Privacy Policy
okVibe — Daily Wellbeing Check-In for Independent Living
Effective date: June 02, 2025 Last updated: June 02, 2025
1. Who We Are
okVibe is developed and operated by ICI Tech Teknoloji A.Ş. ("Company", "we", "us", or "our"), a technology company registered in Turkey.
| Company | ICI Tech Teknoloji A.Ş. |
| Website | https://okvibe.app/ |
| app@icitech.com.tr | |
| Data Controller | ICI Tech Teknoloji A.Ş. |
Important Disclaimer: okVibe is not an emergency service, medical device, fall detector, crisis hotline, location tracker, or guaranteed safety system. It is a daily check-in companion designed to provide reassurance for independent living. In immediate danger, contact your local emergency services (e.g. 112 in Turkey, 999 in the UK, 112 in the EU, 911 in the US).
2. Scope
This Privacy Policy applies to:
- The okVibe iOS app (Apple App Store)
- The okVibe Android app (Google Play)
- The okVibe website at https://okvibe.app/
- All related support and communication channels
EEA and UK users: Please also read our GDPR Privacy Notice, which applies alongside this Policy.
3. Data We Collect
3.1 Account Information
An account is required for the primary user (the person who performs check-ins). We collect:
- Email address
- Password (stored as a one-way hash — we never see your plain-text password)
- Optional: display name, profile photo
Trusted contacts do not need to create an account to receive missed check-in alerts.
3.2 Check-in Data
- Daily check-in timestamps (when you tap "I'm OK")
- Missed check-in records
- Check-in window and schedule settings
- Calm status notes you add to check-ins
- Check-in history and streaks
Check-in history reveals patterns about your daily routine and wellbeing. We treat this data with care and do not share it with advertising platforms.
3.3 Trusted Contact Data
- Names and contact details (phone number and/or email address) of people you choose to add as trusted contacts
- Alert message preferences you configure for missed check-ins
Your responsibility: When you add someone as a trusted contact, you are sharing their personal data with us. Please ensure you have their permission to do so. We use this data only to deliver missed check-in notifications as instructed by you.
3.4 App Settings and Preferences
- Check-in window timing preferences
- Reminder times and frequency
- Privacy mode settings
- Notification preferences
3.5 Location Data
- Location is not collected during your daily check-in routine.
- Location data is collected only if you explicitly enable the optional SOS feature and only when that feature is active.
- SOS location data is used solely to share your position with trusted contacts in a declared emergency.
- You can disable SOS features and revoke location permission at any time through your device settings.
See Section 9 for full details.
3.6 Subscription and Purchase Data
- Subscription tier and status (active, trial, expired, cancelled)
- Purchase date, renewal date, transaction ID
- Platform (App Store or Google Play)
- RevenueCat pseudonymous customer ID
We never receive your payment card details. All payment processing is handled by Apple or Google.
3.7 Device and Technical Data
- Device type and model, OS version, app version
- IP address (truncated where possible), time zone
- App session timestamps, crash logs, error reports
3.8 Push Notification Data
- Device push token (if you grant permission)
- Notification delivery and open events
3.9 Communications Data
- Email address and message content when you contact support
3.10 Legal and Compliance Data
- Records required by applicable Turkish law, regulatory correspondence
4. How We Collect Your Data
| Method | Examples |
|---|---|
| Directly from you | Account registration, check-in taps, trusted contact entries, status notes |
| Automatically | Session data, crash reports, device info |
| From device | Location (only when SOS is actively enabled with permission) |
| From third parties | Subscription status from RevenueCat; payment confirmation from Apple/Google |
5. Legal Bases for Processing
| Purpose | Legal Basis |
|---|---|
| Account creation and management | Performance of contract |
| Daily check-in delivery and alerts | Performance of contract |
| Trusted contact storage and notification | Performance of contract |
| Reminder notifications | Performance of contract |
| SOS location sharing | Explicit consent (device location permission) |
| Subscription management | Performance of contract |
| App quality, crash analysis | Legitimate interest |
| Security and fraud prevention | Legitimate interest |
| Support requests | Performance of contract |
| Legal obligations | Legal obligation |
| Legal disputes | Legitimate interest / Legal obligation |
| Marketing communications | Consent |
6. How We Use Your Data
Core App Functionality
- Authenticating your account and syncing your preferences
- Sending daily check-in reminders at your chosen time
- Recording your "I'm OK" confirmations
- Notifying trusted contacts when a check-in is missed
- Maintaining your check-in history
- Sharing your location with trusted contacts when SOS is active (with your explicit permission)
- Managing your subscription and unlocking Premium features
App Quality
- Diagnosing crashes and fixing bugs
- Security monitoring and fraud prevention
Communications
- Transactional messages (subscription receipts, password resets)
- Check-in reminders and alerts (with your permission)
- Marketing messages (with your explicit consent only)
7. What We Do Not Do
- We do not sell your personal data to any third party.
