This Privacy Policy describes how invoq (“we”, “us”) collects, uses, shares, and protects your personal data when you use the invoq iOS app and this website (together, the “Service”). It applies to users in the European Union, the United Kingdom, the EEA, Switzerland, California, and globally to the extent local law applies.
If anything here is unclear, write to support@magentic.nl.
1. Who we are
Data controller: Magentic BV, Ruyschstraat 77-2, 1091BX Amsterdam, the Netherlands. KvK registration number: 99971879.
If you are in the EU/EEA and have a complaint we have not resolved, you have the right to lodge it with your national Data Protection Authority.
2. What data we collect, and why
2.1 Account data
- Apple ID identifier and (optionally) name + email received via Sign in with Apple. Used to create and authenticate your account. Lawful basis: contract performance.
- Anonymous user identifier if you choose “Begin” without signing in. Used to associate your local session with the server until you sign in.
2.2 Practice data
- Onboarding answers: goal, scene, identity, obstacle, plan, action pattern, aesthetic preference, voice preference, morning time. Provided by you. Used to generate your daily visualisation script.
- Commitments / completions you record in the app. Used to feed the next day’s script with context. Lawful basis: contract performance.
2.3 Generated content
- Daily script (text) generated by Anthropic on our behalf.
- Daily audio (MP3) generated by ElevenLabs on our behalf, then stored in a private Supabase Storage bucket. Lawful basis: contract performance + explicit consent for AI processing (see §3).
2.4 Subscription data
- Receipt and entitlement state received from Apple via RevenueCat. We do not see your card number — Apple processes payment. Lawful basis: contract performance, legal obligation (tax).
2.5 Device data
- Timezone (read locally, never your location).
- iOS version, device model via Expo when you install the app.
- Crash logs and diagnostic dataif you opt in via iOS Settings → Privacy & Security → Analytics. Lawful basis: legitimate interest in keeping the app working.
2.6 What we never collect
- Photos you add as reference images stay on your device. They are never uploaded.
- Your location.
- Contacts, calendar, microphone, or any other system data.
- Identifiers from your Apple ID beyond the one Apple gives us during sign-in.
3. AI processing: what is sent, and to whom
To generate your daily visualisation, we send the following to our AI sub-processors:
| Sub-processor | Purpose | What we send |
|---|---|---|
| Anthropic, PBC (Claude API) | Write a 2-minute daily script tailored to your answers | The non-personal text of your goal, scene, identity, obstacle, plan, action pattern, aesthetic preference, voice preference, and recent commitments. Never your name, email, Apple ID, photos, or device identifiers. |
| ElevenLabs Inc. (Text-to-speech) | Convert the script into spoken audio | The script text (above) and your chosen voice label. Never your name, email, Apple ID, photos, or device identifiers. |
This processing happens only after you have explicitly accepted the in-app AI Processing consent screen. You can withdraw consent at any time in Settings → Privacy → AI processing. Withdrawal stops the generation of new sessions; sessions already generated remain available on your device.
Lawful basis: explicit consent (GDPR Art. 6(1)(a) and Art. 9 where applicable).
4. Other sub-processors
| Sub-processor | Purpose | Region |
|---|---|---|
| Apple Inc. | Sign in with Apple identity tokens, in-app payments | US / EU |
| Supabase Inc. | Authentication, database, audio file storage | EU — Ireland (eu-west-1) |
| RevenueCat Inc. | Subscription lifecycle and receipt validation | US |
| Anthropic, PBC | AI script generation | US |
| ElevenLabs Inc. | Text-to-speech | US |
| Netlify, Inc. | Marketing website hosting | EU / Global edge |
| Google LLC | Google Analytics 4 (consent-gated, IP anonymised) | US |
We have signed a Data Processing Agreement (DPA) with each sub-processor that requires GDPR-compliant safeguards. International transfers rely on the EU Standard Contractual Clauses (SCCs).
5. How long we keep your data
- Account, onboarding, goals: until you delete your account.
- Daily sessions (text + audio): until you delete your account.
- Subscription receipts: retained 7 years after expiration for tax compliance.
- Backups: rolling 30-day window. A deleted account is removed from backups within 30 days.
6. Your rights
You have the right to:
- Access a copy of your data — via Settings → Privacy → Download my data, or by writing to the address above.
- Rectification — edit your onboarding answers in Settings.
- Erasure — via Settings → Account → Delete account.
- Portability — your export is a standard JSON file.
- Restriction or objection — write to us at the address above.
- Withdraw consent at any time — via Settings → Privacy → AI processing.
- Lodge a complaint with your national Data Protection Authority.
We respond to requests within 30 days.
7. Children
invoq is not directed to children under 13 (or under 16 in the EU). If we learn we have collected data from a child, we will delete it immediately.
8. Security
Audio files are stored in a private bucket with row-level security. Auth tokens are stored in iOS Keychain via expo-secure-store. All network traffic uses TLS.
9. Changes to this policy
We will update the Last updated date above when the policy changes. Material changes will be surfaced in-app the next time you open it.
10. Contact
support@magentic.nl
Magentic BV
Ruyschstraat 77-2
1091BX Amsterdam
The Netherlands