Last updated June 2, 2026 · Effective June 2, 2026
This Privacy Policy explains how Codevia LLC ("Codevia", "we", "our", "us") — a limited liability company organized under the laws of the State of New Mexico, United States — collects, uses, and protects information in connection with:
Key principles
By using the App or the Site you agree to the practices described below. If you do not agree, please do not use the App or Site.
The App and the Site are available globally where Google Play distributes applications. Codevia complies with applicable U.S. law, the General Data Protection Regulation (GDPR) for users in the European Economic Area, the UK GDPR for users in the United Kingdom, the California Consumer Privacy Act (CCPA/CPRA), Brazil's LGPD, Mexico's LFPDPPP, and other applicable data protection frameworks of the user's country of residence.
ACCESS_COARSE_LOCATION.ACTIVITY_RECOGNITION (Android 10+) for step counts.100% on-device processing. When you enable Sleep Tracking, the App records short audio frames from the microphone and analyzes them locally using TensorFlow Lite (YAMNet model) to detect snoring and environmental noise patterns.
AD_ID) is not collected by Codevia directly. When advertising is active, the Google AdMob SDK may read your Advertising ID for ad serving and frequency capping (see section 6). You can reset it or opt out of ad personalization at any time in Android Settings → Privacy → Ads.We do not sell your personal information. We do not use your data for profiling, automated decision making with legal effects, or behavioral advertising beyond what AdMob does for ad serving.
For users in the European Economic Area, the United Kingdom, and Switzerland, the GDPR, UK GDPR, and Swiss FADP require a lawful basis for each processing activity (Art. 6 GDPR). For users in jurisdictions with similar data-protection frameworks — such as Brazil's LGPD, Mexico's LFPDPPP, or California's CCPA/CPRA (see section 8) — the same activities are justified on equivalent grounds. The table below maps each purpose to its lawful basis:
| Purpose | Data | Legal basis |
|---|---|---|
| Provide the App functionality | Settings, preferences, device data | Contract performance (GDPR Art. 6(1)(b)) — necessary to provide the requested service |
| Paid Premium features | Google Play product ID, purchase state, purchase token, subscription or lifetime-access status | Contract performance (GDPR Art. 6(1)(b)) and legitimate interest (Art. 6(1)(f)) in preventing unauthorized access and restoring purchases |
| Weather feature | Approximate location, IP address | Consent (GDPR Art. 6(1)(a)) — withdrawable any time in Settings → Privacy → Weather |
| Sleep tracking (audio, motion) | Microphone, accelerometer, step counter | Consent (GDPR Art. 6(1)(a) and Art. 9(2)(a) for biometric/health-adjacent processing); data stays on-device |
| Analytics & crash reporting | App events, diagnostics | Consent (GDPR Art. 6(1)(a)); disabled by default |
| Advertising via AdMob (personalized) | Advertising ID, IP, ad-interaction signals | Consent (GDPR Art. 6(1)(a) + ePrivacy Directive); collected through Google's UMP SDK in EEA/UK/CH |
| Advertising via AdMob (non-personalized) | IP address, frequency-capping signals | Legitimate interest (GDPR Art. 6(1)(f)) — funding the free app while minimizing data; available when consent is declined |
| TikTok campaign attribution | App events and technical or advertising identifiers when applicable | Consent (GDPR Art. 6(1)(a)); disabled unless analytics/ad consent and our remote configuration allow it |
| Security and abuse prevention | Technical logs | Legitimate interest (GDPR Art. 6(1)(f)) in protecting the Service / legal obligation (Art. 6(1)(c)) |
| Responding to legal requests | Whatever is requested | Legal obligation (GDPR Art. 6(1)(c)) |
Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing. Where processing is based on legitimate interest, you have the right to object (see section 10).
Purpose: Weather forecasts for the Morning tab.
Data shared: approximate location coordinates, IP address, timestamp of request.
Not shared: name, email, device identifiers, any data from other app features.
Privacy policy: weatherapi.com/privacy.aspx
We use five Firebase products:
Privacy policy: policies.google.com/privacy
Purpose: display banner, interstitial and rewarded ads within the App.
