Behold | Privacy Policy

Last Updated: 4 December 2025

Introduction

Thank you for using Behold. At Behold, we believe in the power of technology for human progress, productivity, and wellbeing. We also believe in clear and unambiguous rules when it comes to privacy.

Here are the general principles that drive our decisions regarding privacy and how we collect, use, and handle your personal data:

Data stays on your device: On iOS, we use Apple's Screen Time API to block apps and disconnect distractions. We display information about apps you use but we do not store any of this data on our servers.
Minimize data collection: Our goal is to ensure that the collection or use of your personal data is minimized. We are committed to transparent data collection and letting our users opt-in to any data collection.
Prioritize privacy: Like other technology companies, we use data to improve our products and services. That said, our guiding principle is prioritizing your privacy, even in cases where collecting more data could be beneficial to improve Behold.
Never sell data to third parties: We are a company made by and for individuals, NOT third-party corporations or advertisers. We will therefore NEVER sell any of your personal data to third parties.
You pay for the product: Behold is free to download and use, but we offer premium features through our Behold subscription that helps fund us. Users are not our product; the app is.

Data Controller

Next Wave Apps is the data controller responsible for your personal data. Our details:

Company: Next Wave Apps
Address: Mathenesserdijk 397B, 3026GE, Rotterdam, The Netherlands
KVK Number: 98243691
Contact Email: [email protected]
Founder: Ralph Hermeling

Data We Collect

1. Data Linked to You

Contact Information and User Identifiers

When you sign in with Apple ID or Google, we receive and store your email address, name, and a unique identifier. This information is used to:

Connect your payment information within Behold to an account so that you can use your Behold account across different platforms
Help you restore your subscription if you delete and reinstall Behold
Correspond with you to help solve any issues or investigate and fix problems when you file bug reports

2. Data Not Linked to You

Usage Data and Diagnostics

We use this information to help us improve Behold for all our users. This information generally includes:

Crash reports and performance metrics
Most commonly used features within Behold
When Behold was installed
App opens and session duration
Feature interactions and in-app behavior events

Detailed Data Categories

Personal Identifiers

Email address
Name
User ID / Account ID
Apple User ID reference
IP address
Device identifiers (IDFV, AppsFlyer Device ID, Mixpanel Distinct ID)

Device & Technical Data

Device model and OS version
App version
Language, locale, and time zone
Country (derived from IP, not GPS)
Network information (carrier, connection type)

Usage Data

Collected via Mixpanel for analytics purposes:

App opens and session duration
Screen views and navigation flow
Feature interactions and button taps
Onboarding progress
Crashes and performance metrics
In-app behavior events (practices created/started/completed, boundaries engaged, notifications interactions, paywall views)

Subscription & Transaction Data

Subscription plan (weekly, monthly, yearly)
Subscription status (active, trial, expired, canceled)
Transaction history (product ID, price, currency)
Trial start/end dates
Purchase receipts (token only, no sensitive card data)

Attribution & Marketing Data

Collected via AppsFlyer:

Install source (paid ad, organic, referral)
Campaign ID, ad set ID, creative ID
Attribution parameters (touchpoint timestamps, clicks, views)
Conversion metrics

Screen Time / FamilyControls Data

We use Apple's FamilyControls and ManagedSettings APIs. We collect only:

Which apps are selected to be restricted (app bundle identifiers)
When practices/boundaries are active
App categories selected by the user

Important: We collect only the app bundle identifiers the user chooses to restrict within the app's functionality. We do NOT collect usage durations or activity data from other apps. All Screen Time data remains on your device and is processed locally using Apple's APIs.

What We Do NOT Collect

For transparency and to build trust, we explicitly state that we do NOT collect:

Contacts
Photos
Health data
Fitness data
Precise location (GPS)
Browsing history
Other app usage statistics or time spent in other apps
Sensitive personal data (race, religion, political views, etc.)

