The App Pro Why Reviews Download

Legal

Privacy Policy

ToBaseline · A Product of Aformi, LLC Last updated: May 2026

ToBaseline Free and Pro help you focus, reset, and care for your wellbeing throughout the day. They are designed to be local-first and privacy-conscious.

Your app data stays on your device.
No account required.
No app or website tracking.
01

Data Controller

The data controller responsible for any personal data processed under this policy is: Aformi, LLC United States Contact us via this form. For EU/EEA and UK residents: We do not have a formal EU or UK establishment. Where GDPR or UK GDPR applies, Aformi, LLC acts as the data controller. We do not currently have a designated Data Protection Officer (DPO), as we are not required to appoint one based on the limited nature of our processing. If you have privacy questions, please use the contact form above.

02

What We Collect

a. Data We Do Not Collect

We do not collect or store:

  • Personal information (name, email, phone number).
  • Your timers, tasks, or activity data.
  • Health data.
  • Location data.
  • Any content you create in the app.

We do not track you across apps or websites.

b. Data Apple Provides

When you download or use ToBaseline, Apple may provide us with limited, anonymized, and aggregated data, such as:

  • App downloads.
  • Purchases (e.g., Pro upgrade).
  • General usage trends (e.g., app opens).

We use this information only to understand overall app performance. It does not identify you personally.

c. Crash Reports

If the app crashes, Apple may provide crash reports through Xcode Organizer. These reports:

  • Help us fix bugs and improve stability.
  • Do not include personal information.
  • Are provided by Apple, not collected directly by us.

d. Homebrew (Mac Installations)

If you install ToBaseline via Homebrew, we may view public, aggregated installation data (e.g., total install counts) from sources like formulae.brew.sh. This data:

  • Is not tied to you personally.
  • Does not include device or identity information.

e. When You Contact Us

If you email or use the ToBaseline contact form for support or feedback:

  • ToBaseline will receive your email address and message.
  • We use this only to respond to you.
  • We do not store or use this information for any other purpose.

f. Website Analytics and Hosting

If you visit ToBaseline.com, the website may be hosted or protected by Cloudflare. Cloudflare may provide us with limited, aggregated website information, such as:

  • Page visits.
  • Traffic volume.
  • General location or region.
  • Browser or device type.
  • Security-related events.

ToBaseline uses this only to understand website performance, reliability, and security. ToBaseline does not use third-party advertising trackers on the website.

03

Future Optional Features

This Privacy Policy describes ToBaseline Free and Pro as currently offered. Future optional products or features, including ToBaseline Insight, may involve different data practices, permissions, accounts, cloud services, or business features. If we offer ToBaseline Insight or similar features, we will provide additional privacy disclosures or supplemental terms before you enable or use them. You will not be required to use those features to continue using ToBaseline Free or Pro.

If we offer those features, we will provide additional privacy disclosures or supplemental terms before you use them. You will not be required to use those features to continue using ToBaseline Free or Pro.

04

Legal Basis for Processing (GDPR & UK GDPR)

If you are located in the European Economic Area (EEA) or the United Kingdom, we process the very limited personal data described above on the following legal bases under the GDPR and UK GDPR:

  • Legitimate interests: For aggregated, anonymized analytics data received from Apple, Homebrew, and Cloudflare, ToBaseline relies on a legitimate interest in understanding app and website performance. This processing does not identify you personally.
  • Performance of a contract: For email correspondence when you contact us for support, ToBaseline processes your email address to respond to your request.
  • Legitimate interests: For in-app crash reports provided by Apple, to maintain the stability and functionality of the app.
05

How Your Data Is Stored

All app data (timers, preferences, settings) is stored locally on your device by default. ToBaseline does not have access to this data.

06

iCloud Sync (Optional)

If you enable iCloud sync, your data is stored in your personal iCloud account and syncs across your Apple devices. This data:

  • Is managed and encrypted by Apple.
  • Is not accessible to ToBaseline.
07

Apple Music and Apple Health (HealthKit)

If you choose to connect ToBaseline to Apple Music or Apple Health, the ToBaseline app may access the information you authorize on your device solely to provide the requested feature. We do not collect, store on our servers, or sell that information. Apple Music and Apple Health data are managed through Apple’s platforms, frameworks, and your device settings.

08

Location and Weather

If you enable location-based features (e.g., weather-related actions), location data is used only on your device and is provided through Apple frameworks (e.g., Core Location, WeatherKit). ToBaseline does not store or transmit your location data.

