Privacy Policy

DelayBox by NeoSura · Effective: May 25, 2026

NeoSura ("we," "us," or "our") operates the DelayBox mobile application (the "App"). This Privacy Policy explains how we handle information when you use the App. By downloading or using DelayBox, you agree to the practices described in this policy.

We encourage you to read this document carefully and to check back periodically for any updates. If you do not agree with the terms of this Privacy Policy, please do not use the App.

Privacy at a Glance: DelayBox is designed with a privacy-first approach. All content you create — your personal thoughts, impulses, and decisions — is stored exclusively on your device. We never transmit, read, or access this content. The only data sent from the App to our servers is anonymous, non-personal usage statistics (such as the fact that a capsule was created, without any of its content).

1. Information We Collect

1.1 Content You Create

DelayBox allows you to create "capsules" — short text entries representing impulses or decisions you wish to delay before acting on them. You may also assign a time delay to each capsule and later choose to act on, abandon, or further delay it.

All capsule content, including the text you enter, the delay options you select, and the decisions you make, is stored entirely on your device using the iOS local data storage framework (SwiftData). This data is never uploaded to, transmitted to, or accessible by our servers or any third party.

Because we never collect this data, we cannot read it, use it for any purpose, or share it with anyone.

1.2 Anonymous Usage Statistics

To help us understand how DelayBox is being used and to improve the App over time, we collect limited, anonymous usage statistics. This information is transmitted to our servers over an encrypted HTTPS connection.

The specific data points collected include:

Device Identifier: A randomly generated UUID (Universally Unique Identifier) that is created the first time you launch the App. This identifier is stored locally on your device and is used solely to count unique installations. It is not linked to any personal information and cannot be used to identify you as an individual.
App Version: The build number of the DelayBox version currently installed on your device. This helps us track adoption of updates and diagnose version-specific issues.
Operating System Version: The version of iOS running on your device. This information allows us to ensure compatibility and address OS-specific bugs.
Usage Events: Generic, non-content actions you perform within the App, such as launching the App or interacting with a capsule. These events contain no personal information and no details about the content of any capsule.

1.3 What We Do NOT Collect

We want to be explicit about the types of data we do not collect, now or in the future:

Your name, email address, phone number, or any contact information
Your geographic location or IP address
The text content of any capsule you create
Any information about your impulses, decisions, or personal thoughts
Device identifiers that can be traced back to you (such as advertising identifiers, serial numbers, or IMEI)
Photos, videos, audio, or any media files
Browsing history or data from other apps on your device
Biometric data (such as Face ID or Touch ID information)
Health, fitness, or medical information
Financial or payment information

2. How We Use Information

2.1 Purpose of Usage Statistics

The anonymous usage statistics described in Section 1.2 serve the following purposes:

App Stability: Monitoring crash rates and error patterns to identify and fix bugs more quickly, ensuring a reliable experience for all users.
Feature Improvement: Understanding which features are used most frequently and how users interact with the App, so we can prioritize improvements and new features that matter most.
Performance Optimization: Tracking how the App performs across different device models and OS versions to ensure smooth operation for all users.
Usage Trends: Observing aggregate trends (such as how many capsules are created across all users) to validate that the App is fulfilling its intended purpose.

2.2 How We Do NOT Use Information

We commit to the following restrictions on data use:

We do not use any collected data for targeted or behavioral advertising.
We do not build individual user profiles or engage in any form of profiling.
We do not use data for marketing, lead generation, or outreach purposes.
We do not sell, license, or otherwise monetize user data in any form.
We do not use data to make automated decisions that affect users.

3. Data Storage and Retention

3.1 Local Data

All capsule content and App settings are stored locally on your device using iOS SwiftData, which leverages the device's built-in encryption and data protection capabilities. This data is not backed up to any cloud service operated by us.

If you use iCloud or iTunes backups, your local App data may be included in those backups. We have no access to or control over such backups. You can manage your backup preferences through your device's Settings.

3.2 Server-Side Data

The anonymous usage statistics transmitted to our servers are retained for a period of up to 12 months for analysis purposes, after which they are automatically deleted. Because this data is anonymous and not linked to any personal identifier beyond a random UUID, it cannot be associated with any individual user.

3.3 Data Retention Summary

Data Type	Storage Location	Retention Period	Linked to You
Capsule content	Device only	Until you delete it or uninstall the App	No — never leaves your device
App settings	Device only	Until you uninstall the App	No — never leaves your device
Anonymous device ID	Device + Server logs	Up to 12 months on server	No — random UUID, not personal
Usage events	Server logs	Up to 12 months	No — no content, no identity

4. Data Security

We take reasonable measures to protect the limited data we collect:

Encryption in Transit: All communication between the App and our servers uses HTTPS (TLS encryption), ensuring that data cannot be intercepted during transmission.
Encryption at Rest: Your local data benefits from iOS's built-in data protection, which encrypts data stored on the device.
Access Controls: Access to our server infrastructure is restricted to authorized personnel on a need-to-know basis, protected by multi-factor authentication.
Minimal Data Principle: By design, we collect the minimum amount of data necessary. Because we do not collect personal content, the risk exposure from any potential security incident is significantly reduced.

