Privacy Policy
Last updated: April 2026
The short version: memu lock is an on-device app. Your photos never leave your iPhone. We have no backend, no accounts, and no servers that touch your personal data. The only data that ever leaves your device is your subscription status (managed by RevenueCat via Apple) if you purchase memu lock pro.
memu lock is operated by studio179 d.o.o. ("we", "our", or "us"). We built this app on a simple principle: your memories belong to you, full stop. This Privacy Policy explains exactly what data we collect, why, and how we keep things private.
If anything isn't clear, please reach out at hello@getmemu.com.
1. What Data memu lock Collects in the App
Photos & Camera Roll
memu lock reads photos from your device's photo library to surface memories for the quiz. This happens entirely on your device:
- Photos are never uploaded, transmitted, or stored on any server
- All photo processing (reading, displaying, quiz generation) happens locally on your iPhone
- We never scan or analyze your full photo library beyond what is needed to select and display a quiz image
- Photo metadata (date taken, GPS coordinates) is read locally to generate quiz questions and is never sent anywhere
Screen Time & App Selections
The apps you choose to block are stored locally on your device using Apple's Family Controls framework. This selection is never transmitted to us.
App Settings & Stats
Your preferences (grace period, memory timeframe, etc.), streak count, and stats are stored locally on your device using standard iOS storage (UserDefaults and on-device databases). None of this is synced to a server.
Subscription Status
If you purchase memu lock pro, Apple processes the payment and RevenueCat (our subscription management provider) receives your anonymized App Store receipt to verify and manage your subscription. See Section 4 for details on what RevenueCat receives.
2. What Data memu lock Collects on Our Website
Android Waitlist
If you voluntarily submit your email address through the Android waitlist form on getmemu.com, that email address is stored in our Firebase database solely for the purpose of notifying you when an Android version becomes available. We will not use it for marketing or share it with third parties.
Website Analytics
Our website may collect basic, anonymized visit data (page views, referrer) via standard web server logs. No personal information is collected.
3. What We Don't Do
- No accounts. memu lock requires no account, email address, or sign-in to use.
- No photo uploads. Your photos never leave your device for any reason.
- No AI training. We will never use your photos or behavior data to train AI or machine learning models.
- No advertising. We don't use advertising SDKs. We don't sell, license, or share your data with advertisers.
- No behavioral tracking. We don't track which apps you use, how long you use your phone, or anything beyond what's needed for the app to function locally.
- No third-party analytics in the app. There are no analytics SDKs embedded in memu lock that collect usage data.
4. Third-Party Services
RevenueCat (Subscription Management)
- What: Subscription and in-app purchase management
- Data received: Anonymized App Store receipt, subscription status, anonymous user ID generated by the SDK
- Why: To verify and manage memu lock pro subscriptions
- What they don't receive: Your name, email, photos, or any other personal information
- Privacy policy: revenuecat.com/privacy
Apple App Store & Apple Services
- What: App distribution, payment processing, crash reporting (if you've opted in to share data with Apple)
- Data received: Governed by Apple's own privacy policy and your iOS privacy settings
- Privacy policy: apple.com/legal/privacy
Apple MapKit (On-Device Only)
- What: Reverse geocoding (converting GPS coordinates embedded in your photos into readable place names)
- How it works: This runs on-device using Apple's on-device geocoding where possible. When a network call is required, Apple receives only the GPS coordinates, not any identifier linking them to you or to memu lock
- Privacy policy: apple.com/legal/privacy
Firebase (Website Only)
- What: Cloud database used by our website for the Android waitlist
- Data stored: Email addresses voluntarily submitted via the waitlist form on getmemu.com
- Not used in the app: Firebase is not integrated into the memu lock iOS app in any way
- Privacy policy: firebase.google.com/support/privacy
5. Data Retention
- On-device data: Stored on your device for as long as you have the app installed. Deleting the app removes all local data.
- RevenueCat subscription data: Retained per RevenueCat's policies; linked to your anonymized App Store ID.
- Android waitlist emails: Retained until you request removal or until an Android version launches. Email hello@getmemu.com at any time to be removed.
6. Your Rights & Choices
You have full control over your data:
- Photos: Revoke photo library access at any time in iOS Settings → Privacy & Security → Photos.
- Screen Time: Disable memu lock's Screen Time access at any time in iOS Settings → Screen Time.
- Subscriptions: Manage or cancel memu lock pro in your Apple ID account settings.
- Waitlist removal: Email hello@getmemu.com and we'll remove your email from the waitlist immediately.
- All local data: Delete memu lock from your device to remove all locally stored data instantly.
7. Children's Privacy
memu lock is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has submitted their email through our website, please contact us at hello@getmemu.com and we will remove it promptly.
8. International Data Transfers
memu lock is operated by studio179 d.o.o., based in Slovenia (European Union). The app itself processes all data on your device and does not transfer data internationally. For the Android waitlist, email data is stored in Firebase (Google Cloud), which may process data in the United States. We ensure appropriate safeguards are in place, including Standard Contractual Clauses, in accordance with applicable data protection laws.
9. California Privacy Rights (CCPA)
If you're a California resident, you have additional rights under the California Consumer Privacy Act:
- Right to know what personal information we collect (answer: almost none, see Section 1)
- Right to delete your personal information
- Right to opt-out of the sale of personal information (we don't sell your data)
- Right to non-discrimination for exercising your rights
10. European Privacy Rights (GDPR)
If you're in the European Economic Area (EEA), you have rights under the General Data Protection Regulation:
- Right to access, correct, or delete your data
- Right to restrict or object to processing
- Right to data portability
- Right to withdraw consent
- Right to lodge a complaint with a supervisory authority
Our legal basis for processing any personal data (limited to subscription management and, optionally, the website waitlist) is the performance of a contract with you and, where applicable, your consent.
11. Changes to This Policy
We may update this Privacy Policy from time to time. When we make significant changes, we'll update the date at the top of this page and notify you through the app where applicable.
We encourage you to review this policy periodically.
12. Contact Us
Questions, concerns, or requests about your privacy? We're here to help:
Email: hello@getmemu.com