09

Notifications

ToBaseline uses local notifications to support focus sessions, break reminders, movement-related, and additional action prompts. These notifications:

  • Are generated on your device(s).
  • Do not use external servers, except where Apple's ecosystem is involved
  • Do not transmit data.
10

In-App Purchases

ToBaseline offers an optional Pro upgrade. All purchases are handled by Apple (StoreKit). We do not receive or store your payment details. Apple may provide purchase status (e.g., whether Pro is active).

11

Data Sharing

ToBaseline does not:

  • Sell your data.
  • Share your data with third parties.
  • Use third-party analytics or advertising.
12

International Data Transfers

Aformi, LLC is based in the United States. If you contact us from the EEA or UK, any email correspondence you send us will be processed in the United States, which may not provide the same level of data protection as your home jurisdiction. We minimize such transfers by only processing contact data to respond to your inquiry. Apple and Cloudflare have their own transfer mechanisms in place for data processed through their platforms. Beyond support correspondence, we do not transfer personal data internationally, because we do not collect it.

13

Data Retention

Because your app data stays on your device, you control it entirely. Deleting the app removes local data. iCloud data can be managed through your Apple account. For support email correspondence, we retain messages only as long as reasonably necessary to resolve your query, and for no longer than 2 years unless a longer period is required by applicable law. Aggregated, anonymized analytics data (from Apple, Homebrew, and Cloudflare) does not identify you and is not subject to a defined deletion schedule, as it carries no personal data.

14

Your Privacy Rights

ToBaseline does not knowingly collect personal data from anyone, including children under 13.

a. Rights Under the CCPA (California Residents)

If you are a California resident, the California Consumer Privacy Act (CCPA), as amended by the CPRA, may provide you with specific rights regarding your personal information.

What we collect and why:

As described in this policy, we do not collect personal information through the app. The only personal information we may receive is your email address when you contact us for support. We do not sell personal information. We do not share personal information for cross-context behavioral advertising.

Your CCPA rights include:

  • Right to Know: You have the right to request disclosure of the categories and specific pieces of personal information we have collected about you, the sources, the purposes, and any third parties with whom we share it.
  • Right to Delete: You have the right to request deletion of personal information we have collected from you, subject to certain exceptions.
  • Right to Correct: You have the right to request correction of inaccurate personal information.
  • Right to Opt Out of Sale or Sharing : We do not sell or share your personal information. No opt-out is necessary.
  • Right to Non-Discrimination : We will not discriminate against you for exercising any of your CCPA rights.
  • Right to Limit Use of Sensitive Personal Information : We do not collect sensitive personal information as defined under the CPRA.

To exercise any of these rights, please contact us using the form below. We will verify your identity before processing your request and respond within 45 days, with an extension of up to 45 additional days when reasonably necessary.

You may also designate an authorized agent to submit a request on your behalf. We may require verification of the agent's authorization before processing such requests.

b. Rights Under GDPR and UK GDPR

If you are located in the EEA or the United Kingdom, you have the following rights regarding any personal data we process about you:

  • Right of access: You may request a copy of the personal data we hold about you.
  • Right to rectification: You may ask us to correct inaccurate or incomplete data.
  • Right to erasure: You may ask us to delete personal data we hold about you, subject to applicable legal requirements.
  • Right to restriction: You may ask us to restrict our processing of your data in certain circumstances.
  • Right to data portability: Where processing is based on consent or contract and carried out by automated means, you may request your data in a structured, machine-readable format.
  • Right to object: You may object to processing based on legitimate interests.
  • Rights related to automated decision-making : We do not engage in automated decision-making or profiling.

Because we collect no to very little personal data (essentially only support correspondence), many of these rights may have limited practical application in our case. We will respond to any valid request within 30 days.

You also have the right to lodge a complaint with your local supervisory authority. In the EU, this is your national data protection authority. In the UK, this is the Information Commissioner's Office (ICO) at ico.org.uk.

15

Changes to This Policy

We may update this Privacy Policy as the app evolves. If changes are significant, we will update the "Last updated" date at the top of this page. We encourage you to review this policy periodically. Continued use of ToBaseline after changes are posted constitutes your acknowledgment of the updated policy.

16

Contact

ToBaseline is a product of Aformi, LLC. For privacy questions, rights requests (including GDPR and CCPA requests), support, or feedback:

For UK residents: You may also contact the Information Commissioner's Office (ICO) at ico.org.uk/make-a-complaint .