DreamFlow Privacy Policy

Effective Date: March 1, 2026 (the specific time is subject to the App release time)

This Privacy Policy is provided in English for users in the EU/EEA (GDPR) and California residents (CCPA/CPRA). A Chinese version is available for Chinese users (PIPL) and can be requested via lisongtao@appifun.com.

APPIFUN (hereinafter “we” or “us”) operates the DreamFlow mobile application (hereinafter “the App” or “this App”), a sleep and relaxation app that provides sleep sounds, guided meditation, body relaxation, sleep stories, gratitude and reflection, mood tracking, AI sleep insights, and related features. This Privacy Policy explains how we collect, use, disclose, and protect your information when you use this App. We are committed to protecting your privacy and complying with applicable data protection laws, including but not limited to the Personal Information Protection Law of the People’s Republic of China (PIPL), the EU General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and the California Privacy Rights Act (CPRA).

By downloading, installing, or using this App, you agree to the terms of this Privacy Policy. If you do not agree, please do not use the App. We may update this Privacy Policy from time to time and will notify you of significant changes via in-app announcements or other prominent means. Your continued use of the App after such changes constitutes acceptance of the revised policy.

This Privacy Policy applies only to this App and does not cover information collected through other channels (e.g., our website or third-party services linked from the App).

1. Information We Collect

1.1 Data Stored Only on Your Device (Not Sent to Our Servers)

Most of the data you create or set in the App is stored only locally on your device. We do not upload this data to our servers. Such data includes:

Settings and preferences: Language, theme (scene background), display mode, scene volume, and sleep (rest) reminder time.
Mood and wellness: Your selected mood, mood history, gratitude entries, and daily reflection (“Heart Shadow” / 心影) entries.
Content and usage: Which sounds you play or mix, downloaded sound/content list, and similar in-app usage data used for features such as personalized sound recommendations.
Terms and onboarding: Whether you have accepted the terms of service and completed onboarding (stored locally for app functionality only).

This data remains on your device and is deleted when you uninstall the App or clear its data. We do not collect, store, or share this data on our servers.

1.2 Data Sent to Our Servers (AI Sleep Analysis Only)

To provide the AI Sleep Analysis feature, the App allows you to voluntarily submit sleep-related information to our servers over an encrypted (HTTPS) connection. This may include:

Sleep status (e.g., how you felt you slept)
Sleep duration
Potential influencing factors you select (e.g., stress, caffeine, environment)
Language preference for the feedback (so we can return suggestions in your language)

We do not collect or upload:

Your detailed list of third-party app usage or other sensitive usage records—such information, if used by the App, remains on your device and is not uploaded or shared.
Personally identifiable information (e.g., name, email, phone number) unless you voluntarily provide it to us (e.g., when contacting support).

Data sent for AI Sleep Analysis is processed in an encrypted and anonymized manner. We use trusted third-party AI (large language model) services to generate personalized sleep improvement suggestions. We do not use this data to identify you, and we do not store it in a form that can be linked back to your identity. All processing is focused solely on providing you with sleep improvement recommendations.

1.3 Device and Usage Information for Advertising and Analytics

We may collect mobile device information to provide, maintain, and improve the App’s functionality, including optimization and advertising. Device information refers to data that can identify or be used to identify a device, as defined by PIPL, GDPR, and CCPA/CPRA.

Device Information: With your explicit consent, we may collect your device’s unique identifier (e.g., Google Advertising ID, or GAID) for personalized advertising services. Additionally, to ensure the App’s stable operation, we may collect necessary information such as device model and operating system version through Google AdMob for data analysis and ad delivery.
Usage Data: Information about how you use the App, such as ad views or clicks. This data helps us improve the App and provide relevant advertisements.

How this information is collected: (1) Direct collection: With your consent, we may collect device information to our servers, used solely for purposes such as app usage statistics or ad analysis. (2) Automated collection: Through device sensors, software development kits (SDKs, e.g., for advertising), or analytics tools. (3) Third-party sources: Advertising networks or analytics providers may share aggregated data with us.

For PIPL (Chinese users), we ensure collection is lawful, necessary, and transparent. For GDPR (EU/EEA users), processing is based on consent or legitimate interests (e.g., ad delivery). For CCPA/CPRA (California residents), we declare that device IDs may be considered personal information and will not be “sold” without your opt-out consent.

