Pulse App is a cybersecurity education and intelligence platform. We built it to help you stay informed about security threats and learn to protect yourself online. This policy explains what data we collect, why, and how we handle it.
What We Collect
Data stored locally on your device
The following never leaves your device unless you explicitly enable cloud sync:
- App preferences and settings
- Bookmarks, watchlists, and likes
- Quiz history and game progress
- XP, levels, badges, and achievements
- Activity streaks and completion data
- PIN and biometric authentication settings
Optional cloud account
If you create an account to sync data across devices, we collect:
- Email address (for authentication)
- Encrypted password
- Your synced app data (preferences, progress, bookmarks)
Cloud accounts are entirely optional. The app works fully without one.
Analytics
We use Aptabase, a privacy-first analytics service, to understand how people use Pulse App. This helps us improve features and fix problems. Aptabase collects:
- Anonymous usage patterns (screens viewed, features used)
- App version and basic device info (OS, screen size)
- No personal identifiers, IP addresses, or tracking across apps
Push notifications
If you enable push notifications, we store a device token to send you alerts about new security advisories, briefings, or app updates. You can disable notifications anytime in your device settings.
Advertising
The free tier displays ads via Google AdMob. We have disabled ad personalization by default, meaning ads are contextual rather than based on your behavior or profile. Paid subscribers see no ads.
You can further limit ad tracking through your device's "Opt out of Ads Personalization" setting (Android) or "Allow Apps to Request to Track" setting (iOS).
How We Use Your Data
- To provide the app's features and sync your data if you have a cloud account
- To send push notifications you've opted into
- To understand usage patterns and improve the app
- To display contextual ads on the free tier
We don't use your data for profiling, behavioral targeting, or selling to third parties.
Third-Party Services
We work with a small number of trusted services:
- Supabase — Authentication and database for cloud accounts
- RevenueCat — Subscription management for paid tiers
- Aptabase — Privacy-focused analytics
- Google AdMob — Advertising (free tier only, personalization disabled)
- Expo Push — Push notification delivery
Each service has its own privacy policy. We've chosen partners that align with our commitment to user privacy.
AI Features
Pulse App uses AI to generate security briefings and summaries. This processing happens on our servers. We do not send any of your personal data to AI systems — only topic parameters (like "ransomware" or "7-day horizon") are used to generate content, which is then cached and served to all users.
Data Security
Local data is stored using your device's secure storage. Cloud account passwords are hashed and never stored in plain text. All network communications use HTTPS encryption. We follow industry-standard security practices, though no system is 100% secure.
In the event of a data breach affecting your personal information, we will notify affected users as soon as reasonably practicable via email and/or in-app notification.
International Data Transfers
Your data may be processed by our service providers in the United States or other countries where they operate. By using Pulse App, you consent to this transfer. We ensure our service providers maintain appropriate security standards regardless of location.
Your Rights
You can:
- Delete local data anytime using "Reset App" in Settings
- Delete your cloud account and all associated data
- Disable push notifications in your device settings
- Opt out of ad personalization in your device settings
- Request a copy of your data by emailing us
California Privacy Rights
California residents have additional rights under the California Consumer Privacy Act (CCPA). We do not sell your personal information. You may request to know what personal data we have collected about you and request its deletion by emailing privacy@arcandel.com. We will respond to verified requests within 45 days.
Children's Privacy
Pulse App is intended for users 13 and older. We do not knowingly collect data from children under 13. If you believe a child under 13 has created an account, please contact us and we will delete it promptly.
Data Retention
Local data persists until you delete it or uninstall the app. Cloud account data is retained while your account is active. If you delete your account, we remove your data within 30 days, except where we're legally required to retain it.
Changes to This Policy
We may update this policy occasionally. Significant changes will be communicated through the app. Continued use after changes constitutes acceptance of the updated policy.
Contact
Questions about this policy? Email us at privacy@arcandel.com.