- We do not track your location routinely. GPS is used only when you actively enable the optional SOS feature.
- We do not share check-in history or daily routine patterns with advertising networks or data brokers.
- We do not require trusted contacts to install the app or create accounts.
- We do not use advertising identifiers (IDFA on iOS, GAID on Android).
- We do not knowingly collect data from children under 18.
- We do not use your check-in data for ad targeting or behavioural profiling.
8. Trusted Contacts — A Special Note
When you add someone as a trusted contact in okVibe:
- You are providing us with that person's name and contact details.
- We store this data solely to send missed check-in alerts as you configure.
- We do not use trusted contact data for any other purpose.
- Trusted contacts will receive notifications only when you miss a check-in (or via SOS if enabled).
- Trusted contacts do not need the app, an account, or a subscription.
- You can remove a trusted contact at any time in app settings, which will prevent future notifications to that person.
Your responsibility: Please ensure the people you add as trusted contacts have consented to receive notifications from okVibe on your behalf.
9. Location Data and SOS
okVibe is built on a no-routine-GPS promise. Location data is handled as follows:
| Scenario | Location used? |
|---|---|
| Daily check-in tap ("I'm OK") | No |
| Missed check-in alert to trusted contacts | No |
| Optional SOS feature (when you enable it) | Yes — with your explicit permission |
| Background tracking | Never |
When you enable SOS:
- You will be asked to grant location permission explicitly.
- Location is used only while SOS is active to share your position with trusted contacts.
- Location data is not stored beyond what is necessary to deliver the SOS alert.
- You can disable SOS and revoke location permission at any time via device settings (iOS: Settings → Privacy & Security → Location Services → okVibe; Android: Settings → Apps → okVibe → Permissions → Location).
- Disabling location permission disables SOS functionality only; all other features remain available.
10. Subscriptions and Billing
okVibe Premium is an auto-renewing subscription available through the Apple App Store (iOS) and Google Play (Android).
We use RevenueCat to manage subscription state. RevenueCat receives only a pseudonymous customer ID and subscription status — not your name, email, check-in data, trusted contact data, or payment details. RevenueCat privacy policy: https://www.revenuecat.com/privacy
We never receive your payment card details. All payment processing is handled by Apple or Google.
To manage or cancel: iOS: Settings → [your name] → Subscriptions; Android: Google Play → Profile → Payments & subscriptions.
11. Third-Party Services
| Service | Purpose | Privacy Policy |
|---|---|---|
| Apple App Store | iOS distribution and payment | https://www.apple.com/legal/privacy/ |
| Google Play | Android distribution and payment | https://policies.google.com/privacy |
| RevenueCat | Subscription state management | https://www.revenuecat.com/privacy |
| Notification delivery provider | SMS/email delivery for trusted contact alerts | Available on request |
We do not integrate advertising SDKs into the okVibe app.
