Last updated: 18 November 2025
This Privacy Policy explains how LyteFast ("LyteFast", "we", "us", or "our") collects, uses, discloses, and protects your personal data when you use the LyteFast iOS mobile application and related services (the "Service").
We are committed to protecting your privacy and processing your personal data in compliance with applicable data protection laws, including the General Data Protection Regulation (EU) 2016/679 ("GDPR") and French data protection law.
The data controller responsible for the processing of your personal data is:
LyteFast
Legal form: SASU
Registered in: France
Address: 60 rue Francois 1er, 75008 Paris, France
Email: contact@lytefast.com
If you have any questions about this Privacy Policy or our processing of your personal data, you can contact us at the email address above.
This Privacy Policy applies to:
-720 Your use of the LyteFast iOS mobile app; and
Any related features, content, and services we provide within the app.
It does not apply to:
-720 Third-party websites, apps, or services that may be linked to or integrated with LyteFast (e.g. Apple services, external analytics dashboards). Those services are governed by their own privacy policies.
The categories of personal data we may collect, use, and process include:
When you use LyteFast, you may provide us with:
-720 Account information:
-1440 Email address
Password or authentication data (stored in encrypted form)
Display name or username (if applicable)
-720 Profile and app usage data you enter:
-1440 Information you choose to log in the app (e.g. notes, entries, preferences, settings, goals, and similar content, depending on the app's features)
-300 Adjust this bullet to match what LyteFast actually stores (e.g. progress logs, habits, metrics, etc.).
-720 Communication data:
-1440 Information you provide when you contact us for support, feedback, or other inquiries (e.g. email address, content of your message).
Depending on how you use LyteFast, you may choose to enter information that could relate to your health, lifestyle, or well-being. This information may be considered special category data under GDPR (e.g. health-related data).
We do not require you to enter such data to use the app. If you do so, we process it only based on your explicit consent and solely for the purpose of providing the app's functionalities to you.
You can withdraw this consent at any time by deleting such entries or your account (see Section 10 and 12).
-300 If LyteFast does not handle any health or special category data at all, you can remove this subsection.
When you use LyteFast, we may automatically collect certain information about your device and how you interact with the app, such as:
-720 Device information:
-1440 Device model, operating system version, language, time zone, and unique device identifiers (e.g. IDFV).
-720 Usage data:
-1440 In-app actions (e.g. features used, screens viewed, interaction events),
Timestamps of use,
Session length.
-720 Log data and diagnostics:
-1440 Crash logs, performance data, error reports, and diagnostics.
We use this information to improve stability, performance, and security of the Service.
We may receive information from third-party providers, for example:
-720 Apple App Store and in-app purchases:
-1440 Information about your purchases, subscriptions, and related transaction identifiers (we do not receive your full payment details such as credit card numbers).
-720 Sign in / authentication providers (if used):
-1440 If you register or sign in via a third party (e.g. "Sign in with Apple"), we may receive data such as your email address and a unique identifier, as permitted by that provider.
The data we receive from third parties depends on your settings and the privacy policies of those third parties.
We process your personal data only where we have a legal basis under GDPR. The main purposes and legal bases are:
Legal basis:
-720 Performance of a contract (Article 6(1)(b) GDPR)
Legitimate interests (Article 6(1)(f) GDPR) where applicable
This includes:
-720 Creating and managing your account;
Providing core app features and functionalities;
Processing your in-app purchases and subscriptions via Apple;
Providing customer support and responding to your requests.
Legal basis:
-720 Your explicit consent (Article 9(2)(a) GDPR)
Where you choose to enter health- or well-being-related information, we process this data solely with your explicit consent and only to provide the functionalities of the app to you.
Legal basis:
-720 Legitimate interests (Article 6(1)(f) GDPR)
We may process usage data, log data, and diagnostics to:
-720 Monitor and improve performance, stability, and security;
Detect, prevent, and address technical issues;
Develop new features and enhance user experience.
Our legitimate interest is to maintain and improve the Service in a secure and effective way.
Legal basis:
-720 Legitimate interests (Article 6(1)(f) GDPR); and/or
Consent (Article 6(1)(a) GDPR) where required by applicable law.
We may use analytics tools to understand how users interact with LyteFast (e.g. which features are used most). Where required by law, we will ask for your consent for such analytics.
-300 If you use specific analytics SDKs (e.g. Firebase, Amplitude, etc.), you can name them here.
Legal basis:
-720 Performance of a contract (Article 6(1)(b) GDPR) for essential service communications;
Legitimate interests (Article 6(1)(f) GDPR) for non-essential communications;
Consent (Article 6(1)(a) GDPR) for marketing communications, where applicable.
We may use your contact details to:
-720 Send you service-related messages (e.g. important changes, security alerts);
Respond to your requests;
Send optional tips, updates, or offers, where permitted by law.
You can opt out of non-essential communications at any time.
