Download Download Now
FR EN ES PT JA

Privacy Policy — Onezen

Last updated: September 18, 2025

This Policy explains how ANTONIN BAUDELOT ("Onezen", "we") collects, uses, maintains, and shares your personal data when you use:

  • the Onezen mobile application (iOS/Android);
  • the website www.onezen-app.com (the "Site");
  • our associated content, features, and services (the "Services").

We may modify this Policy at any time. In case of significant change, we will inform you (banner, in-app notification, email as appropriate). The last update date appears at the top.

Publisher / Data Controller:
ANTONIN BAUDELOT – 2 boulevard Carabacel, 06000 Nice, France – contact@onezen-app.com

1) Who can use Onezen?

Our Services are intended for persons 16 years of age and older. If you are between 16 and 18, you declare that you are using Onezen with the consent of your legal guardian. We do not knowingly collect data concerning children under 16. If you believe a minor under 16 has transmitted data to us, write to us: contact@onezen-app.com.

2) What data do we collect?

2.1 Data you provide

  • Identity & contact: name (if provided), email, password (hashed), profile picture (if provided).
  • Profile & preferences: language, time zone, chosen sounds, themes, reminder settings.
  • Paid use: subscription type, status, purchase history via Apple App Store / Google Play (we do not receive your card numbers).
  • Support: contents of your messages, attachments, feedback, surveys.

2.2 Data collected automatically

  • Technical data: device model, OS, app version, technical identifiers (installation ID), IP address (pseudonymized/shortened if configured), timestamps, logs.
  • Audience measurement & performance: page views, events, paths, crash reports, diagnostics.
  • Cookies & trackers (on the Site): see § 8.

2.3 Data from third parties

  • Mobile Stores (Apple/Google): transaction confirmations, country/region, subscription status.
  • Service providers (e.g., analytics, email sending): aggregated technical indicators.

We do not collect health data within the meaning of Article 9 GDPR nor banking details. If, in the future, a "health" integration (e.g., Apple Health / Google Fit) were offered, it would be subject to explicit consent and a dedicated notice.

3) For what purposes and on what legal bases?

Purpose Examples Legal Basis
Provide the Service Authentication, saving exercises, reminders, sound customization Performance of contract (art. 6-1-b)
Subscriptions & purchases Eligibility check, premium access management Performance of contract
Support & security Assistance, fraud/abuse prevention, technical logs Legitimate interest (security, quality)
Improvement & stats Analytics, crash reports Legitimate interest / Consent (cookies)
Communication Service emails (changes, incidents) Legitimate interest / Legal obligations
Prospecting Newsletters, news (if subscribed) Consent
Compliance Tax, legal obligations Legal obligation

You can withdraw your consent at any time (settings, unsubscribe link, or contact@onezen-app.com).

4) Who do we share your data with?

We share only what is necessary with:

  • Processors: Google Firebase (authentication, database, analytics, crash reporting, hosting configured in EU where available), web host, emailing/notification tool, audience measurement tools (subject to your consent on the Site).
  • Payment platforms: Apple App Store and Google Play (billing, renewal).
  • Advisors & authorities: legal/accounting advisors under confidentiality; authorities if required by law.
  • Assignment/Corporate Transactions: in case of reorganization/sale, your data may be part of the transferred assets, with prior notification where required.

We do not sell your data and do not profile for automated decision-making producing legal effects concerning you.

5) Transfers outside EU/EEA

Our main processing relies on Firebase with hosting in the EU where services allow. If a transfer outside the EU/EEA proves necessary (e.g., technical assistance), it is governed by Standard Contractual Clauses and additional guarantees.

6) Retention periods (principles)

  • Account & usage data: as long as the account is active; then deletion/anonymization within 30 days after account deletion (except legal obligations).
  • Technical/security logs: up to 12 months.
  • Contractual/billing data: up to 10 years.
  • Prospecting (email): until withdrawal of consent or 3 years of inactivity.
  • Cookies/trackers: see § 8 (generally 13 months maximum for non-essential cookies).

7) Security

We implement reasonable technical and organizational measures: encryption in transit (TLS), Firebase security rules, access control, backups. No system being invulnerable, we cannot guarantee absolute security. In case of data breach, we will notify the competent authority and, where appropriate, the data subjects as soon as possible and no later than 72 hours after becoming aware, where required.

8) Cookies & trackers (Site)

On www.onezen-app.com, we use cookies and similar technologies:

  • Necessary (e.g., security, anti-bot, load balancing) – set without consent.
  • Audience measurement – with your consent via our banner.
  • Functionality/Preferences – according to your choice.

You can manage your preferences via the banner and configure your browser. Non-essential cookies are not kept beyond 13 months; information related to consent is kept up to 6 months.

9) Notifications, reminders, and communications

  • Push notifications & reminders: enabled only with your consent; deactivation possible at any time.
  • Service emails: security, important information related to account/subscription (cannot verify unsubscribe).
  • Marketing emails: only if you accepted; unsubscribe link in each message.

10) Your Rights (GDPR)

  • Access, rectification, erasure, restriction, objection, portability, post-mortem directives (France).
  • Exercise: contact@onezen-app.com — response within 1 month (extendable).

11) Database & Firebase (practical details)

Services used: authentication, real-time database and/or Firestore, hosting, analytics, crash reporting, remote config (as needed). Location: EU where available; otherwise regulated transfer. Minimization: only necessary data is stored.

12) Payments & subscriptions

Managed by Apple App Store and Google Play. We do not have access to your payment method details. For any refund, refer to Apple/Google policies. We only receive necessary confirmations and metadata.

13) Links and Third-Party Services

Use of third-party services/links is governed by their policies. We do not control their practices.

14) Contact

Data Controller: ANTONIN BAUDELOT — 2 boulevard Carabacel, 06000 Nice, France — contact@onezen-app.com

15) Clear summary of your choices

  • Non-essential cookies: refusal possible via the banner.
  • Push notifications: device/app settings.
  • Marketing emails: 1-click unsubscribe.
  • Account deletion: from the app or by email.