How We Use Your Data

We use your data for the following purposes:

To operate the app: Onboarding, settings, boundaries, and practices functionality
To provide Screen Time / FamilyControls features: Enabling app blocking and focus features using Apple's APIs
To process payments: Apple handles App Store payments; Stripe processes web payments via Superwall
To analyze product usage and improve the app: Via Mixpanel for behavioral analytics (non-sensitive)
To measure marketing performance: Via AppsFlyer for attribution and aggregated conversions
To detect bugs and ensure app stability: Crash logs and diagnostics
To communicate with users: Notifications for practice reminders, grace pauses, and service announcements

Third-Party Services

We integrate with the following third-party services:

Analytics and Attribution

Mixpanel: Product analytics and user behavior tracking
AppsFlyer: Mobile attribution and marketing analytics
Superwall: Paywall management and A/B testing

Apple Frameworks

FamilyControls
ManagedSettings
StoreKit
Push Notifications
DeviceActivity Monitor

Payment Processing

Stripe: Secure payment processing for web purchases
Apple App Store: In-app purchase processing

Hosting

Cloudflare: Website hosting, CDN, and user account data storage (European Union region)

Cookies and Tracking

Our website (usebehold.com) uses cookies and similar tracking technologies via Mixpanel and AppsFlyer for:

Page views and browser type
Cookie identifiers
Referrer information
Analytics data

You can manage cookie preferences through your browser settings. Disabling cookies may affect certain website functionality.

Legal Basis for Processing (GDPR)

Under the General Data Protection Regulation (GDPR), we process your data based on the following lawful bases:

Contract Performance: We need your personal data to deliver our services, enable account creation, and process subscriptions.

Legal Compliance: Tax laws require us to retain records of payments and transactions.

Legitimate Interests: We use data to prevent fraud, ensure security, analyze usage to improve our services, and send promotional communications (subject to your right to opt out).

Data Storage and Security

Your account data is stored on Cloudflare servers located in the European Union. We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction.

Screen Time data from Apple's FamilyControls API remains on your device and is not transmitted to our servers.

Data Retention

We retain your personal data for as long as your account is active or as needed to provide services. After account deletion, we may retain certain data as required by law or for legitimate business purposes (such as fraud prevention) for up to 7 years.

Your Rights

Under GDPR and applicable data protection laws, you have the right to:

Access: Request a copy of your personal data
Rectification: Request correction of inaccurate data
Erasure: Request deletion of your data ("right to be forgotten")
Restriction: Request restriction of processing
Portability: Request transfer of your data to another service
Object: Object to processing based on legitimate interests
Withdraw Consent: Withdraw consent at any time where processing is based on consent

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.

International Data Transfers

Your data is primarily stored within the European Union. When data is transferred outside the EEA (for example, to analytics providers), we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

Children's Privacy

Behold is not directed at children under 13. We do not knowingly collect personal data from children under 13. Account creation requires users to be at least 16 years old.

If you believe we have collected data from a child under 13, please contact us immediately at [email protected], and we will take steps to delete such information.

Additional Disclosures for California Residents (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

Right to Know: Request information about the categories and specific pieces of personal data we collect
Right to Delete: Request deletion of your personal data
Right to Opt-Out: Opt out of the sale of your personal data (note: we do NOT sell personal data)
Right to Non-Discrimination: We will not discriminate against you for exercising your rights

To exercise these rights, contact us at [email protected].

Do Not Track

Your browser may allow you to transmit a "Do Not Track" signal. As there is no industry standard for how to respond to these signals, our systems do not currently recognize browser "Do Not Track" requests. You may, however, disable certain tracking as described in the Cookies section.

Changes to This Policy

We may update this Privacy Policy from time to time. Changes are effective 30 days after posting, or as communicated through the app or via email. Continued use of Behold after changes become effective constitutes acceptance of the updated policy.

Contact Us

If you have any questions about this Privacy Policy, please contact us:

Email: [email protected]
Address: Mathenesserdijk 397B, 3026GE, Rotterdam, The Netherlands
Website: www.usebehold.com

As a digital wellbeing company, we want to bring you peace and balance in your use of digital technology. Privacy is core to your peace of mind, so we take extra care with it.