While we strive to use commercially acceptable means to protect any data, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security.

5. Third-Party Services

DelayBox is designed to operate with minimal external dependencies. We do not integrate any of the following:

Third-party analytics services (such as Google Analytics, Firebase Analytics, Mixpanel, or Amplitude)
Advertising networks or SDKs (such as Facebook Ads, Google Ads, or any ad mediation platforms)
Third-party crash reporting tools (such as Crashlytics or Sentry)
Social media SDKs or login services
Cloud data storage services that would store your personal content externally

The only external communication from the App is the anonymous usage logging described in Section 1.2, which is sent directly to our own infrastructure.

6. Data Sharing and Disclosure

We do not sell, trade, rent, lease, license, or otherwise share any user data with third parties for any purpose.

We may disclose anonymized, aggregated statistics (e.g., "X total capsules were created this month across all users") in public communications, reports, or marketing materials. This aggregated data contains no personally identifiable information and cannot be traced back to any individual user.

In the event we are required by applicable law, regulation, legal process, or governmental request to disclose any information, we will comply only to the extent legally required. Given the anonymous nature of the data we collect, such scenarios are extremely unlikely to reveal any personal information.

7. Your Rights and Control

DelayBox is built to give you full control over your data:

Full Local Control: All your personal content remains on your device at all times. You can view, modify, or delete any capsule at any time through the App's interface.
Deletion: Deleting a capsule within the App permanently removes it from your device. Uninstalling the App removes all locally stored data, including your capsules, settings, and the anonymous device identifier.
No Account Required: DelayBox does not require account registration. There are no accounts to delete, no passwords to manage, and no cloud-stored data to worry about.
Device Identifier Reset: If you uninstall and reinstall the App, a new anonymous device identifier will be generated. The previous identifier and its associated anonymous statistics will naturally expire from our servers within 12 months.
Opt-Out: If you prefer not to send anonymous usage statistics, you may use the App in a manner that prevents network communication (such as enabling Airplane Mode). We are exploring the addition of an in-app toggle for this preference in a future update.

8. Notifications

DelayBox may send you local notifications on your device to remind you when a capsule's delay period has ended. These notifications are generated and delivered entirely by the iOS notification system on your device. Notification content (such as the existence of a capsule) is processed locally and is never transmitted to our servers.

You can manage notification permissions at any time through your device's Settings > Notifications > DelayBox.

9. Children's Privacy

DelayBox is a general-purpose productivity tool and is not specifically directed at children under the age of 13 (or the applicable age of consent in your jurisdiction). We do not knowingly collect personal information from children.

Because the App does not collect personal information from any user regardless of age, the risk to children's privacy is minimal. However, if you are a parent or guardian and believe that your child has used the App and you have concerns, please contact us at the address below and we will address your concerns promptly.

10. International Data Protection

10.1 General Data Protection Regulation (GDPR)

For users in the European Economic Area (EEA), the United Kingdom, and Switzerland, DelayBox complies with the principles of the General Data Protection Regulation (GDPR). Specifically:

Lawfulness, Fairness, and Transparency: We are transparent about the limited data we collect and process it lawfully with a legitimate interest in improving the App.
Purpose Limitation: Data is collected only for the specific purposes described in this policy.
Data Minimization: We collect only the minimum data necessary for the stated purposes.
Storage Limitation: Data is retained only as long as necessary and automatically deleted after 12 months.
Integrity and Confidentiality: Data is protected through encryption and access controls.

Because the data we collect is anonymous and not linked to identifiable individuals, the GDPR rights of access, rectification, erasure, and portability have limited applicability. Nevertheless, if you believe we hold any data about you, you may contact us to exercise these rights.

10.2 California Consumer Privacy Act (CCPA)

For users in California, DelayBox complies with the California Consumer Privacy Act (CCPA). Under the CCPA, you have the right to know what personal information is collected, to request deletion of your personal information, and to opt out of the sale of personal information.

Because we do not collect personal information as defined by the CCPA, and we do not sell any data, these rights have limited applicability. However, we respect the spirit of these regulations and are committed to transparency.

10.3 Other Jurisdictions

For users in other jurisdictions with data protection laws (such as PIPEDA in Canada, LGPD in Brazil, or the Personal Data Protection Act in Singapore), we apply the same privacy standards described in this policy globally. Regardless of your location, we handle all data with the same level of care and respect for your privacy.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make changes, we will:

Update the "Effective" date at the top of this page to reflect the date of the most recent revision.
If the changes are material, we will make reasonable efforts to notify you, such as through a notice within the App or via other communication channels.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information. Your continued use of the App after any changes constitutes your acceptance of the updated policy.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your data, we are happy to help. Please reach out to us:

NeoSura

Email: support@neosura.com

We aim to respond to all privacy-related inquiries within 30 days.