READ

Latest Policy

Privacy Policy

1) Information about the Collection of Personal Data and Contact Details of the Controller

1.1 General Information

We are pleased that you are using a product published or operated by Unlock Futurix Ltd (hereinafter referred to as the “Product”, “Application”, “App”, or “Service”, as applicable).

In the following provisions, we inform you comprehensively about the processing of your personal data when using our Products and related services.

For the purposes of this Privacy Policy, “Products” means all mobile applications, desktop applications, web applications, browser-based tools, software products, utilities, platforms, website features, APIs, downloadable resources, digital products, and related services made available by Unlock Futurix Ltd.

This Privacy Policy applies to all Products published, operated, distributed, licensed, or otherwise made available by Unlock Futurix Ltd, including but not limited to:

  • Pastey

  • Finance Tracker & Budgeting

  • Habitizer

  • Subio

  • SoftVM

and any other application, software product, or digital service that Unlock Futurix Ltd publishes now or in the future, unless a separate privacy policy is expressly provided for a specific Product.

Personal data means any information relating to an identified or identifiable natural person. An identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, online identifier, or other characteristics specific to that person’s identity.

1.2 Controller

The controller responsible for the processing of personal data within the meaning of the United Kingdom General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 is:

Unlock Futurix Ltd
71–75 Shelton Street
Covent Garden
London
WC2H 9JQ
United Kingdom

Email: support@unlockfuturix.com

The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.

1.3 Security and Encryption

For reasons of security and in order to protect the transmission of personal data and other confidential content, including inquiries to the controller, our Products use encryption technologies and industry-standard security measures where data is transmitted, including technologies such as TLS and HTTPS where applicable.

In addition, we implement appropriate technical and organisational safeguards designed to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or unauthorised access.


2) Contact

When contacting us, for example via email, contact forms on our website, embedded Tally forms, or the Tawk.to live chat widget, personal data will be collected. Which data is collected depends on the information you provide in your communication.

This data may include:

  • your name

  • your email address

  • the content of your message

  • attachments or any additional information voluntarily provided by you

This data is stored and used exclusively for the purpose of answering your request, contacting you, and the associated technical and administrative processing.

Where you contact us via our embedded Tally form or via the Tawk.to live chat widget, we may collect your name, email address, and the content of your message solely for the purpose of following up on your support inquiry. Such information is never used for advertising, profiling, or unrelated marketing purposes.

The legal basis for the processing of this data is our legitimate interest in responding to your request pursuant to Article 6(1)(f) UK GDPR. If your contact is aimed at concluding or performing a contract, the additional legal basis for processing is Article 6(1)(b) UK GDPR.

Your data will be deleted once your request has been fully answered, provided that no statutory retention obligations apply and provided that no legitimate continuing need for the data remains.


3) Categories of Data We Process

3.1 No User Accounts

Many of our Products do not require you to create a personal account or register an identity with us.

Where a Product does not require account creation, we do not collect or store account data such as:

  • names

  • email addresses

  • passwords

  • user profiles

unless such information is voluntarily provided by you, for example when contacting support.

3.2 Data Stored Locally on Your Device

Some Products allow you to create, enter, import, store, organise, or manage user content and application data locally on your device.

Depending on the Product, this may include:

  • text

  • notes

  • images

  • links

  • code snippets

  • subscription entries

  • prices

  • billing cycles

  • renewal dates

  • reminders

  • categories

  • tags

  • documents

  • extracted text

  • other user-generated content

Where applicable, such data is stored locally on your device and is not transmitted to us unless you explicitly share it with us, for example for support purposes.

3.3 Product-Specific Local Data Examples

Certain Products are designed with a privacy-first architecture and process most or all user content locally on the device.

For example:

  • Subio may store subscription-related information locally on your device, including subscription names, prices, billing cycles, renewal dates, notes, and categories.

  • Pastey may store text, images, links, code snippets, and other clipboard-related or saved content locally on your device and, where enabled by you, within your Apple iCloud environment.

  • Habitizer may store habit-related entries, routines, check-ins, progress records, reminders, and other productivity data locally on your device.

  • Finance Tracker & Budgeting may store budgeting records, categories, entries, totals, planning data, or other financial tracking information locally on your device.

  • SoftVM may store technical configuration data, usage preferences, and local workspace data on your device depending on the Product’s functionality.

Unless expressly stated otherwise in a specific Product, Unlock Futurix Ltd does not operate centralised user profiles for such locally stored content and does not maintain copies of that content on its own servers.

3.4 Import Features and On-Device Processing

Some Products may allow you to import information from materials such as:

  • screenshots

  • receipts

  • PDFs

  • plain text

  • images

  • pasted content

  • documents

Where supported, our Products may use Apple-provided or operating-system-provided on-device technologies for text recognition, content extraction, categorisation, or similar functionality.

