Privacy Policy
Last updated: February 2026
1. Data Controller
Dominik Baumann
c/o COCENTER
Koppoldstr. 1
86551 Aichach
Germany
Email: info@chroniq.app
2. Overview
Chroniq is a progress tracking app (photos, measurements, habits, strength training). Protecting your data is our highest priority. This privacy policy explains what data is collected, how it is handled, and what rights you have.
3. Local Data Storage
All your content – photos, measurements, habits, workouts, and associated notes – is stored exclusively on your device in a local SQLite database. Media files (photos) are stored in the app's local file system. We do not have access to this data and your content is never transmitted to our servers.
App settings (e.g., language, sync options, subscription status) are stored locally via AsyncStorage on your device and are not shared with third parties.
4. Device Permissions
Chroniq may request the following device permissions depending on usage:
- Camera: To take photos for photo tracking. Photos are stored exclusively on your device and are not transmitted to external servers.
- Photo Library: To select existing photos from your gallery. Selected photos are copied to the app's local storage.
- Notifications: For local tracking reminders. Notifications are scheduled and delivered entirely on-device – no external push service is used.
All permissions are optional and are only requested when needed. You can revoke them at any time in your device's system settings.
5. iCloud Sync (Optional)
If you enable iCloud sync (Pro feature), backups of your database and photos are synchronized between your devices via Apple's encrypted iCloud infrastructure. Synchronization may also occur in the background (via Background Fetch), if permitted in your device settings.
We do not have access to data stored in iCloud. The use of iCloud is subject to Apple's Privacy Policy. You can disable iCloud sync at any time in the app settings.
Legal basis: Art. 6(1)(a) GDPR (consent by enabling the feature).
6. Contact Form (EmailJS)
When you use the contact form in the app, your input is forwarded to our email address info@chroniq.app via the service EmailJS (EmailJS Inc., USA).
The following data is transmitted to EmailJS:
- Your email address (as entered by you)
- Subject line
- Message text
Using the contact form is voluntary. This processing is based on Art. 6(1)(b) GDPR (pre-contractual measures or contact request). You can find EmailJS's privacy policy at emailjs.com/legal/privacy-policy.
7. In-App Purchases and Subscriptions (RevenueCat)
We use RevenueCat (RevenueCat Inc., USA) to manage subscriptions and in-app purchases.
The following data is processed by RevenueCat:
- An anonymous app user ID (no email, no name)
- Purchase information (product ID, purchase date, expiration date), provided by Apple or Google
- Subscription status (active/inactive)
No personal data such as name or email address is transmitted to RevenueCat. This processing is based on Art. 6(1)(b) GDPR (contract fulfillment). You can find RevenueCat's privacy policy at revenuecat.com/privacy.
8. Error Monitoring (Sentry)
To detect and fix app errors, we use the service Sentry (Functional Software Inc., USA). Data processing takes place on servers in the EU (Frankfurt, Germany).
When an app error occurs, the following technical information is automatically transmitted:
- Error message and stack trace
- Device type, operating system, and app version
- Timestamp of the error
No personal data is transmitted – the app is configured to prevent sending personally
identifiable information (sendDefaultPii: false). Content of your entries
(photos, measurements, notes) is never sent to Sentry.
Legal basis: Art. 6(1)(f) GDPR (legitimate interest in app stability and error resolution). You can find Sentry's privacy policy at sentry.io/privacy.
9. App Stores
The app is downloaded through the Apple App Store or Google Play Store. The respective store operators collect data (e.g., Apple ID, purchase history) over which we have no control. Please refer to the privacy policies of Apple and Google.
10. No Tracking, No Advertising
Chroniq does not use any tracking, analytics, or advertising SDKs (no Firebase Analytics, no Google Analytics, no Facebook SDK, etc.). We do not create user profiles, collect usage statistics, or share data with third parties for advertising purposes. Sentry is used exclusively for technical error resolution and not for analyzing user behavior.
11. Data Processing Overview
| Service | Data | Legal Basis | Server |
|---|---|---|---|
| Local Database | All user content | Art. 6(1)(b) | Device only |
| iCloud (Apple) | Backups, photos | Art. 6(1)(a) | Apple infrastructure |
| EmailJS | Email, subject, message | Art. 6(1)(b) | USA |
| RevenueCat | Anonymous ID, purchase data | Art. 6(1)(b) | USA |
| Sentry | Error messages, device data | Art. 6(1)(f) | EU (Frankfurt) |
| App Stores | Purchase data (Apple/Google) | Art. 6(1)(b) | Apple/Google |
12. Data Transfer to Third Countries
Some of the aforementioned services (EmailJS, RevenueCat) are based in the USA. Data transfers are carried out on the basis of the EU-US Data Privacy Framework or Standard Contractual Clauses (Art. 46(2)(c) GDPR). Sentry processes data exclusively on servers in the EU (Frankfurt).
13. Your Rights
Under the GDPR, you have the following rights:
- Access (Art. 15 GDPR): You can request information about your processed data.
- Rectification (Art. 16 GDPR): You can request correction of inaccurate data.
- Erasure (Art. 17 GDPR): You can request deletion of your data.
- Restriction (Art. 18 GDPR): You can request restriction of processing.
- Data Portability (Art. 20 GDPR): You can receive your data in a common format.
- Objection (Art. 21 GDPR): You can object to the processing of your data.
- Withdrawal of Consent (Art. 7(3) GDPR): You can withdraw consent (e.g., iCloud sync) at any time with future effect.
Since your data is primarily stored locally on your device, you have full control at all times. You can export your data using the CSV export feature or uninstall the app to delete all data.
For inquiries, please contact: info@chroniq.app
14. Right to Complain
You have the right to lodge a complaint with a data protection supervisory authority if you believe that the processing of your data violates the GDPR. The competent authority is the Bavarian State Office for Data Protection Supervision (BayLDA), www.lda.bayern.de.
15. Changes
We reserve the right to update this privacy policy as needed, for example when app functionality or legal requirements change. The current version is always available at chroniq.app/en/privacy.html.