Privacy Policy — Ayer
Last updated: 10 June 2026
This Privacy Policy explains how Ayer ("Ayer", "the app", "we", "us") collects, uses, and protects your personal data. Ayer is a personal behavioral-measurement application that helps you define your own goals, translate them into measurable behaviors, and see how your actions align with the standards you set for yourself.
We take a privacy-first approach: we make money from the app itself, not from your data. We never sell your personal data, and we never use it for advertising.
1. Who is responsible for your data (Data Controller)
The data controller responsible for your personal data is:
Lamin Diallo Solana
Contact: privacy@getayer.com
If you have any questions about this policy or wish to exercise your rights, contact us at the email above.
2. What data we collect
We collect only the data necessary to provide the app's functionality:
Account data (if you create an account):
- Email address
- Password (stored securely / hashed by our authentication provider; we never see your plaintext password)
Your app content:
- Goals and metrics you create
- Daily logs and the values you record
- Reflections you write
- Settings such as your language preference and day-cutoff time
That's it. We do not collect:
- Device identifiers, advertising IDs, or location data
- Analytics or tracking data
- Browsing behavior outside the app
- Any special-category data unless you choose to record it yourself in your own metrics
You can also use Ayer anonymously (without an account), in which case your data stays on your device and is not sent to our servers.
3. How we use your data
We use your data solely to:
- Provide the app's core functionality (storing your goals, logs, scores, and reflections)
- Sync your data across your devices when you are signed in
- Generate optional AI-assisted features (see Section 5)
- Respond to your support requests
We do not use your data for advertising, profiling for marketing, or sale to third parties.
4. Legal basis for processing (GDPR)
Under the EU General Data Protection Regulation (GDPR), we process your data on the following legal bases:
- Contract: to provide the app's services you've signed up for
- Consent: for optional features you choose to use (such as AI-assisted goal building)
- Legitimate interests: to maintain the security and reliability of the service
You may withdraw consent or object to processing at any time (see Section 8).
5. AI-assisted features and third parties
Some optional features (such as the AI goal builder and AI-generated insights) use OpenAI's API to process text. When you use these features:
- Only the specific text or summary needed for the feature is sent (for example, the goal description you type, or anonymized summary statistics — never your full data history)
- This is clearly indicated in the app before you use the feature
- OpenAI processes this data as our sub-processor; we do not permit it to be used to train their models where that option is available to us
We use the following third-party service providers ("sub-processors"):
| Provider | Purpose | Data location |
|---|---|---|
| Supabase | Database and authentication (storing your account + app data) | European Union (Ireland) |
| OpenAI | Optional AI features (goal builder, insights narration) | United States |
| Render | Application hosting | (hosting provider) |
Where data is transferred outside the EU (e.g., to OpenAI in the US), such transfers are protected by appropriate safeguards such as Standard Contractual Clauses.
6. Where your data is stored
Your account and app data are stored in the European Union (Ireland) via Supabase. Optional AI-feature requests may be processed in the United States by OpenAI, as described above.
7. How long we keep your data
We keep your data for as long as your account is active. If you delete your account, your data is deleted from our active systems. Backups, if any, are removed on a rolling basis.
You can delete your data at any time using the in-app account-deletion feature, which requires re-authentication for security.
8. Your rights (GDPR)
As a user in the EU, you have the right to:
- Access the personal data we hold about you
- Rectify inaccurate data
- Erase your data ("right to be forgotten")
- Export / port your data (Ayer provides an in-app export feature)
- Restrict or object to certain processing
- Withdraw consent for optional features at any time
- Lodge a complaint with a supervisory authority (in Spain, the Agencia Española de Protección de Datos, www.aepd.es)
To exercise any of these rights, contact privacy@getayer.com. Many rights (export, deletion) can also be exercised directly in the app.
9. Data security
We use industry-standard measures to protect your data, including encrypted connections (HTTPS), secure authentication, and access controls. No system is perfectly secure, but we take reasonable steps to protect your information.
10. Children
Ayer is not intended for children under the age of 16. We do not knowingly collect data from children under 16. If you believe a child has provided us data, contact us and we will delete it.
11. Changes to this policy
We may update this Privacy Policy from time to time. We will post the updated version with a new "Last updated" date. Significant changes will be communicated within the app.
12. Contact
For any privacy questions or to exercise your rights:
privacy@getayer.com