Processing takes place locally on your device unless explicitly stated otherwise for a specific feature.

Where applicable, you review and approve extracted information before it is saved. Information is not added automatically without your review where the Product design requires confirmation.

We do not store or analyse your imported files or documents on our servers unless you explicitly submit them to us, for example as part of a support request.

3.5 Device and Technical Information

When you use our Products, certain technical information may be processed automatically for operational, diagnostic, and security purposes.

This may include:

  • device model

  • device type

  • operating system version

  • application version

  • language settings

  • region settings

  • installation identifiers

  • anonymous device or installation identifiers

  • app status at the time of an error

  • diagnostic logs

  • technical performance data

  • crash traces

  • last log messages

This information is used solely to ensure the proper functioning of the Product, to maintain stability and security, and to identify and resolve technical issues.

3.6 App Store and Platform Data

When you download, purchase, subscribe to, or restore a Product via the Apple App Store or another platform provider such as Google Play in the future, certain information may be transmitted to us or to our authorised service providers by the respective platform provider.

This may include:

  • customer identifier

  • country of origin

  • information about the device used

  • transaction identifiers

  • purchase confirmations

  • subscription status

  • renewal status

  • trial status

  • refund status

  • receipt information

  • other data required for processing the transaction or validating entitlements

We do not control the collection of such data by the platform provider itself.

The legal basis for processing this information is Article 6(1)(b) UK GDPR, insofar as such processing is necessary for the performance of a contract and the management of purchased features or subscriptions.

3.7 Subscription Management and In-App Purchase Providers

In order to manage in-app purchases, subscriptions, entitlement checks, paywalls, or purchase validation, we may use subscription management providers such as RevenueCat and/or Adapty, depending on the Product.

3.7.1 RevenueCat

Where a Product uses RevenueCat, the service provider is:

RevenueCat, Inc.
300 Euclid Avenue
San Francisco, CA 94118
United States

When you make a purchase within a Product using RevenueCat, certain information may be transmitted to RevenueCat, including:

  • transaction identifiers

  • purchase receipts

  • subscription status

  • entitlement information

  • anonymous installation identifiers

  • device-related technical information necessary for subscription verification

This data is processed for the purpose of verifying, managing, restoring, and administering subscriptions and purchases.

The legal basis is Article 6(1)(b) UK GDPR.

Where required, we conclude a data processing agreement with RevenueCat pursuant to Article 28 UK GDPR, obliging the provider to protect the data of users and not to pass it on to unauthorised third parties except as legally permitted.

Further information may be found in RevenueCat’s privacy documentation.

3.7.2 Adapty

Where a Product uses Adapty, Adapty may process:

  • subscription status

  • purchase confirmations

  • renewal and trial events

  • anonymous installation identifiers

  • technical data necessary for paywall presentation and subscription validation

This data is processed for the purpose of contract performance, including subscription verification and purchase management.

The legal basis is Article 6(1)(b) UK GDPR.

All payments remain processed by the relevant app store provider. We do not receive or store your payment card details.

3.8 Crash Reporting and Diagnostics Providers

To improve the stability, reliability, security, and functionality of our Products, we may use crash reporting and diagnostic providers.

3.8.1 Firebase Crashlytics

Where used, Firebase Crashlytics is provided by:

Google Ireland Limited
Gordon House
Barrow Street
Dublin 4
Ireland

If a Product crashes, certain technical information may be transmitted to Google servers. This information may include:

  • app status at the time of the crash

  • installation UUID

  • crash trace

  • device model

  • operating system version

  • application version

  • last log messages

This data does not intentionally include direct identifiers such as your name or email address.

Transfers to Google LLC in the United States may also occur.

Processing is based on our legitimate interest under Article 6(1)(f) UK GDPR in maintaining the stability, security, and functionality of the Product.

3.8.2 Sentry

Where used, Sentry may process:

  • anonymous crash reports

  • error logs

  • device model

  • operating system version

  • app version

  • performance diagnostics

This data does not intentionally include names, email addresses, or local user content and is used solely for debugging and reliability improvements.

Processing is based on Article 6(1)(f) UK GDPR, namely our legitimate interest in ensuring technical stability and security.

3.9 Analytics Providers

Some Products may use analytics providers in order to understand feature usage, app flows, and aggregated behaviour patterns, and to improve product quality.

3.9.1 Amplitude

Where used, Amplitude may process:

  • feature usage events

  • screen views

  • app interaction metrics

  • device metadata

  • anonymous installation identifiers

This data is used to:

  • improve features

  • understand aggregated usage trends

  • identify product improvements

  • analyse stability and product performance at an aggregated level

We do not use this information for behavioural advertising, advertising profiling, or unrelated marketing profiling.

The legal basis is Article 6(1)(f) UK GDPR, namely our legitimate interest in product improvement.

