This Privacy Policy describes how the mobile application Cove ("Cove", "the app", "we", "us", or "our"), published by [OWNER_LEGAL_NAME], handles information when you use it on iOS or Android.
The canonical, publicly-hosted version of this document lives at [POLICY_URL]. If anything below conflicts with the hosted version, the hosted version wins.
You can stop all of the above at any time by uninstalling the app.
The following is created and stored only on your phone or tablet, in
storage managed by the operating system (Apple Keychain / Android
Keystore via expo-secure-store, and the OS sandboxed
app-data directory via AsyncStorage). It is
not transmitted to us or to any third party.
| Category | Examples | Storage location |
|---|---|---|
| App preferences | Theme selection, last-used shell, audio volume | Device-local |
| Listening history | Which shells you've played and for how long, locally aggregated | Device-local |
| Session state | Currently-loaded shell, playback state | Device-local |
Uninstalling Cove deletes all of the above.
The only data that leaves your device is diagnostic telemetry sent to our error-monitoring sub-processor, Sentry (operated by Functional Software, Inc.). This is what we receive:
| Field | Contents | Purpose |
|---|---|---|
| Crash reports | Stack traces, OS version, device model, app version, build number, the time of the crash | Diagnose and fix crashes |
| Performance traces | Anonymized timing data for ~20% of app sessions (route names, transaction durations, JS frame drops) | Identify and fix performance regressions |
| Session metadata | Anonymous session start/end, whether the session ended in a crash | Calculate crash-free-session rates |
| Network metadata | The IP address Sentry's servers observe from the connection (Sentry retains this only briefly for anti-abuse and geographic aggregation; it is not used by us to identify you) | Operational/security needs of the telemetry pipeline |
We do not attach a user identifier, email, name, advertising ID, or any other directly-identifying value to these reports. We do not enable Sentry's session-replay product. We do not use Sentry's profiling product for user fingerprinting.
Sentry's own privacy practices are documented at sentry.io/privacy and they are GDPR- and CCPA-aligned. Sentry acts as our data processor for this telemetry.
For clarity, Cove specifically does not collect:
We do not embed any third-party advertising SDKs, marketing trackers, or social-media tracking pixels.
The app declares only the minimum permissions it needs to play ambient sound. None of these permissions cause any personal data to leave your device.
MODIFY_AUDIO_SETTINGS) #UIBackgroundModes: audio) #
Cove does not request the camera, microphone, location, contacts, photo
library, calendar, Bluetooth-scanning, or notification permissions. On
Android, the CAMERA and RECORD_AUDIO permissions
are explicitly blocked in the app manifest so that no transitive
dependency can quietly request them. If a future release ever needs one
of these permissions, this policy will be updated before
that release ships, and you will be asked for the permission at runtime.
Where the EU/UK General Data Protection Regulation applies, the lawful bases on which we process the limited data described above are:
You have the rights described in §7 regardless of legal basis.
The Sentry infrastructure that receives the telemetry described in §2.2 may store data in the United States and/or the European Union, depending on Sentry's project configuration. Where data about EU/UK users is transferred to the United States, the transfer relies on Sentry's Standard Contractual Clauses with us and on its participation in applicable data-transfer frameworks. A copy of the SCCs is available on request at [CONTACT_EMAIL].
| Category | Retention |
|---|---|
| On-device preferences and listening history | Until you uninstall Cove or clear app data |
| Crash and performance telemetry in Sentry | Up to 90 days, then automatically deleted by Sentry's default retention policy |
| Aggregated, non-identifying metrics derived from telemetry (e.g. "crash-free session rate by app version") | May be retained indefinitely in summarized form |
| Support emails you send us | Up to 24 months after the conversation ends, then deleted |
Depending on where you live, you have some or all of the following rights with respect to the limited data described in this policy:
Because Cove does not assign you a user ID, the only practical way for us to locate diagnostic events tied to your device in Sentry is for you to send us, from your device, a copy of the Sentry installation ID (visible in the app at Settings → About → Diagnostics ID, if exposed in your build) or an approximate window of time, device model, and app version. Send this information to [CONTACT_EMAIL] and we will action the request within 30 days.
California residents have additional rights under the CCPA / CPRA: we do not sell or "share" personal information as those terms are defined by California law, and we have not done so in the preceding 12 months.
Cove is not directed to children under 13 (or under 16 in the EEA, where local law sets the threshold higher). We do not knowingly collect personal information from children. The app contains no in-app purchases, no advertising, no chat, and no user-to-user communication.
If you are a parent or guardian and believe your child has used the app in a way that caused us to receive any data, contact us at [CONTACT_EMAIL] and we will delete the corresponding diagnostic records.
The telemetry described in §2.2 is transmitted to Sentry over TLS 1.2+ HTTPS. On-device data is held in storage that the operating system isolates per-app (the iOS Data Protection Class and the Android app-private directory). We do not operate any backend servers that hold data about you.
No system is ever perfectly secure, and we cannot guarantee that unauthorized parties will never circumvent the protections above. We will notify affected users without undue delay if we become aware of a data breach that materially affects them.
The following sub-processors may receive data described in §2.2:
| Sub-processor | Purpose | Privacy policy |
|---|---|---|
| Sentry (Functional Software, Inc.) | Crash and performance diagnostics | sentry.io/privacy |
| Apple Inc. | App distribution via the App Store; on-device APIs and crash logs if you opted in to "Share with Developers" in iOS Settings | apple.com/legal/privacy |
| Google LLC | App distribution via Google Play; Play Console's anonymized install/crash counts visible to us as the developer | policies.google.com/privacy |
App-Store and Play-Console anonymized analytics (download counts, crash counts, retention curves) are produced by Apple and Google respectively and are not under our control; they are governed by Apple's and Google's own privacy policies.
We may update this policy from time to time. When we do, we will change the Last updated date at the top, and — for material changes — we will alert you on next launch of the app via an in-app notice. Continued use of the app after a change indicates your acceptance of the updated policy.
The version history of this document is published alongside it at [POLICY_URL].
If you have any question, request, or complaint about this Privacy Policy or about Cove's handling of data:
We aim to respond to privacy requests within 7 days and to action them within 30 days, in line with GDPR Art. 12(3).