Privacy Policy

Scope of This Policy

This Policy covers the Cedar iOS application and any in-app content presented within it. It does not cover third-party services, external websites, or other Seampli products, each of which are governed by their own policies.

Information We Collect

a. Information You Enter Into the App
Cedar lets you log session activity (sauna and cold-plunge entries), durations, optional environmental values such as temperature and humidity, an optional category label (Home, Gym, or Other), optional notes, and your in-app preferences. You may also send us feedback or messages at support@seampli.app.

Everything you enter is stored locally on your device using Apple's standard on-device storage. Cedar does not transmit any of it to Seampli's systems, because Seampli does not operate any servers that receive Cedar data.

b. Standard iOS and App Store Information
Cedar does not include any analytics, telemetry, advertising, or tracking SDKs. The only information that may be collected in connection with your use of Cedar comes from Apple's iOS platform and App Store, which apply to all apps and which you control through your device:

• App Store download and install records (visible to Seampli only as aggregate counts)
• Standard iOS crash diagnostics, which are only shared with developers if you have enabled "Share With App Developers" in Settings → Privacy & Security → Analytics & Improvements
• Device type, operating system version, and app version, where Apple includes these in the above

This information is collected and de-identified by Apple before any of it ever reaches Seampli. Seampli has no ability to tie it to an individual user. If you turn off iOS analytics sharing, none of this reaches us at all.

Health-Related Data

Cedar may collect information that could be considered health-related, such as activity durations and entries you choose to log. We treat this category of data with particular care:

• Stored only on your device. Health-related entries never leave your iPhone or iPad unless you explicitly choose to export them through the App's "Export data" feature, which uses Apple's standard share sheet to send a copy to a destination you select (such as Files, Mail, or another app you have installed). What happens to the exported copy after that is governed by the destination you choose.
• No cloud sync. Cedar does not operate a cloud sync service. Your entries are not synced to Seampli, to any third party, or to any other device.
• Not shared with Apple Health. Cedar does not integrate with Apple Health (HealthKit) and does not read from or write to any HealthKit data store.
• You can delete it at any time. Removing entries within the App, or deleting the App from your device, removes the associated data from your device.

Because Cedar does not transmit health-related data off your device, breaches or unauthorized access to Seampli systems cannot expose your records. Your data is only as secure as your device.

On-Device Storage

All data you enter into Cedar is stored in your device's local app container using Apple-provided storage mechanisms. This data:

• Is accessible only to Cedar on your device
• Is removed when you uninstall the App
• Is not backed up to any Seampli system
• May be included in your device's iCloud or iTunes/Finder backups if you have those features enabled — these backups are managed entirely by Apple under Apple's Privacy Policy

How We Use Information & Legal Bases

Because Cedar does not transmit your activity data and does not include any analytics, telemetry, or advertising SDKs, the only information Seampli ever has about you in practice is (a) any support email you choose to send us, and (b) the aggregate, de-identified iOS data Apple makes available to all developers of all apps. We use these for the following purposes:

• Responding to support inquiries you initiate
• Diagnosing crashes and bugs reported through Apple's standard iOS systems
• Understanding aggregate App Store performance (downloads, app version distribution)
• Improving the App and fixing issues in future updates
• Meeting legal, regulatory, or App Store obligations

For users in the EU, EEA, and UK, our legal bases for processing under GDPR are: (a) your consent, where you provide it (for example, by emailing us, or by enabling iOS analytics sharing); (b) our legitimate interests in maintaining a stable, secure, functional App and responding to support requests, balanced against your privacy interests; and (c) compliance with legal obligations where applicable.

We do not sell, rent, share, or trade any user data. We do not use the App to profile users, build advertising audiences, target advertising, or track you across other apps or websites. Cedar does not display advertising of any kind. We do not engage in automated decision-making or profiling that produces legal or similarly significant effects on you.

Permissions We Request

Cedar does not request any device permissions. The App does not access your contacts, photos, microphone, camera, location, Apple Health (HealthKit), motion data, notifications, calendar, or any other protected device resource. The only system-level integration the App uses is haptic feedback, which does not require a permission prompt.

Third-Party Services

Cedar's only third-party dependency is Apple, which is required to distribute the App through the App Store and to run on your device:

• Apple (App Store, iOS, App Store Connect). Required for app distribution and standard iOS operations. Apple's handling of any data is governed by Apple's Privacy Policy.

Cedar does not integrate any advertising networks, third-party analytics SDKs, attribution frameworks, social-login providers, or user-tracking frameworks. There are no third-party domains the App contacts during normal use.