3.9.2 Microsoft Clarity

If you visit our website, Microsoft Clarity may collect:

  • click interactions

  • scroll behaviour

  • browser information

  • device information

  • website usage behaviour

  • technical session information

This applies to website activity and not to locally stored content inside Products unless otherwise expressly stated.

The legal basis is Article 6(1)(f) UK GDPR.

3.10 Push Notifications

Where a Product offers notifications and you enable them, we may use a notification delivery provider such as OneSignal.

OneSignal may process:

  • device push token

  • notification delivery metrics

  • device metadata necessary for delivery

This data is used solely for sending and managing notifications and reminders you choose to enable.

You may disable notifications at any time through your device settings.

Where consent is required, the legal basis is Article 6(1)(a) UK GDPR.

3.11 Apple iCloud and Local Backup Features

Some Products may optionally allow you to store, sync, or restore Product data using Apple iCloud or Apple backup functionality.

If you choose to enable such features, your data will be stored and processed by Apple under Apple’s own terms, privacy policy, and security practices.

Depending on the Product architecture, Unlock Futurix Ltd may not have access to this data.

For example, where a Product relies on your personal iCloud storage for syncing or backup, we do not view, scan, analyse, or control the content stored there.

3.12 Support and Contact Tools

We may use third-party processors to facilitate support and communication requests.

3.12.1 Tally

Tally may be used as an embedded form provider for support and contact submissions. We may collect your name, email address, and message content strictly to follow up on your inquiry and provide support.

We do not use this information for advertising or unrelated marketing.

Processing is based on Article 6(1)(b) UK GDPR where your request relates to a contract or pre-contractual steps, and on Article 6(1)(f) UK GDPR where processing is necessary for our legitimate interest in responding to and managing support communications.

3.12.2 Tawk.to

Tawk.to may be used as a live chat widget for real-time support. We may collect your name, email address, and the content of your messages solely in order to follow up on and resolve your support requests.

This information is not used for advertising or unrelated marketing.

Processing is based on Article 6(1)(b) and Article 6(1)(f) UK GDPR as described above.

These providers act as data processors on our behalf where applicable and process personal data strictly according to our documented instructions and for the purposes described in this Privacy Policy. We implement appropriate contractual and organisational safeguards in accordance with Article 28 UK GDPR where required.

3.13 No Advertising Use of User Content

Unless expressly stated otherwise for a specific Product, Unlock Futurix Ltd does not use your locally stored user content, imported documents, support messages, or product data for:

  • behavioural advertising

  • selling data to third parties

  • unrelated profiling

  • building advertising audiences based on local app content

3.14 Product-Specific Clarifications

3.14.1 Subio

Subio is designed with a privacy-first architecture. Subscription data entered or imported by you is generally stored locally on your device. We do not operate user accounts for Subio and do not maintain centralised user profiles for ordinary usage.

Subio may allow import of screenshots, receipts, PDFs, and text using on-device processing technologies. You review and approve extracted information before it is saved. Nothing is added automatically without your review where such review is part of the feature.

Subio is not partnered with, sponsored by, or connected to subscription services that you track unless explicitly stated otherwise. It is an independent product.

3.14.2 Pastey

Pastey may allow you to store text, images, links, code snippets, clipboard-related entries, and other content. Such content is generally stored locally on your device and, where enabled by you, may also sync through your Apple iCloud environment. We do not collect, view, access, scan, or monitor this content on our servers unless you explicitly provide it to us for support.

3.14.3 Habitizer

Habitizer may store habit-related records, reminders, and progress information locally on your device. We do not maintain named user accounts unless such a feature is expressly introduced and separately disclosed.

3.14.4 Finance Tracker & Budgeting

Finance Tracker & Budgeting may store financial tracking information such as categories, entries, budgets, reminders, totals, and related planning information locally on your device. We do not receive or store payment card or banking information through ordinary use of the Product.

3.14.5 SoftVM

SoftVM may process technical and device-related configuration data that is necessary for the Product to function, including diagnostic and compatibility information. Such data is used for providing functionality, maintaining stability, and resolving technical issues.


4) Legal Bases of Processing

The processing of your personal data takes place on the basis of the following legal grounds in accordance with Article 6 UK GDPR:

  • Article 6(1)(a) UK GDPR if you have given your consent to the processing of your personal data for one or more specific purposes.

  • Article 6(1)(b) UK GDPR if processing is necessary for the performance of a contract to which you are a party, or to take steps at your request prior to entering into a contract.

  • Article 6(1)(c) UK GDPR if processing is necessary for compliance with a legal obligation to which we are subject.

  • Article 6(1)(f) UK GDPR if processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, provided that such interests are not overridden by your interests or fundamental rights and freedoms which require protection of personal data.

Where a particular section of this Privacy Policy identifies a more specific legal basis, that more specific explanation applies in addition to this general section.