When advertising is active, AdMob may collect:
AD_ID) — unless you have opted out of ad personalization in Android Settings.What AdMob does NOT receive from us: audio recordings, photos, sensor data, alarm content, or any other data from on-device features. We also do not share your name, email or phone number with AdMob.
Your controls:
Current state. Whether advertising is enabled in the App may vary between releases. The authoritative disclosure of the current state is the Google Play Store listing under the Data Safety section. This Policy describes AdMob's practices whenever ads are active, so it remains accurate either way.
EEA / UK / Switzerland users: Before AdMob serves personalized ads, the App displays a consent dialog through Google's User Messaging Platform (UMP SDK) requesting your consent under the GDPR and the ePrivacy Directive. If you decline, AdMob will serve only non-personalized ads, which use a limited subset of data (no Advertising ID for personalization) but still require your IP address for fraud prevention and frequency capping.
Privacy policy: policies.google.com/privacy · AdMob policies: support.google.com/admob/answer/6128543
Used for barcode scanning, image matching, object detection (mission gameplay) and audio classification (sleep tracking). All inference runs locally on your device; nothing is uploaded.
Required by Android to install, update and run the App, and to process paid Premium features through Google Play Billing. Google processes payment details under its own terms. Codevia receives only limited purchase state needed to activate, restore, or support Premium access; we do not receive your full payment credentials.
Purpose: measure app-install and subscription campaign performance when marketing attribution is enabled.
When active, TikTok may receive: app events such as app launch, onboarding completion, trial start, subscription completion, and technical or advertising identifiers when applicable.
TikTok tracking is gated by user consent, Google UMP ad-consent state, Premium status, build configuration, and our Remote Config kill switch. We do not send email, phone number, full name, alarm content, sleep audio, photos, or health-like sleep data to TikTok.
Privacy policy: tiktok.com/legal
Where: the data-deletion request form atcodevia.pro/alarmchampion/delete-dataon the Site.
Data shared: the email address you enter, the reason you select, any additional information you type, and standard metadata from your browser (IP address, user agent, timestamp).
Privacy policy: formspree.io/legal/privacy-policy
usesCleartextTraffic="false").allowBackup="false").No method of electronic storage is 100% secure. We take reasonable measures to protect your data but cannot guarantee absolute security.
Notice at Collection & Right to Opt Out of Sale/Share
We do not sell your personal information to third parties for monetary consideration.
When advertising is active in the App, the use of your Android Advertising ID by Google AdMob for cross-context behavioral advertising may fall within the CPRA definition of "sharing". You can opt out at any time in Android Settings → Privacy → Ads → Opt out of Ads Personalization, and where required by law we will also request consent through the Google User Messaging Platform.
| Category (Cal. Civ. Code §1798.140) | Examples in our App | Sold/Shared? |
|---|---|---|
| Identifiers | IP address (visible to service providers), device & OS info, Android Advertising ID (only when advertising is active) | Not sold. When advertising is active, Advertising ID may be shared with Google AdMob for cross-context behavioral advertising (opt-out available). |
| Geolocation data | Approximate location (city/country) — with consent only | No (shared only with WeatherAPI.com as service provider) |
| Sensory data (Sensitive PI) | Microphone audio for sleep tracking — on-device only | No (never leaves device) |
| Internet or network activity | In-app events, feature usage (only with opt-in) | No (shared with Google Firebase as service provider) |
| Inferences | None — we do not profile users | — |
To exercise any right, email privacy@codevia.pro from the email you wish to be verified with. We will respond within 45 days.
Do Not Track signals. There is no consistent industry standard for honoring browser or OS "Do Not Track" signals; we do not currently respond to them, but we do not sell personal information regardless.
This section applies to you if you access the App or Site from the European Economic Area (EEA), the United Kingdom, or Switzerland:
For the purposes of these laws, Codevia LLC is the data controllerfor the personal data processed in connection with the App and Site (contact details in section 16).
Article 6 GDPR (and the equivalent UK / Swiss provisions) requires a lawful basis for every processing activity. The six possible legal bases are:
Codevia relies on consent, contract, legal obligation, and legitimate interests as set out in section 5. We do not rely on vital interests or public interest. For special-category data (such as audio that could reveal health information through snore detection), we additionally rely on Art. 9(2)(a) — your explicit consent.