Data Retention

• App data: Stored on your device until you delete it or uninstall the App. Seampli has no copy and no ability to retain it.
• Support emails: Retained up to 24 months for the purposes of responding to and managing user inquiries and maintaining records of resolved issues, then deleted.
• iOS-level diagnostics: Any de-identified information Apple collects through standard iOS systems is retained by Apple under Apple's own retention rules, outside of Seampli's control.

Where applicable law requires longer retention (for example, to defend a legal claim or comply with a regulatory order), we may retain limited information for the period required by that law.

Your Rights & Choices

Because Cedar keeps your personal data on your device, most privacy rights can be exercised directly by you:

• Access: All data you have entered is viewable within the App
• Correction: Edit or delete individual entries from within the App
• Deletion: Remove entries within the App, or delete the App to remove everything at once
• Portability: You may request support if you would like a copy of any data we hold about your interactions with us (typically limited to support correspondence)
• Withdraw consent: Where our processing is based on your consent, you may withdraw that consent at any time, including by adjusting your iOS analytics-sharing settings or contacting us

To exercise any of these rights with respect to information we hold (such as support correspondence), contact us at support@seampli.app. We respond to verifiable requests within the timeframe required by applicable law (typically 30–45 days).

EU, EEA, and UK Disclosures (GDPR)

If you are located in the European Union, European Economic Area, United Kingdom, or Switzerland, the following applies in addition to the rest of this Policy.

Data controller. Seampli LLC is the data controller for the limited information described in this Policy. You may contact us at support@seampli.app for any GDPR-related question.

Legal bases for processing are set out in Section 5 above (consent, legitimate interest, and legal obligation, depending on the activity).

Your rights under GDPR include:

• The right of access — to know what personal data we hold about you
• The right to rectification — to correct inaccurate or incomplete data
• The right to erasure ("right to be forgotten") — to have your data deleted, subject to certain exceptions
• The right to restrict processing — to ask us to limit how we process your data
• The right to data portability — to receive your data in a machine-readable format and transmit it elsewhere
• The right to object — to object to processing based on our legitimate interests
• The right to withdraw consent — at any time, where processing is based on consent
• The right to lodge a complaint — with your local data protection authority (DPA) or the UK Information Commissioner's Office

Because the App stores your activity locally on your device and does not transmit it to our servers, most of these rights are exercised directly by you within the App (by viewing, editing, deleting, or uninstalling). For information we hold off-device (such as support email), email us to make a request and we will respond within 30 days, with a possible extension where the request is complex.

International Data Transfers

Seampli LLC is based in the United States. Apple processes App Store, App Analytics, and crash diagnostic data on infrastructure that may be located outside your country, including in the United States. Apple maintains its own legal frameworks (including, where applicable, Standard Contractual Clauses and the EU–U.S. Data Privacy Framework) to govern these transfers. Where you contact us at our support email, your message will be received and processed in the United States. By using Cedar or contacting us, you understand that this limited information may be processed outside your country of residence.

Data Breach Notification

Because Cedar stores your activity entries locally on your device and does not transmit them to Seampli's systems, a breach of Seampli's systems cannot expose those entries. The information we do hold off-device (limited support correspondence and de-identified analytics from Apple) is small in scope. In the unlikely event of a security incident affecting personal information we hold, we will notify affected users without undue delay, and where required by applicable law (including GDPR's 72-hour rule and U.S. state breach notification laws) we will notify the appropriate regulators within the timeframes required.

Security

Data stored locally by Cedar is protected by iOS's built-in app-sandboxing and device-level security features (such as your device passcode and Face ID/Touch ID if enabled). Support communications are transmitted over TLS-encrypted channels. While no system is perfectly secure, we rely on Apple's platform protections and industry-standard practices for the limited data we handle.

Children's Privacy

Cedar is intended for adults aged 18 and older. The App is not directed to children, is not designed for children, and is gated behind an in-app age confirmation that requires users to confirm they are at least 18 before they can use it. Sauna, heat, and cold-water immersion activities are not appropriate for children or adolescents.

Consistent with the U.S. Children's Online Privacy Protection Act ("COPPA"), Seampli does not knowingly collect personal information from children under 13. If a parent or guardian believes a child under 13 has used Cedar or provided information to us, please contact support@seampli.app and we will take prompt steps to delete any such information.

Updates to This Policy

We may update this Privacy Policy from time to time. The current version will always be available at seampli.app/cedar/privacy. Material changes will be communicated in-app or through the App Store update notes. Continued use of the App after a policy update constitutes acceptance of the revised Policy.

Contact Us