Legal basis:
-720 Compliance with a legal obligation (Article 6(1)(c) GDPR);
Legitimate interests (Article 6(1)(f) GDPR).
We may process your data to:
-720 Comply with applicable laws and regulatory requirements;
Respond to legal requests;
Establish, exercise, or defend legal claims.
We do not sell your personal data.
We may share your data with:
-720 Service providers (processors): Trusted third parties that provide hosting, storage, analytics, email delivery, crash reporting, or other technical services on our behalf. These providers process your data only according to our instructions and under data protection agreements.
Apple: For processing purchases and subscriptions via the App Store. Apple acts as an independent data controller for certain processing activities, such as payment processing and App Store analytics. Please refer to Apple's own privacy policy for more information.
Professional advisors and authorities: Lawyers, accountants, or public authorities where necessary to comply with legal obligations or defend legal rights.
If we are involved in a merger, acquisition, or sale of all or part of our business, your data may be transferred to the new owner, subject to applicable data protection laws.
Some of our service providers may be located outside the European Economic Area (EEA). If your personal data is transferred to a country outside the EEA that does not provide an adequate level of protection, we will ensure that appropriate safeguards are in place, such as:
-720 Standard Contractual Clauses (SCCs) approved by the European Commission; or
Other mechanisms recognized by GDPR as providing adequate protection.
You can contact us for more information about these safeguards.
We retain your personal data only for as long as necessary for the purposes described in this Privacy Policy, or as required by law.
In particular:
-720 Account data: Kept for as long as your account is active. If you delete your account, we will delete or anonymize your data within a reasonable period, unless we are required to keep it longer (e.g. for legal obligations).
App content / logs you create: Stored for as long as your account exists or until you delete it from the app.
Transaction and billing data (via Apple): Retained according to Apple's policies and applicable legal retention requirements.
Logs and diagnostics: Kept for a limited period necessary to improve stability and security, typically not longer than 2 months.
When data is no longer required, we will delete it or anonymize it so that it can no longer be linked to you.
We implement appropriate technical and organizational measures to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access.
These measures may include:
-720 Encryption in transit;
Access controls and authentication;
Secure development practices and regular updates.
However, no system is completely secure. While we strive to protect your data, we cannot guarantee absolute security.
As a data subject in the EU/EEA, you have the following rights regarding your personal data:
-720 Right of access: You can request confirmation as to whether we process your personal data and receive a copy of that data.
Right to rectification: You can request correction of inaccurate or incomplete personal data.
Right to erasure ("right to be forgotten"): You can request deletion of your personal data, subject to certain legal exceptions.
Right to restriction of processing: You can ask us to restrict the processing of your data in certain circumstances.
Right to data portability: You can request your personal data in a structured, commonly used, machine-readable format and have it transmitted to another controller where technically feasible.
Right to object: You can object to processing based on our legitimate interests, including profiling, and we will stop processing unless we have compelling legitimate grounds.
Right to withdraw consent: Where processing is based on your consent (including special category data or marketing), you can withdraw your consent at any time, without affecting the lawfulness of processing based on consent before withdrawal.
To exercise your rights, please contact us at contact@lytefast.com. We may ask you to verify your identity before responding.
You also have the right to lodge a complaint with a supervisory authority, in particular:
Commission Nationale de l'Informatique et des Libert'e9s (CNIL)
Website: * HYPERLINK "https://www.cnil.fr/"
You can:
-720 Review and update certain account and profile information directly in the app (where such settings are available);
Delete specific entries or content that you have logged;
Request account deletion by contacting us at contact@lytefast.com or by using any in-app account deletion feature, if provided.
If you delete your account, we will delete or anonymize your personal data, unless we must retain certain information for legal or legitimate reasons.
LyteFast is not directed to children under 16 years of age, and we do not knowingly collect personal data from children under 16.
If you are under 16, please do not use the app or provide any personal information without the consent of your parent or legal guardian.
If we become aware that we have collected personal data from a child under 16 without appropriate consent, we will take steps to delete such data.
We do not use your personal data for automated decision-making, including profiling, that produces legal effects concerning you or similarly significantly affects you, within the meaning of Article 22 GDPR.
If this changes in the future, we will inform you and provide all required information and safeguards.
We may update this Privacy Policy from time to time.
If we make material changes, we will take reasonable steps to inform you, such as:
-720 Updating the "Last updated" date at the top of this Privacy Policy;
Showing a notice within the app; or
Sending you a notification via the app or email (where appropriate).
Your continued use of LyteFast after the changes become effective will mean that you accept the updated Privacy Policy. If you do not agree, you should stop using the Service.
If you have any questions, concerns, or requests regarding this Privacy Policy or our processing of your personal data, you can contact us at:
LyteFast - SASU
Address: 60 rue Francois 1er, 75008 Paris, France
Email: contact@lytefast.com