Privacy Policy VYC Sahitya App

Last updated: May 2026

1. Privacy at a Glance

General Information

The following information provides a simple overview of what happens to your personal data when you use the VYC Sahitya app. Personal data is any data that can be used to identify you personally. Detailed information on the subject of data protection can be found in the privacy policy below.

Core Principle: Local Data Storage

VYC Sahitya processes all data exclusively on your device. There is no backend, no server, and no cloud synchronisation. Your data is never transmitted to us or any third party. The app contains no analytics, advertising, or tracking SDKs.

What Are Your Rights Regarding Your Data?

You have the right to receive free information about the origin, recipient, and purpose of your stored personal data at any time. You also have the right to request the rectification or deletion of this data. Since all data is stored exclusively on your device, you can delete it yourself at any time in the app. You also have the right to lodge a complaint with the competent supervisory authority.

For this and other questions on the subject of data protection, you can contact us at any time.

2. Data Controller

The data controller responsible for the “VYC Sahitya” app is:

Anne und Robert Böhme
Vinayaki-Yoga & Coaching
Blumenstraße 30
21481 Lauenburg, Germany

Email: datenschutz@vinayaki-yoga-und-coaching.com
Phone: +49 (0) 176 47 34 79 48 / +49 (0) 176 47 32 15 02

3. What Data Is Stored?

All stored data remains exclusively on your device.

Encrypted Database

The app stores the following usage data in an encrypted SQLite database (256-bit AES encryption via SQLCipher):

Hydration Tracking

  • Logged drink entries with timestamp, drink type, and amount
  • Your personal daily goal and drink catalogue (including custom entries)
  • Favourite drinks
  • Reminder settings

Breathing Exercises

  • Kapalabhati: profiles, round configurations, completed sessions
  • Anuloma Viloma (alternate nostril breathing): profiles, completed sessions

App Preferences

The following preferences are stored locally in the device storage (SharedPreferences):

  • Selected app language
  • Selected theme / appearance
  • Date and number format
  • Custom breathing profiles

Encryption Material (Vault)

To protect the database, an encryption key (DEK) is stored in the device’s secure system storage (iOS Keychain / Android EncryptedSharedPreferences). This key is device-bound and never leaves the device. For restoration on a new device, a recovery passphrase is generated and also stored in the secure system storage.

4. Device Access and Permissions

The app accesses only the following device functions:

  • Local notifications: Hydration reminders – one-time permission request, only when enabled
  • Device time zone: Correct scheduling of reminders – one-time read access at startup

The app does not access the camera, microphone, location, contacts, health data, or any other sensors.

5. Network Access

The app itself makes no network connections and transmits no data. The only network-related action is opening external links in your device’s browser (contact form, legal notice) – the app itself transmits no data during this process.

The fonts used in the app (Google Fonts: Playball, Libre Baskerville) are fully bundled locally. No connection to Google servers takes place.

6. Device Backups

Your device’s operating system may create automatic backups (iCloud on iOS, Google Drive on Android). This may include the app’s encrypted database in your private device backup.

Important: This backup copy is encrypted with the same 256-bit AES key as the original database. Without the corresponding recovery passphrase, the data cannot be read. The passphrase itself is never included in the backup – it remains in the device’s secure system storage. Restoration on a new device is only possible with the recovery passphrase, which you can view in the app settings under “Data & Security”.

7. Your Rights

Since all data is stored exclusively on your device, no personal data is held on our servers.

Deleting Data in the App

You can delete all locally stored app data at any time:

In the app: Settings → Data & Security → Delete All Data

This action irreversibly deletes all entries from the database, clears all app preferences, and cancels all scheduled reminders. The encryption material (passphrase and key) is retained so you are not locked out of the app.

Complete removal: Uninstalling the app removes all local data including the encryption material from the device.

