Peptly
Privacy Policy
Effective date: April 30, 2026 · Last updated: April 30, 2026
01.Summary
Peptly is a peptide reconstitution calculator and personal injection log. The app is built around a privacy-first model: your protocols, injection log, and notes are stored only on your device. We do not run a personal-data backend, we do not require an account, and we do not sell or share your data with anyone.
The information below explains the small amount of operational data the app does collect (crash reports, anonymous analytics, attribution for advertising) and how Apple’s App Tracking Transparency framework gives you control over it.
02.Data on Your Device
The following data is stored exclusively on your device using Apple’s SwiftData framework. It is not transmitted to our servers or any third party:
- Saved reconstitution protocols (compound name, vial strength, water volume, target dose, syringe).
- Injection log entries (timestamp, compound, dose, units drawn, syringe, injection site, notes).
- Recurring schedules and their notification settings.
- App preferences (locale, units, paywall variant cache).
When you uninstall Peptly, this data is removed by iOS along with the app. We never see it.
03.Diagnostic & Analytics Data
We collect a limited set of operational data to keep Peptly stable and to understand which features people use:
- Crash reports & non-fatal errors via Firebase Crashlytics — stack traces, device model, OS version, app version, and a stable random installation ID.
- Anonymous product analytics via Firebase Analytics — events such as
paywall_shown,calculation_performed,protocol_saved,schedule_created, plus the screen, locale, and a non-resettable Firebase installation ID. These events do not contain compound-level details, dose values, or any free-text notes you enter. - Marketing attribution via AppsFlyer — install source, ad campaign, device identifiers as permitted by ATT (see Section 05).
We do not collect your name, email, address, contacts, photos, location, or health records. The peptide names and doses you save are never sent off-device.
04.Subscriptions & Purchases
Peptly Pro is sold through Apple’s in-app purchase system. Your payment is handled entirely by Apple — we never see your credit card, bank, or Apple ID password. We use RevenueCat to verify and manage your active subscription state. RevenueCat receives a random anonymous user ID, the product you bought, and the status of your subscription. It does not receive your name, email, or payment details.
05.Tracking (App Tracking Transparency)
On first launch, iOS will ask whether you want to allow Peptly to track your activity across other apps and websites. Your answer is respected app-wide.
- If you allow tracking, AppsFlyer may use Apple’s IDFA so we can measure which advertising campaigns brought new users to Peptly. No on-device peptide data is sent.
- If you decline tracking, the IDFA is not used and AppsFlyer falls back to Apple’s privacy-preserving SKAdNetwork framework. The app behaves identically.
You can change this choice at any time in iOS Settings → Privacy & Security → Tracking.
06.Third-Party Services
The full list of services Peptly relies on:
| Service | Purpose | Privacy policy |
|---|---|---|
| Apple App Store | Distribution, in-app purchases, subscriptions | apple.com/legal/privacy |
| Firebase Analytics & Crashlytics (Google) | Anonymous usage analytics, crash reporting | policies.google.com/privacy |
| AppsFlyer | Advertising attribution | appsflyer.com/legal |
| RevenueCat | Subscription state management | revenuecat.com/privacy |
07.Children
Peptly is rated 12+ on the App Store and is not intended for children under 13. We do not knowingly collect personal information from children. If you believe a child has used Peptly, contact us and we will help you remove any associated data.
08.Your Rights
Because Peptly stores almost everything on your device, you are in direct control of your data:
- Access & portability — your injection log can be exported as a CSV file from inside the app.
- Erase — uninstalling Peptly deletes all on-device data. Settings > Reset Data wipes saved protocols, schedules, and the injection log.
- Withdraw tracking consent — change your ATT decision in iOS Settings (see Section 05).
- GDPR / UK GDPR / CCPA rights — if you live in the EU, UK, or California, you have the right to request access to, correction of, or erasure of any personal data we hold. Email us at bbappsolutions@gmail.com with the subject line “Peptly privacy request.”
09.Data Retention
On-device data lives until you delete it or uninstall the app. Diagnostic and analytics data is retained per the third-party providers’ defaults (Firebase Analytics: up to 14 months; Crashlytics: 90 days; AppsFlyer: up to 2 years). Subscription state at RevenueCat is retained for the lifetime of your subscription plus a short audit window.
10.International Transfers
Our third-party providers (Apple, Google, AppsFlyer, RevenueCat) process data in the United States and other regions. They operate under standard contractual clauses and other transfer mechanisms recognized under EU/UK GDPR. Because Peptly itself does not run a personal-data backend, no data ever flows through our servers.
11.Changes to This Policy
When we change this policy materially, we will update the “Effective date” above and surface a notice inside the app on next launch. Older versions are available on request.
12.Contact
Peptly is published by Barış Bingör (sole proprietor, Istanbul, Turkey). For privacy questions or rights requests, email bbappsolutions@gmail.com. You can also reach us through the Peptly support page.