Privacy Policy for Simyr

Effective Date: 12/28/2025

Last Updated: 06/09/2026

1. Introduction

Holeaux, LLC ("we," "us," or "our") operates Simyr (the "App"), a social media application designed to foster genuine human connection while prioritizing your mental wellbeing. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our App.

We are committed to protecting your privacy and being transparent about our data practices. By using Simyr, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, please do not use the App.

Please read this Privacy Policy carefully. If you have questions or concerns, please contact us at support@holeaux.com.

2. Information We Collect

2.1 Information You Provide Directly

When you create an account and use Simyr, you may voluntarily provide us with the following information:

  • Account Information: Phone number (for verification), display name, profile photo, and optional biography.
  • User Content: Photos, captions, and reactions you post or share through the App.
  • Connection Information: Data about your connections with other users, including when connections are made via QR codes or invite links.
  • Communications: Information you provide when you contact us for support or feedback.
  • Survey Responses: Optional feedback and responses to surveys or onboarding questions.

2.2 Information Collected Automatically

When you use the App, certain information is collected automatically:

  • Device Information: Device type, operating system version, unique device identifiers, and mobile network information.
  • Usage Data: Information about your interactions with the App, including features accessed, time spent, posting frequency, and reaction patterns.
  • Log Information: IP address, access times, pages viewed, app crashes, and system activity.
  • Approximate Location: General geographic location derived from IP address (we do not collect precise GPS location).

2.3 Device Permissions

The App may request access to certain features on your device:

  • Camera: Required to capture photos for posts and scan QR codes for connections.
  • Push Notifications: Optional permission to receive notifications about new posts, reactions, and connections.

You may disable these permissions through your device settings at any time, though some App features may not function properly without them.

2.4 Biometric Authentication

The App offers optional biometric authentication using Face ID or Touch ID:

  • What We Collect: When you enable biometric login, we generate a secure biometric token on your device. Your actual biometric data (fingerprint or face scan) is never transmitted to our servers.
  • How It Works: Biometric authentication is processed entirely on your device. We only receive a cryptographic token that links to your account for login purposes.
  • Data Storage: The biometric token is stored securely on your device using your device's secure enclave. It persists across logout/login sessions until you revoke biometric access.
  • Permissions: Enabling biometric login requires granting Face ID or Touch ID permission through your device settings. You can revoke this permission at any time.

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Provide and Maintain the Service: Create and manage your account, display your content to connections, and enable core App functionality.
  • Personalization: Customize your experience based on your preferences and usage patterns.
  • Analytics and Improvement: Understand how users interact with the App to improve features, fix bugs, and enhance overall user experience.
  • Communication: Send service-related notices, respond to inquiries, and provide customer support.
  • Safety and Security: Detect, investigate, and prevent fraudulent, harmful, or illegal activities, and enforce our Terms of Service.
  • Legal Compliance: Comply with applicable laws, regulations, and legal processes.

3.1 Analytics & Error Tracking Services

We use third-party services to understand how users interact with Simyr and to diagnose technical issues:

Sentry (Error Tracking & Crash Reporting)

  • What We Collect: Error messages, stack traces, device information (OS version, app version, unique device ID)
  • Purpose: Automatically detect and report app crashes and errors so we can fix them quickly
  • Data Retention: 90 days (then automatically deleted)
  • Opt-Out: You can disable error tracking in the app's Privacy Settings (Settings → Privacy Settings)

LogRocket (Session Replay & Analytics)

  • What We Collect: Session recordings, user interactions, console logs, analytics events, unique session ID
  • Purpose: Understand how users interact with the app, diagnose technical issues, and improve the overall experience
  • Data Retention: 30 days (then automatically deleted)
  • Opt-Out: You can disable analytics and session replay in the app's Privacy Settings (Settings → Privacy Settings)

PostHog (Product Analytics)

  • What We Collect: Event names, user actions (posts, follows, reactions, graph exploration), screen views, time spent in app, device information, IP address, approximate location
  • Purpose: Understand how users interact with Simyr, identify engagement patterns, track feature adoption, and improve features and overall user experience
  • Data Retention: Approximately 30 days (then automatically deleted)
  • Opt-Out: You can disable analytics in the app's Privacy Settings (Settings → Privacy Settings); PostHog respects your consent choices
  • Privacy Policy: PostHog Privacy Policy

User Controls Over Analytics

You have full control over our analytics services:

  • On First App Launch: You will see a privacy banner asking for your consent before any tracking begins
  • Anytime During Use: You can change your preferences in Settings → Privacy Settings
  • Revoke Consent: You can disable any category of tracking at any time; we will stop collecting new data immediately

4. How We Share Your Information

We do not sell your personal information to third parties.