Right to Lodge a Complaint

You have the right to lodge a complaint with the competent data protection supervisory authority. The authority responsible for us is:

Unabhängiges Landeszentrum für Datenschutz Schleswig-Holstein (ULD)
Holstenstraße 98, 24103 Kiel, Germany
www.datenschutzzentrum.de

8. Legal Basis for Processing

Where the app processes personal data, this is done on the following legal bases in accordance with the General Data Protection Regulation (GDPR):

  • Art. 6(1)(a) GDPR – Consent: Local notifications (hydration reminders) are only sent with your explicit consent, which you can withdraw at any time in your device settings.
  • Art. 6(1)(b) GDPR – Performance of a contract: The storage of usage data (hydration entries, breathing exercises, preferences) is necessary to provide the contractually agreed functionality of the app.
  • Art. 6(1)(f) GDPR – Legitimate interests: The encryption of the database and the storage of the encryption key in the device’s secure system storage are based on our legitimate interest in protecting your locally stored data.

Since all data is processed exclusively on your device and no transmission to us takes place, processing on the basis of other legal grounds does not occur during normal app operation.

9. Retention Periods

Since all data is stored exclusively on your device, retention is entirely under your control:

  • Usage data (hydration entries, breathing exercises, preferences): Retained until you delete it in the app or uninstall the app.
  • Encryption material (DEK and recovery passphrase in secure system storage): Retained until the app is uninstalled. The iOS Keychain may retain data beyond uninstallation in a device-bound manner – this can be removed manually in the device settings.
  • App preferences (SharedPreferences): Retained until the app is uninstalled or until manually cleared via “Delete All Data” in the settings.
  • Device backups (iCloud / Google Drive): If your operating system includes the encrypted database in an automatic device backup, retention is governed by your backup settings and the policies of the respective operating system provider.

10. Contact Outside the App

The app itself transmits no data to us. If you contact us via the external channels linked in the app (email, contact form on the website), the personal data arising from this is governed by the privacy policy of our website:

vinayaki-yoga-und-coaching.com/privacy-policy-de-de

In particular: contact requests sent by email or via the contact form are stored for the purpose of processing the enquiry and are not passed on without your consent (legal basis: Art. 6(1)(b) or Art. 6(1)(f) GDPR). The data will be deleted once the enquiry has been fully processed, provided no statutory retention obligations apply.

11. Third-Party Libraries

The app uses only open-source libraries bundled locally within the app package. The following libraries have no network access during normal operation:

  • Drift / SQLCipher – encrypted local database
  • flutter_secure_storage – secure device key storage (iOS Keychain / Android EncryptedSharedPreferences)
  • flutter_local_notifications – local notifications (no remote push)
  • google_fonts (locally bundled, no network access) – fonts
  • audioplayers – local audio playback
  • url_launcher – opens external links in the browser (the app transmits no data itself)

12. Children

The app is intended for the general public. No personal data is collected or transmitted to us.

13. Future Changes

The app is under active development. Future versions may include additional features that require extended data processing (e.g. optional community features or an account system). In such cases, this privacy policy will be updated prior to the introduction of such features.

14. Contact

For questions about privacy in the app, please contact:

datenschutz@vinayaki-yoga-und-coaching.com

Or use the contact form on our website:
vinayaki-yoga-und-coaching.com/kontakt

This privacy policy applies exclusively to the VYC Sahitya mobile app. The privacy policy for the website vinayaki-yoga-und-coaching.com is available at vinayaki-yoga-und-coaching.com/privacy-policy-de-de.

Logo of Vinayaki-Yoga and Coaching

— Address

Blumenstr. 30,
21481 Lauenburg

— Contact
☎ +49 (0) 176 47 34 79 48
✉ kontakt@vinayaki-yoga-und-coaching.com
— Legal
Cookies user preferences
We use cookies to give you the best experience on our website. If you decline the use of cookies, this website may not function as expected.
Accept all
Decline all
Analytics
Tools for analysing data to measure the effectiveness of a website and to understand how it works.
Google Analytics
Accept
Decline
Advertising
If you agree, the advertising on the site will be tailored to your preferences.
Google Ad
Accept
Decline
Save settings