12. Data Sharing and Disclosure
| Recipient | Purpose | Legal Basis |
|---|---|---|
| Infrastructure / hosting providers | App operations, security | Contract / Legitimate interest |
| Notification delivery providers | Sending missed check-in alerts to trusted contacts | Contract |
| RevenueCat | Subscription management | Contract |
| Apple / Google | Payment processing | Contract |
| Customer support providers | Handling your requests | Contract |
| Financial and legal advisors | Accounting, auditing, legal | Legal obligation / Legitimate interest |
| Courts, regulators, enforcement | Lawful requests | Legal obligation |
| Potential acquirers (confidentiality) | Due diligence | Legitimate interest |
| Marketing partners | With explicit prior consent only | Consent |
13. International Data Transfers
ICI Tech Teknoloji A.Ş. is based in Turkey. Some service providers operate internationally. All international transfers are subject to appropriate safeguards per KVKK Article 9, including standard contractual clauses.
14. Data Retention
| Data Category | Retention Period |
|---|---|
| Account data | Duration of account + 3 years after deletion |
| Check-in history | Duration of account + 1 year after deletion |
| Trusted contact data | Until removed by you or account deleted + 30 days |
| Location (SOS) data | Not stored beyond alert delivery; deleted within 30 days |
| Subscription and transaction records | 10 years (Turkish commercial law) |
| Support communications | 3 years from last contact |
| Crash and error logs | 12 months (rolling, automatic) |
| Security and access logs | 12 months |
| Marketing consent records | 3 years from consent |
Account deletion: We delete or irreversibly anonymize your data within 30 days, except where longer retention is required by law.
15. Security
- TLS 1.2+ encryption for all data in transit
- Encryption at rest for all server-stored data
- Check-in history and trusted contact data protected with access controls
- Location data (SOS) processed minimally and not retained beyond necessity
- Regular security assessments and penetration testing
- Data breach response plan in place; breach notifications per KVKK requirements
16. Push Notifications
| Type | Purpose | Requires Opt-In |
|---|---|---|
| Transactional | Subscription receipts, password resets | No |
| Check-in reminders | Daily "time to check in" nudge | Yes |
| Missed check-in alerts (to trusted contacts) | SMS/email notification | Configured in app |
| Marketing | New features, offers | Yes — separate opt-in |
Manage in Settings → Notifications or your device settings.
17. Children's Privacy
okVibe is for users aged 18 and older. We do not knowingly collect data from minors. Contact app@icitech.com.tr if you believe a child has submitted data.
18. Your Privacy Rights
| Right | How |
|---|---|
| Access your data | app@icitech.com.tr — "Data Access Request" |
| Correct inaccurate data | Update in-app or contact us |
| Delete account and data | Settings → Account → Delete Account |
| Export your data | Settings → Privacy → Export My Data (where available) |
| Remove a trusted contact | Settings → Trusted Contacts |
| Disable SOS location | Device Settings → Location Services → okVibe |
| Withdraw marketing consent | Settings → Privacy → Marketing Preferences |
We respond within 30 days, free of charge.
19. Cookies and Tracking
Our website uses cookies. A consent banner is shown on first visit.
| Type | Purpose | Opt-Out |
|---|---|---|
| Strictly necessary | Core site functionality | Not possible |
| Analytics | Aggregate visitor behaviour | Via cookie banner |
| Marketing | App store click-through | Via cookie banner |
The okVibe app does not use advertising identifiers or advertising SDKs.
20. EEA and UK Users
If you are in the EEA or UK, the GDPR applies. Please read our full GDPR Privacy Notice for GDPR article references, Standard Contractual Clauses, EU Representative information, supervisory authority contacts, and 72-hour breach notification rights.
21. Changes to This Policy
For material changes, we notify you at least 14 days in advance. Current version always at /en/privacy.
22. Contact Us
| app@icitech.com.tr | |
| Website | https://okvibe.app/ |
| Subject line | "Privacy Request — okVibe" |
We acknowledge enquiries within 5 business days.
23. Governing Law
This Policy is governed by the laws of the Republic of Turkey, including KVKK No. 6698. Disputes are subject to Turkish court jurisdiction.