the app hands the URL to your default browser via Android Custom Tabs. The browser, not Moodmelon, handles the page load under its own privacy policy.

4.4 Firebase Hosting (this website)

This privacy policy and the moodmelon.litedevs.com marketing site are served by Google Firebase Hosting. Firebase Hosting may log standard request information such as your IP address, user-agent string, and requested URL for the operational and security purposes described in Google's documentation. We do not run separate analytics on the website.

5. Export, import, and backups

You can export all your data to a JSON or CSV file from Settings → Export & privacy. The file is written to a location you pick using the Android Storage Access Framework. Once it leaves the app, its handling is controlled by you and by whatever service or app receives it.

Import works the same way in reverse: you pick a file, and Moodmelon reads it into the local database.

Android's Allow Backup flag is disabled, so your entries are not included in Google Drive automatic backups. They live only on the device you created them on. If you uninstall Moodmelon without exporting first, your entries are deleted.

6. Children's privacy

Moodmelon is not directed at children under 13 (or the equivalent minimum age in your jurisdiction). We do not knowingly collect information from children.

7. Security

Mood entries are stored in Moodmelon's private application storage, which Android keeps isolated from other apps on the device. You may add a further layer by enabling App Lock under Settings → Privacy & lock, which requires biometric or device-credential authentication before the app contents can be viewed.

No security measure is perfect. The contents of your entries are also subject to your device's general security posture (your screen lock, OS updates, the apps you grant accessibility access, and so on), which remain your responsibility.

8. Your rights

Because the app does not transmit your entry content to us, the practical exercise of your rights happens on your device:

• Access: view all entries in the History and Calendar screens.
• Portability: export to JSON or CSV via Settings → Export & privacy.
• Deletion: delete individual entries from the History screen, or remove all data by uninstalling the app or using Settings → Delete all data.
• Opt out of diagnostics: toggle off Settings → Privacy & lock → Share anonymous diagnostics. Future sessions will not send diagnostic data to Firebase.
• Withdraw consent: revoke notification or biometric permissions at any time from the system settings.

No sale or sharing. We do not sell or "share" personal information as those terms are defined under the CCPA/CPRA, and we do not engage in cross-context behavioural advertising.

Complaints. If you are in the EEA, the UK, or another jurisdiction with a data-protection authority, you have the right to lodge a complaint with that authority. For other questions or requests under GDPR, UK GDPR, CCPA/CPRA, LGPD, India's DPDP Act, or another applicable framework, email support@litedevs.com and we will respond within the timeframes required by that framework.

9. International transfers

The contents of your entries do not leave your device. If you have left the diagnostics setting on (§2.2 / §4.2), the diagnostic signals are processed by Google on Firebase infrastructure, which may be located outside your country. Google's separate processing of telemetry from Play services may likewise involve infrastructure outside your country, governed by Google's own policies and (where relevant) Standard Contractual Clauses and adequacy mechanisms.

10. Changes to this policy

If we materially change how the app handles data — for example, if a future version introduces advertising, cloud sync, an account system, or expands what is collected under the diagnostics setting — we will publish a revised policy here, update the "Last updated" date below, and where appropriate prompt you within the app before the new behaviour takes effect.

11. Contact

Questions, requests, or concerns: support@litedevs.com.