You have the following rights with respect to your personal data:
You also have the right not to be subject to a decision based solely on automated processing, including profiling (Art. 22). We do not carry out such decision-making.
If you believe our processing of your personal data infringes the GDPR, the UK GDPR, or the Swiss FADP, you have the right to lodge a complaint with a supervisory authority — in particular in the EU/EEA Member State of your habitual residence, place of work, or alleged infringement.
We would, however, appreciate the chance to address your concerns first — please contact us at privacy@codevia.pro before lodging a complaint.
Codevia LLC is established in the United States and currently does not maintain an appointed representative under Article 27 of the EU GDPR or UK GDPR. We rely on direct contact at privacy@codevia.pro for all data-subject requests from users in the EEA, UK, and Switzerland, and we will respond within the 30-day GDPR statutory deadline. We will reassess the need for a designated Article 27 representative as our user base in those territories grows.
We do not engage in automated decision-making that produces legal or similarly significant effects on you. The algorithmic suggestions shown in the App (sleep score, recommended bedtime, etc.) are for informational purposes only and do not produce any binding decision about you.
This section consolidates the rights available to you under all applicable laws. For GDPR-specific procedures, see section 9; for California-specific procedures, see section 8.
Depending on where you live, you may have the following rights:
How to exercise:
Privacy Contact / Data Protection
A formal Data Protection Officer is not required for our processing activities under Article 37 GDPR. All privacy requests and questions are handled by our privacy team at privacy@codevia.pro.
Codevia LLC is established in the United States. Some of our service providers — Google LLC (Firebase, AdMob, ML Kit, Play Services, Google Play Billing), TikTok, WeatherAPI.com, and Formspree, Inc. — are also located in the United States or operate global infrastructure. When personal data of users in the EEA, UK, or Switzerland is transferred outside their territory, we rely on the following safeguards:
For transfers from the UK, we rely on:
For transfers from Switzerland, we rely on the Swiss-U.S. Data Privacy Framework where the recipient is certified, supplemented by the EU SCCs adapted for Swiss law.
You may request a copy of the relevant SCCs, IDTA, or other transfer mechanism by emailing privacy@codevia.pro. We may redact commercial terms before sending.
The App is intended for users 13 years of age or older. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, contactprivacy@codevia.proand we will delete it promptly.
In jurisdictions where the digital age of consent is higher (for example, 16 in some EU Member States), the minimum age to use the App without parental consent is the higher local threshold, and parental authorization is required below it.
| Data type | Retention |
|---|---|
| Alarm settings, missions, mission history | Locally on device; until uninstall or data clear |
| Sleep tracking results | Locally on device; until uninstall or data clear. Raw audio never retained. |
| Cached weather & location | Up to 30 minutes, then auto-deleted |
| Analytics events (if opted in) | 14 months (Firebase default retention) |
| TikTok attribution events (if opted in and enabled) | Handled by TikTok according to its privacy policy and your consent choices |
| Crash reports (if opted in) | 90 days |
| Support email correspondence | Up to 12 months after the ticket is closed |
| Firebase Authentication account (UID, email, display name) | Until account deletion (in-app via Settings → Account → Delete Account, or by request to privacy@codevia.pro) |
| Google Play purchase state | For as long as needed to provide Premium access, restore purchases, resolve billing support, and comply with Google Play or legal requirements |
| Consent records (UMP) | For the duration required to demonstrate compliance with GDPR Art. 7(1) |
Codevia LLC does not solicit, incentivize, manipulate or purchase reviews on the Google Play Store or anywhere else. If the App asks you whether you would like to rate it, the request is generated by Google's native in-app review API after genuine usage milestones and can be safely ignored. We do not condition any feature, reward, or service on you leaving a review.
We may update this Policy to reflect changes in our practices or legal requirements. Material changes will be announced with at least 30 days notice inside the App and on this page. The "Last updated" date at the top reflects the latest revision. Continued use of the App after the effective date constitutes acceptance.
You have the right to lodge a complaint with the data-protection authority of your country of residence:
We would, however, appreciate the chance to address your concerns first — please contact us at privacy@codevia.pro before reaching out to a supervisory authority.