We may share your information in the following limited circumstances:

  • With Your Connections: Your profile information and posts are visible to users you have connected with.
  • Service Providers: We may share information with third-party vendors who perform services on our behalf, such as cloud hosting, analytics, and customer support. These providers are contractually obligated to protect your information. Our analytics service providers include:
    • Sentry (Functional Software, Inc.): For error tracking and crash reporting (with your consent)
    • LogRocket (LogRocket, Inc.): For session replay and analytics (with your consent)
    • PostHog, Inc.: For product analytics and user interaction tracking (with your consent)
  • Legal Requirements: We may disclose information if required by law, court order, or government request, or if we believe disclosure is necessary to protect our rights, safety, or the safety of others.
  • Business Transfers: If Holeaux, LLC is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change.
  • With Your Consent: We may share information for other purposes if you provide explicit consent.

5. Data Retention and Deletion

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required by law.

  • Account Data: Retained while your account is active and for a reasonable period afterward to allow account recovery.
  • User Content: Posts and reactions are retained until you delete them or delete your account.
  • Usage Data: Analytics data is typically retained in aggregated, anonymized form for up to 24 months.
  • Third-Party Analytics:
    • Sentry: Error tracking data is retained for 90 days
    • LogRocket: Session and analytics data is retained for 30 days
    • PostHog: Product analytics data is retained for approximately 30 days

Account Deletion: You may request deletion of your account and associated data at any time through the App settings or by contacting support@holeaux.com. Upon deletion request, we will delete or anonymize your personal information within 30 days, except where retention is required by law or for legitimate business purposes (such as fraud prevention).

6. Your Rights and Choices

Depending on your location, you may have certain rights regarding your personal information:

  • Access: Request a copy of the personal information we hold about you.
  • Correction: Request correction of inaccurate or incomplete personal information.
  • Deletion: Request deletion of your personal information, subject to certain exceptions.
  • Data Portability: Request a copy of your data in a portable format.
  • Opt-Out: Opt out of certain data uses, such as marketing communications and analytics tracking.
  • Analytics Control: You can disable analytics, error tracking, and session replay anytime in Settings → Privacy Settings without affecting your ability to use Simyr.

To exercise these rights, please contact us at support@holeaux.com. We will respond to your request within the timeframe required by applicable law (typically 30-45 days).

California Residents: Under the California Consumer Privacy Act (CCPA), you have additional rights including the right to know what personal information we collect and how we use it, and the right to non-discrimination for exercising your privacy rights. Opting out of analytics does not affect your ability to use Simyr.

7. Security Measures

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit (TLS/SSL) and at rest
  • Secure authentication mechanisms
  • Regular security assessments and monitoring
  • Access controls limiting employee access to personal data

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

8. Data Breach Notification

In the event of a data breach that affects your personal information, we will notify you and any applicable regulatory authorities as required by law. Notification will be provided through the App, via email, or through other appropriate channels within the timeframes mandated by applicable regulations.

9. Children's Privacy

Simyr is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us at support@holeaux.com.

If we learn that we have collected personal information from a child under 13, we will take steps to delete such information promptly. For users between 13 and 18, we encourage parental involvement in monitoring online activities.

10. Cookies and Tracking Technologies

The App may use cookies, local storage, and similar technologies to enhance your experience and collect usage information. These technologies help us:

  • Remember your preferences and login status
  • Analyze App usage patterns and performance
  • Improve our services based on aggregated data

You can control cookie settings through your device or browser settings. Note that disabling certain cookies may affect App functionality.

11. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. When we transfer data internationally, we implement appropriate safeguards to protect your information, including:

  • Standard contractual clauses approved by relevant authorities
  • Data processing agreements with service providers
  • Compliance with applicable data transfer frameworks

For EEA/UK Residents: When we transfer personal data outside the European Economic Area or United Kingdom, we ensure adequate protection through approved transfer mechanisms under the General Data Protection Regulation (GDPR).

12. Third-Party Links and Services

The App may contain links to third-party websites or services that are not operated by us. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party services you access through the App.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new Privacy Policy in the App and updating the "Last Updated" date. For significant changes, we may provide additional notice (such as a prominent in-app notification or email). Your continued use of the App after changes become effective constitutes acceptance of the revised Privacy Policy.

14. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Holeaux, LLC

Email: support@holeaux.com

We will make every effort to resolve your concerns promptly and fairly.