Privacy Policy

Last updated: July 10, 2026

GUARDED helps you quit lust and pornography with Christ. We know how personal this journey is, and we treat the data you entrust to us with the seriousness it deserves. This policy explains exactly what we collect, why, who processes it, and how you stay in control.

GUARDED is operated by Abenteuergeist, Alexander Mayle, Widenmayerstraße 11, 80538 München, Germany ("we", "us"). You can reach us anytime at info@abenteuergeist.com.

1. Information We Collect

Account data. You sign in with Sign in with Apple. We receive your name and your email address (or an Apple relay address if you choose to hide your email). During onboarding you can share your first name, age, gender, Christian denomination, and your motivation for quitting.

Recovery journey data. To power your streak and progress we store your journey start date and goal, your streak and milestones, relapse events including the trigger you optionally describe, daily check-ins and reflections, pledges, and lesson progress.

AI chat conversations. If you enable the AI companion (explicit consent required in the app), your chat messages are stored with your account so your conversations stay available to you.

Technical data. A push notification token if you enable notifications, subscription status, and crash diagnostics as described below.

Stored only on your device. Your answers and scores from the onboarding self-assessment stay on your device and are not uploaded. The optional adult-content filter runs entirely on-device through Apple Screen Time; we never see or collect your browsing data.

2. Sensitive Data and Consent

Data about your recovery from pornography use and your religious denomination is special-category data under Article 9 GDPR. We process it only because you knowingly provide it to use the Service, on the basis of your explicit consent (Article 9(2)(a) GDPR), solely to provide the app's features to you. We never use it for advertising, never sell it, and never share it beyond the processors listed below. You can withdraw consent at any time by deleting your account.

3. Who Processes Your Data

We use a small set of service providers, each bound by data processing agreements:

  • Supabase hosts our backend, authentication, and database. All account and journey data listed above lives here, protected by row-level security so only your account can access it.
  • OpenRouter processes your AI chat messages to generate the companion's responses. Messages are sent server-side; your email and identifiers are not included. This only happens after you consent to the AI feature in the app.
  • RevenueCat manages subscriptions. It receives an app user ID and your purchase history from Apple. We never see your payment details; Apple processes all payments.
  • Sentry receives crash and error reports (EU data region, Germany). Reports include a technical user ID so we can count affected users, but no message content, journey data, or personal details.
  • ElevenLabs converts lesson texts to audio for the read-aloud feature. Only the lesson text is sent, never your personal data.
  • Apple and Expo deliver sign-in, push notifications, and app updates.

4. No Ad Tracking

GUARDED contains no ads, no advertising SDKs, and does not track you across other apps or websites. We do not use the advertising identifier (IDFA). To measure whether our Apple Search Ads campaigns work, we use Apple's privacy-preserving attribution (AdServices and SKAdNetwork), which tells us that an install came from a campaign without profiling you.

5. How We Use Your Information

We use your data to provide the Service (streaks, lessons, check-ins, AI companion), to send the notifications you enable (discreet by default), to fix crashes, and to manage your subscription. Legal bases under GDPR: performance of our contract with you (Article 6(1)(b)), your consent for the AI feature and sensitive data (Articles 6(1)(a) and 9(2)(a)), and our legitimate interest in keeping the app stable (Article 6(1)(f)). We do not sell your personal data and we do not use it for third-party advertising.

6. Data Retention and Deletion

We keep your data while your account exists. You can delete your account at any time in the app under Settings. Deletion is immediate and permanent: your profile, journey and relapse history, check-ins, chat conversations, and login are erased from our systems. Messages you sent us through the in-app contact form may be retained separately to handle your request and for legal purposes. Crash reports expire automatically after at most 90 days.

7. Your Rights

Under GDPR you have the right to access, rectify, erase, restrict, and port your personal data, to object to processing, and to withdraw consent at any time. Contact us at info@abenteuergeist.com and we will respond promptly. You may also lodge a complaint with the Bayerisches Landesamt für Datenschutzaufsicht (BayLDA), Promenade 18, 91522 Ansbach, Germany.

8. International Transfers

Where a provider processes data outside the European Economic Area, we rely on the European Commission's Standard Contractual Clauses and, where available, the EU-U.S. Data Privacy Framework.

9. Security

All data is encrypted in transit, database access is restricted by row-level security, and our AI and audio providers are called only from our servers so API credentials and your identifiers never ship in the app. No method of transmission or storage is 100% secure, but we work to protect your data with appropriate technical and organizational measures.

10. Children

GUARDED is intended for users aged 16 and over. We do not knowingly collect personal data from children. If you believe a child has provided us personal data, contact us and we will delete it.

11. Changes to This Policy

We may update this policy as the app evolves. We will post changes here and update the date above. Significant changes will be announced in the app.

12. Contact Us

Abenteuergeist, Alexander Mayle
Widenmayerstraße 11, 80538 München, Germany
info@abenteuergeist.com