← Back

Privacy Policy

Last updated: June 27, 2026

1. Introduction

ReciteLock ("we", "our", or "us") is a Quran recitation habit app developed and operated by Never Iffy Ltd, a company registered in England and Wales. This Privacy Policy explains how we handle information when you use our iOS application (the "App").

2. Data Controller

Never Iffy Ltd is the data controller for information described in this policy. For privacy questions or requests, contact us at hello@neveriffy.com.

3. Information We Collect

A. On-device app data

Recitation history, streak data, schedules, app selections, and settings are stored locally on your device using Apple's on-device frameworks. We do not collect, transmit, or store this data on any server.

B. Screen Time and Family Controls

ReciteLock uses Apple's Screen Time APIs to block selected apps during scheduled times. These APIs are privacy-preserving by design - ReciteLock cannot see which specific apps you use or for how long.

C. Notifications

If enabled, notifications are scheduled locally on your device. No push notification server is involved.

D. Subscription and entitlement data (RevenueCat and Apple)

ReciteLock requires an active paid subscription. Payments are processed by Apple. We use RevenueCat to verify your subscription entitlement. RevenueCat receives an anonymous user identifier and subscription state from your device. We do not receive your payment card details.

E. Device backup and transfer data

Depending on your Apple device settings, local app data may be included in iCloud backups or device-to-device transfer.

F. Analytics data (PostHog)

We use PostHog to collect anonymous usage analytics to understand how the App is used and improve it over time. PostHog assigns your device an anonymous identifier (a randomly generated ID, not linked to your Apple advertising ID or any personal account). We collect events such as which onboarding steps you complete, whether you recite or skip a session, and paywall interactions. PostHog derives your approximate location (country, region, and city) from your IP address at ingestion — your IP address itself is not stored. We do not use this data for advertising or share it with third parties for their own use.

4. What We Do Not Collect

No accounts. No advertising SDKs. No crash reporting SDKs. We do not sell your personal information.

5. Third-Party Services

  • PostHog - anonymous product analytics, processed on EU servers. See PostHog Privacy Policy.
  • RevenueCat - subscription entitlement management. See RevenueCat Privacy Policy.
  • Apple App Store - app distribution, billing, and subscription processing.

6. Legal Bases for Processing (UK GDPR)

  • Contract performance - providing the App and Premium features you request.
  • Legitimate interests - app reliability, security, entitlement verification, and understanding aggregate usage patterns to improve the App.
  • Legal obligations - compliance with applicable law.

7. Data Retention

  • On-device data - retained locally until removed by you or deleted with the App.
  • Backup copies - retained according to your Apple backup settings.
  • Subscription records - retained as needed for billing, fraud prevention, support, accounting, and legal compliance.
  • Analytics data - retained by PostHog for up to 1 year.

8. Your Privacy Choices and Rights

Under UK GDPR and the Data Protection Act 2018, you have rights including access, correction, deletion, objection, restriction, and portability where applicable.

To submit a request, email hello@neveriffy.com. You also have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) at ico.org.uk.

9. Children's Privacy

The App is designed for a general audience and is not directed primarily to children under 13. We do not knowingly collect personal information directly from children under 13. If you believe a child has provided personal information to us, contact us and we will review and take appropriate action.

10. International Transfers

Our providers may process information in countries outside the UK. Where required, appropriate safeguards (such as the UK International Data Transfer Agreement or equivalent contractual protections) are used for international data transfers.

11. Security

App data is stored locally on your device using Apple's built-in frameworks. Subscription data is transmitted to RevenueCat over encrypted connections. No system is completely secure, and we cannot guarantee absolute security.

12. Changes to This Policy

We may update this Privacy Policy from time to time. The "Last updated" date above shows when this version became effective.

13. Contact Us

If you have questions about this Privacy Policy or our data practices, contact hello@neveriffy.com.