2. How We Use Your Information

We use the collected information for the following purposes:

Local data: Used only on your device to provide app features (sounds, meditation, themes, reminders, mood and gratitude tracking, etc.).
AI Sleep Analysis data: Used only to generate personalized sleep insights and suggestions. Processing is anonymized and not used to build a profile about you or for any purpose other than delivering the feature.
App functionality: To support core features, including sleep sounds, meditation, body relaxation, sleep stories, gratitude and reflection, mood tracking, AI sleep insights, and sleep reminders.
Analytics and improvement: Device IDs and usage data may be used to analyze performance, troubleshoot issues, and optimize user experience.
Advertising: Device information (e.g., device ID and IP address) may be used to provide personalized ads through third-party networks, including targeted ads based on your interactions and preferences.
Compliance and security: We may use information as needed to comply with law, prevent fraud, and protect the security of our services.

Under PIPL, we process personal information only for specified purposes and obtain separate consent for non-essential uses (e.g., advertising). Under GDPR, the legal basis includes consent (for ads) and legitimate interests (for analytics). Under CCPA/CPRA, these are “business purposes,” and we will not use personal information for incompatible purposes without further notice.

Purpose	Information Used	Legal Basis (GDPR/PIPL/CCPA)
App Functionality	User-Provided Data, Local Data, AI-Submitted Data	Contractual Necessity / Necessity / Business Purpose
Analytics	Usage Data, Device ID	Legitimate Interests / Consent / Business Purpose
Advertising	Device ID, IP Address	Consent / Explicit Consent / Opt-Out Available
Security	All Data	Legitimate Interests / Legal Obligation / Business Purpose

3. Information Sharing and Disclosure

We may share your personal information with the following entities:

AI service provider: Anonymized sleep-related data may be sent to our trusted third-party AI provider solely to generate sleep suggestions. The processing is governed by our instructions and data protection requirements.
Third-party service providers: Advertising networks (e.g., Google AdMob) for ad delivery and analytics providers (e.g., Google Analytics) for performance tracking. These providers are bound by data processing agreements to protect your data.
Affiliated companies: Our related companies, for operational purposes.
Legal authorities: When required by law, court order, or to protect our rights (e.g., fraud or safety).
Business transfers: In the event of a merger, acquisition, or sale of assets, we may transfer data as part of that transaction, subject to the same privacy commitments.
Google AdMob: We may use Google AdMob to provide personalized ads, which may share device information (e.g., Google Advertising ID) with Google’s advertising partners to deliver relevant ads within our App and on other platforms. AdMob’s data processing is governed by Google’s Privacy Policy (see Google Privacy Policy). You can opt out of personalized ads via device settings (e.g., iOS “Limit Ad Tracking” or Android “Opt Out of Ads Personalization”) or by contacting us.

We do not share your locally stored data (mood, gratitude, settings, etc.) with third parties, as it never leaves your device.

We do not sell your personal information to unrelated third parties. However, under CCPA/CPRA, sharing device IDs with advertising networks for personalized ads may be considered “selling” or “sharing.” You may opt out through device settings or by contacting us.

International data transfers: Data may be transferred outside China (for PIPL users) or the EEA (for GDPR users), such as to the United States (where Google AdMob servers may be located). We use Standard Contractual Clauses (SCCs), security assessments (e.g., PIPL-required data export security assessments), or adequacy decisions to ensure data protection complies with applicable laws. For CCPA/CPRA, we will notify you of such transfers and ensure compliance with California privacy laws.

4. Data Security

We implement appropriate technical and organizational measures to protect your personal information, including encryption of data transmission (e.g., HTTPS) and, where applicable, encryption of device ID transmission and storage, access controls, and regular security audits. Data sent for AI Sleep Analysis is processed in an anonymized manner and we do not retain it in a personally identifiable form. You are responsible for keeping your device secure (e.g., passcode, not sharing your device). No system is completely secure; we cannot guarantee absolute security. In the event of a data breach that affects your information, we will notify affected users and relevant authorities via email or in-app announcements, in accordance with PIPL (within a reasonable time, typically within 3 business days), GDPR (within 72 hours), and CCPA/CPRA (if there is a risk of harm).