5) Retention and Deletion of Data

Unless otherwise specified in this Privacy Policy, we retain personal data only for as long as necessary to fulfil the purposes stated herein or as required by statutory retention obligations.

In particular:

  • locally stored Product data remains on your device until deleted by you

  • iCloud-synced data remains subject to your Apple environment and your own deletion actions, unless otherwise governed by Apple’s systems

  • crash reporting and analytics data are retained according to the retention settings and lawful practices of the relevant provider

  • support communications are retained only as long as necessary to answer, resolve, and document your request, unless statutory retention obligations or legitimate legal requirements apply

  • purchase and subscription-related information may be retained as long as necessary to administer contractual rights, handle disputes, comply with legal obligations, and maintain proper business records

Once the purpose no longer applies or the statutory retention period has expired, the personal data will be deleted, anonymised, or otherwise handled in accordance with legal requirements.


6) Your Rights as a Data Subject

The applicable data protection law grants you comprehensive rights with regard to the processing of your personal data. These rights include:

Right of access (Article 15 UK GDPR)

You have the right to obtain confirmation as to whether personal data concerning you is being processed and, if so, access to the personal data and detailed information about its processing.

Right to rectification (Article 16 UK GDPR)

You have the right to obtain immediate rectification of inaccurate personal data concerning you and completion of incomplete personal data.

Right to erasure (Article 17 UK GDPR)

You have the right to request deletion of your personal data if the conditions in Article 17 are met. This does not apply if processing is necessary for exercising freedom of expression and information, compliance with a legal obligation, reasons of public interest, or the establishment, exercise, or defence of legal claims.

Right to restriction of processing (Article 18 UK GDPR)

You have the right to request the restriction of processing under the conditions set out in Article 18.

Right to be informed (Article 19 UK GDPR)

If you have exercised your rights of rectification, erasure, or restriction, we are obliged to notify all recipients to whom the personal data has been disclosed, unless this proves impossible or involves disproportionate effort.

Right to data portability (Article 20 UK GDPR)

You have the right to receive the personal data you provided to us in a structured, commonly used, and machine-readable format, and to transmit this data to another controller where technically feasible.

Right to object (Article 21 UK GDPR)

You have the right to object, on grounds relating to your particular situation, at any time to the processing of your personal data based on Article 6(1)(f) UK GDPR. If your personal data is processed for direct marketing, you also have the right to object at any time to processing for such marketing.

Right to withdraw consent (Article 7(3) UK GDPR)

You have the right to withdraw your consent at any time with effect for the future. Withdrawal does not affect the lawfulness of processing prior to the withdrawal.

Right to lodge a complaint (Article 77 UK GDPR)

Without prejudice to other remedies, you have the right to lodge a complaint with a supervisory authority, in particular in the United Kingdom with the Information Commissioner’s Office (ICO), if you consider that the processing of your personal data infringes the UK GDPR.

Because many of our Products do not maintain user accounts or centralised personal profiles, we may not always be able to identify you in our systems unless you contact us directly and provide sufficient information to help us locate any relevant data.


7) Transfers to Third Countries

If personal data is transferred to a country outside the United Kingdom or the European Economic Area, such transfer will only take place where the conditions of Articles 44 to 49 UK GDPR are fulfilled.

This may apply, for example, where service providers such as Google, RevenueCat, Adapty, Sentry, Amplitude, OneSignal, Tally, Tawk.to, or Microsoft process data outside the United Kingdom or EEA.

Where such transfers occur, we rely on appropriate safeguards such as:

  • Standard Contractual Clauses

  • adequacy regulations where applicable

  • other lawful transfer mechanisms recognised under applicable data protection law


8) Automated Decision-Making

We do not use automated decision-making, including profiling, within the meaning of Article 22 UK GDPR.


9) Children’s Privacy

Our Products are not intended to knowingly collect personal data from children under the age of 13.

We do not knowingly collect such personal data. If we become aware that personal data from a child under 13 has been collected inadvertently, we will delete the information without undue delay, subject to applicable legal requirements.

Parents or guardians who believe that a child has provided personal data to us may contact us using the details provided below.


10) Changes to This Privacy Policy

We reserve the right to amend this Privacy Policy at any time to ensure that it always complies with current legal requirements or to reflect changes to our Products, services, processing activities, or technical integrations.

The amended Privacy Policy will apply upon your next use of the relevant Product, unless a different notice requirement applies by law.

Where appropriate, the updated version will be published with a revised “Last updated” date.


11) Contact

If you have any questions about this Privacy Policy or wish to exercise your rights, you can contact us at:

Unlock Futurix Ltd
71–75 Shelton Street
Covent Garden
London
WC2H 9JQ
United Kingdom

Email: support@unlockfuturix.com

Create a free website with Framer, the website builder loved by startups, designers and agencies.