Back to Risely

Risely - Privacy Policy

Last updated: March 2026

Key Points

  • Data you control - alarm settings and preferences are stored locally; alarms, sleep data, and stats are backed up to our servers when you have an account
  • Account is optional - core features work without an account; sign in with Google or Apple for cloud backup and social features
  • Minimal collection - we only collect what's necessary for the features you use
  • No data sales - we do not sell your data or show targeted advertisements
  • Your control - you can delete your data and account at any time
  • Children - the app is not intended for children under 13

1. Introduction

Two Player Labs LLC (“Company,” “we,” “us,” or “our”) respects your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the Risely mobile application (“App”).

Two Player Labs LLC is an Oregon limited liability company owned equally by Michael Paulsen (Oregon) and Daniel Gioffre (New Jersey).

By using the App, you consent to the practices described herein.

2. Information We Collect

2.1 Information You Provide

Account Information (Optional):If you create an account, you sign in via Google Sign-In or Apple Sign-In. We receive your name and email address (with your consent). You can use Apple's “Hide My Email” feature to minimize data sharing. We do not store passwords - authentication is handled entirely by Google and Apple.

User-Generated Content: Alarm labels, sleep notes, QR code registrations, and custom sound files are stored locally on your device. Alarm configurations, sleep reports, and wake-up statistics are also backed up to our servers if you have an account, enabling cloud sync and social features.

2.2 Information Collected Automatically

Local Data (on your device): Alarm configurations, sleep tracking data, wake-up statistics, achievement progress, and app preferences. If you have an account, alarms, sleep data, and statistics are also synced to our database for backup and to power social features.

Device & Usage Information: Through our error tracking service (Sentry), we collect device model, OS version, app version, crash reports, and session information. This data is associated with anonymous identifiers, not your personal identity.

2.3 Third-Party Services

If you connect third-party services, we may receive data from:

  • Health & Wearables: Apple HealthKit, Google Health Connect, Fitbit, WHOOP, Samsung Health - sleep sessions, heart rate, SpO2, HRV
  • Authentication: Google Sign-In, Apple Sign-In - name and email (with consent). These are the only sign-in methods available.
  • Music: Spotify - selected playlist/track info for alarm playback
  • Smart Home: Philips Hue, LIFX, Govee - light commands sent over local network or API

2.4 Sensitive Information

  • Microphone: Used locally for voice challenges and snoring detection. Audio is processed on-device; we do not transmit raw audio to our servers.
  • Camera: Used locally for QR code scanning and photo verification. Photos are processed on-device; we do not store or transmit photos.
  • Health Data: Sleep data from wearables is stored locally. We do not transmit health data to our servers unless you share statistics on leaderboards.
  • Motion Data: Accelerometer data for shake detection and sleep tracking is used locally and not transmitted externally.

3. How We Use Your Information

  • Core Services: Schedule and trigger alarms, track sleep, process dismissal challenges, store preferences
  • Optional Features: Display leaderboards, enable friend connections, sync statistics (requires account)
  • App Improvement: Fix bugs and crashes, analyze usage patterns in aggregate, develop new features
  • Communication: Respond to support requests, send service announcements
  • Payments: Subscription management through RevenueCat, which processes purchases via the Apple App Store and Google Play Store

4. How We Share Your Information

Service Providers

  • Supabase - Database and authentication (account data, alarm backup, sleep data, statistics)
  • Sentry - Error tracking (crash reports, device info)
  • RevenueCat - Subscription management and payment processing (user ID, purchase info, entitlements)
  • Google AdMob - Advertising for free-tier users

Leaderboards (Optional)

If you participate in leaderboards, the following is visible to friends: display name, wake-up streaks, total alarms, and on-time percentage.

What We Do NOT Do

  • Sell your personal information to third parties
  • Share your data for advertising purposes
  • Use your health data for purposes other than app functionality

5. Data Retention & Deletion

Local Data: Retained until you delete the app or clear app data. Automatic pruning: sleep reports (last 90 days), wake-up records (last 500 entries), alarm history (last 100 entries).

Cloud Data:If you have an account, your alarms, sleep reports, and statistics are backed up to our database and retained until you delete your account. You can delete your account from Settings > Account within the app. Deleted account data is removed within 30 days.

To delete your data:Uninstall the app (local data), or delete your account directly from Settings > Account within the app (removes all cloud data). You can also email [email protected] with subject “Account Deletion Request.”

6. Your Privacy Rights

All users have the right to access, correct, or delete their personal information, and to withdraw consent for optional data processing.

EEA Residents (GDPR)

Additional rights include: right to access, rectification, erasure (“right to be forgotten”), restrict processing, data portability, object, and withdraw consent. Legal bases: contract performance, legitimate interests, and consent.

California Residents (CCPA/CPRA)

Rights include: right to know, delete, opt-out of sale (we do not sell data), non-discrimination, and correction. Categories collected: identifiers, internet activity, approximate geolocation.

7. Health Data Disclosures

Apple HealthKit

We only read sleep data with your explicit permission. Health data is used solely to enhance sleep tracking features. We do not share HealthKit data with third parties for advertising, and we do not sell HealthKit data.

Google Health Connect

We request only the minimum permissions necessary (READ_SLEEP). Health data is processed locally and not transmitted to advertising networks. We comply with Health Connect's data use and disclosure requirements.

8. Security

  • TLS 1.2+ encryption for all network communications
  • Platform keychain storage (iOS Keychain, Android Keystore) for tokens
  • JWT authentication with automatic refresh and OAuth 2.0 with PKCE
  • Row-level security on database

No method of transmission or storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

9. Children's Privacy

The App is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe your child has provided us with personal information, please contact us and we will delete it.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be communicated through an updated “Last Updated” date, in-app notifications for material changes, and email if you have an account. Continued use after changes constitutes acceptance.

11. Contact Us

For privacy-related questions or to exercise your rights:

Two Player Labs LLC

Email: [email protected]

We aim to respond to all privacy requests within 30 days.