Privacy Policy

Last Updated: May 22, 2026

Effective Date: May 22, 2026

This Privacy Policy describes how Nereus Data ("we," "us," or "our") handles information in connection with FNSHD, a pornography addiction recovery coaching application for iPhone (the "App"). We take your privacy seriously, particularly given the sensitive nature of the recovery journey.

Our Core Principle: Local-First, Privacy by Design

FNSHD is designed with your privacy as a foundational principle. Your recovery progress, journal entries, and personal check-ins are stored exclusively on your device. We do not operate servers that store your personal content or identity.

1. Information Stored Locally on Your Device

The following information is stored exclusively on your device using Apple's SwiftData framework. This data never leaves your device except as described in Sections 3 and 4 below, and is never accessible to us:

• Recovery progress (streak counts, check-in history, milestone completions)
• Journal entries (freeform text you write during reflection exercises)
• Program activity (lesson progress, curriculum position, 90-day program state)
• App settings and preferences

This data is stored in the app's sandboxed container and is automatically deleted if you uninstall the App. You can also delete all local data at any time via Settings → Delete Account & Data within the App.

2. Camera Access

The App may request camera access for a specific in-app exercise (the "panic button" confrontation exercise). Important details about this use:

• Camera access is used only transiently during the exercise session.
• No images or video are stored on your device or transmitted to any server.
• Camera access is optional. You may decline it without affecting core recovery features.
• You can revoke camera access at any time in your iPhone Settings.

3. AI Coach: Messages and Data Processing

FNSHD includes an AI recovery coach powered by Anthropic's Claude. When you use the AI coach feature, the following occurs:

• Messages you send to the AI coach are transmitted to a Nereus Data proxy server hosted on Cloudflare Workers. Your messages are then forwarded to Anthropic's Claude API to generate a coaching response.
• Message content is processed in transit to generate your response. Nereus Data does not retain message content after the response is delivered. Anthropic's data handling is governed by Anthropic's Privacy Policy.
• No conversation history is stored on our servers. Conversation context is maintained temporarily in memory during a session only.
• Usage counters (number of messages sent today) are stored server-side per device key for rate-limiting purposes (see Section 4).

Important disclaimer: The AI coach is a wellness support tool only. It is not a substitute for professional mental health care, therapy, or medical treatment. If you are experiencing a mental health crisis, please contact a qualified professional or crisis service immediately (e.g., 988 Suicide & Crisis Lifeline: call or text 988).

4. Apple App Attest and Device Verification

To protect the security and integrity of the AI coach feature, FNSHD uses Apple's App Attest (DeviceCheck) technology:

• When you first use the AI coach, the App generates a per-install cryptographic device key using Apple's App Attest service. This key is unique to your installation and is stored in your device's Keychain.
• A representation of this key (a key identifier) and a daily usage counter are stored on our proxy server for rate-limiting purposes. We use this to enforce fair-use limits (e.g., daily message quotas) and to prevent abuse.
• The key identifier is not linked to your name, email, or any other personal identifier. It is tied only to your app installation.
• If you delete the App or reset your device, the key is abandoned and a new one is generated on next use.
• You can purge your server-side device record at any time via Settings → Delete Account & Data within the App, or by contacting us at the email below.

5. Subscriptions and Payments

All subscription purchases and payment processing are handled entirely by the Apple App Store. We do not process payments directly and do not have access to your payment card information, billing address, or Apple ID credentials.

The App uses Apple's StoreKit framework to verify your subscription status. No payment data is transmitted to our servers.

6. What We Do Not Do

• No advertising or tracking. We do not use any third-party advertising networks, analytics SDKs, or cross-app tracking.
• No data sales. We do not sell, rent, or share your data with third parties for commercial purposes.
• No account required. FNSHD does not require registration or a user account. Your recovery journey is yours alone.
• No health data collection. We do not read from or write to Apple HealthKit.

7. Children's Privacy

FNSHD is intended for users age 17 and older (consistent with its App Store rating). We do not knowingly collect personal information from children under 13. Given that FNSHD does not collect personal data from users, no special provisions are required beyond this notice.

8. Data Security

We take reasonable measures to protect data in transit and at rest:

• All communication between the App and our proxy server uses HTTPS with TLS encryption.
• Requests are authenticated using Apple App Attest cryptographic signatures, ensuring only genuine FNSHD installations can use the service.
• Local data on your device is protected by your device's built-in security (passcode, Face ID, Touch ID) and iOS sandboxing.

9. Data Retention and Deletion

• Local app data is retained on your device until you delete the App or use the in-app deletion feature.
• Server-side device records (key identifier + usage counters) are retained while you are actively using the App. You may request deletion at any time (see Section 10).
• We do not retain AI coach message content after responses are delivered.

10. Your Rights and Data Deletion

You have full control over your data:

• Delete all local data: Use Settings → Delete Account & Data within the App. This wipes all locally stored recovery progress, journal entries, and program state, and purges your server-side device record.
• Contact for manual deletion: Email [email protected] and we will purge your server-side device record within 30 days.
• Revoke permissions: Camera access can be revoked at any time in iPhone Settings → Privacy & Security → Camera.

Since we do not collect personally identifiable information, most traditional data subject rights (access, correction, portability) are inherently satisfied — your personal data lives on your device under your full control.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by updating the "Last Updated" date at the top of this page. Continued use of the App after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have any questions or concerns about this Privacy Policy, please contact us:

• Email: [email protected]
• Website: https://nereusdata.io

13. Jurisdiction-Specific Disclosures

For California Residents (CCPA/CPRA)

We do not sell or share personal information as defined by the California Consumer Privacy Act. The limited server-side data we hold (an anonymous device key identifier and daily usage counters) does not constitute personal information under CCPA. CCPA data subject requests can be directed to [email protected].

For European Residents (GDPR)

We do not collect or process personal data as defined by the General Data Protection Regulation beyond what is described in this policy. Our legal basis for processing the anonymous device key identifier and usage counters is legitimate interest in preventing abuse and ensuring fair access to the AI coach feature. You may request deletion at any time as described in Section 10.

For All Users

Regardless of your location, our commitment is the same: your recovery data stays on your device, and we do not sell or share it.