Last updated: 12 July 2025
PuffTrack (“we”, “our”, “the App”) helps users monitor and gradually reduce vaping and smoking. This Privacy Policy explains what data we collect, how we use it, how long we keep it, and what rights you have. By installing or using PuffTrack you agree to the practices described below.
Identifier for Vendor (IDFV). We generate and store the IDFV on our backend to recognise returning users across re-installations and synchronize their progress.
Diagnostic & crash data. When the App crashes or encounters an error, Apple’s crash-reporting mechanisms and our analytics SDKs may record OS version, device model, timestamp and stack traces. No names, e-mails or precise locations are included.
Aggregated usage analytics. We collect anonymised event data (e.g., button taps, screen flows) to understand which features are most useful and to plan improvements.
Refund-related usage data. If you request a refund through the App Store, we may link limited in-app usage metrics (for example, number of sessions, feature activations and total time spent) to the transaction ID and share this information with Apple. The data is transmitted securely via Apple’s Send Consumption Information API and used only to help Apple decide whether the refund should be approved or declined.
PuffTrack does not request your real name, e-mail address, phone number, precise GPS location, contacts or health records, nor do we track you for advertising purposes.
Under the EU GDPR we process:
• Performance of a contract — to deliver core app functions.
• Legitimate interests — to fix bugs, protect the service and analyse aggregated usage.
• Consent — where the App or the OS prompts you for optional data sharing.
• Generate anonymous statistics that help us improve retention and success rates.
• Detect, diagnose and resolve stability or performance issues.
• Generate aggregated revenue metrics for business accounting.
PuffTrack retains Personal Data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy. We may also keep certain information as needed to comply with legal obligations, resolve disputes, and enforce our agreements and policies.
Usage Data (such as diagnostic logs and anonymous analytics) is generally kept for a shorter period. However, we may preserve it longer when required to strengthen security, improve service functionality, or meet statutory retention requirements.
All usage data is stored and processed on secure servers located in the European Union. This applies regardless of the user’s country of residence, including the United States. We take appropriate measures to ensure the confidentiality, integrity, and availability of this data.
To keep subscriptions working and understand how users progress we rely on two SDKs:
Qonversion Inc. — subscription management and revenue analytics (privacy policy).
Mixpanel Inc. — product analytics (privacy policy).
Both providers operate under strict contractual confidentiality obligations and comply with GDPR and CCPA requirements. Data shared with them is pseudonymised (IDFV-based) and never sold.
Apple Inc. (App Store Server API). When Apple requests additional details about a purchase as part of a refund review, PuffTrack (via Qonversion’s Refund Keeper) sends pseudonymised usage statistics linked to that purchase. This data is shared solely for refund adjudication, is processed under Apple’s privacy policies, and is not retained longer than necessary for that purpose.
We apply industry-standard safeguards such as TLS encryption in transit, sandboxed cloud infrastructure, role-based access controls and regular security reviews. No method of electronic storage can be guaranteed 100 % secure, but we strive to maintain commercially acceptable standards.
If personal data is transferred outside the European Economic Area (EEA), including to the United States, we ensure appropriate safeguards are in place. These include Standard Contractual Clauses approved by the European Commission and supplementary measures where required.
All usage data is primarily stored and processed in the European Union. This applies regardless of the user’s country of residence, including the United States. We take appropriate measures to ensure the confidentiality, integrity, and availability of this data.
You have the right to delete or request that We assist in deleting the Personal Data that We have collected about You. Our Service may give You the ability to delete certain information about You from within the Service. You may update, amend, or delete Your information at any time by signing in to Your Account, if you have one, and visiting the account settings section that allows you to manage Your personal information. You may also contact Us to request access to, correct, or delete any personal information that You have provided to Us. Please note, however, that We may need to retain certain information when we have a legal obligation or lawful basis to do so.
PuffTrack is intended for adults aged 17 and above and is not directed to minors. We do not knowingly collect data from anyone under 17. If you believe such data has been collected, please contact us so we can delete it promptly.
We may update this Policy from time to time. Material changes will be announced in-app or on pufftack.top. Continued use of the App after changes take effect constitutes acceptance of the revised Policy.
If you have questions or concerns about privacy, data protection or our security practices, write to contact@pufftack.top.
© 2025 Dmytro Lytvynenko. All rights reserved.