5. Data Retention

We retain personal information only for as long as necessary to fulfill the purposes outlined or as required by law. For example:

Local data: Stored on your device until you delete the App or clear its data. We do not retain this data on our servers.
Device IDs and usage data: Retained for up to 48 months for analytics and advertising, then anonymized or deleted. You may request early deletion by contacting us (see Section 11, “Contact Us”).
AI Sleep Analysis: We do not store your submissions in a way that identifies you. Any anonymized or aggregated data retained for service improvement is kept only as long as necessary and in accordance with our legal obligations.
Ad-related data: Data collected via Google AdMob (e.g., Google Advertising ID) may be stored and processed by Google under its Privacy Policy (see Google Privacy Policy).

We comply with PIPL, GDPR, and CCPA/CPRA retention rules, deleting or anonymizing personal information upon request or when no longer needed.

6. Your Rights

Depending on your location, you have the following rights regarding your personal information:

PIPL (Chinese users): Access, correction, deletion, withdrawal of consent, explanation of processing, and portability. Please exercise these rights through the contact methods provided; we will process requests promptly, typically within 15 business days (per PIPL requirements).
GDPR (EU/EEA users): Access, rectification, deletion (“right to be forgotten”), restriction, portability, objection (e.g., to advertising), and withdrawal of consent. We will process requests within one month, extendable to two months in complex cases.
CCPA/CPRA (California residents): Know the personal information collected, deletion, opt-out of sale/sharing (e.g., “Do Not Sell or Share My Personal Information”), correction of inaccurate information, and restriction of sensitive personal information use. We will respond within 45 days (extendable to 90 days) and will not discriminate against you for exercising these rights.

Please exercise your rights by contacting us via email at lisongtao@appifun.com or phone at +8618986000384. To verify your identity, we may require your device ID, email, or other verifiable information. If a request is denied, you may appeal through the same contact methods. To opt out of advertising, use device settings (e.g., iOS “Limit Ad Tracking” or Android “Opt Out of Ads Personalization”). You can also delete local data by uninstalling the App or clearing its data in device settings.

7. Children’s Privacy

This App is not directed to children under 16 years of age (per GDPR consent age requirements; PIPL requires 14, COPPA requires 13, with the specific age determined by applicable local law). We do not knowingly collect personal information from children. If we discover that a child’s personal information has been collected, we will delete it immediately. Parents or guardians may contact us (see Section 11, “Contact Us”) to review or delete such data.

8. Cookies, Trackers, and Advertising Technologies

This App may use SDKs and trackers (similar to cookies) for advertising and analytics, collecting device information to provide personalized ads. You can manage preferences through device settings. Under GDPR and PIPL, we obtain consent for non-essential trackers. Under CCPA/CPRA, you can opt out of targeted advertising via the contact methods above.

9. Third-Party Content and Sound Resources

Sound effects and similar content in the App may be sourced from third-party providers under license. Use of such content is subject to their terms and our in-app terms.

10. Changes to This Privacy Policy

We may update this policy from time to time. We will notify you of material changes via in-app notice, email, or other reasonable means. The updated policy is effective upon publication. Your continued use of the App after the effective date constitutes acceptance of the revised policy.

11. Contact Us

For questions, complaints, or to exercise your privacy rights:

Company: APPIFUN

Address: Room 4, 6th Floor, Building E, Phase II, Donghe Center, Plot 17C1, Wuhan Economic and Technological Development Zone, Wuhan City, Hubei Province, China

Email: lisongtao@appifun.com

Phone: +8618986000384

Under PIPL, our personal information protection officer can be reached at the above email or phone. Under GDPR, our data protection contact is available through the same channels. Under CCPA/CPRA, you may also contact the California Attorney General.

We have submitted a data safety disclosure to App Store, detailing the App’s data collection and use. You can view this information on the App’s App Store page. For further details, please contact us.

12. Disclaimer

The information, data analysis (including AI sleep insights), and reminders provided by this App are for reference only and do not constitute medical advice, diagnosis, or treatment. Please consult a healthcare professional for any sleep or health concerns.

13. Liability

This Privacy Policy applies to APPIFUN, which acts as the data controller or personal information processor for this application. APPIFUN is solely responsible for the collection, use, disclosure, and protection of personal information as described in this policy and bears all related legal liabilities. To the maximum extent permitted by law, you agree that any direct or indirect consequences arising from the use of this App (including but not limited to data loss or device issues) are subject to the applicable terms and law. For any questions or to exercise your rights, please contact APPIFUN directly (see Section 11, “Contact Us”).