mayday!

Privacy

Privacy Policy

Last updated: April 19, 2026

Mayday ("Mayday", "we", "us", or "our") provides the mayday! : personal airspace mobile app ("App") and the themayday.app website ("Website"), collectively the "Service". This Privacy Policy explains what information we collect, how we use it, when we share it, and what choices you have. By using the Service, you acknowledge that you have read and understood this Privacy Policy.

Information we collect

1. Information you create in the app

Mayday stores information needed to run the app's routine system, including:

  • routine data, such as routine titles, activity definitions, ladder data, settings, notes, stage history, and related routine metadata
  • activity data, such as rep logs, timestamps, effort levels, throttle levels, and related history
  • app preferences, such as reminder settings, notification preferences, appearance settings, analytics preferences, and other local app settings

2. Account and authentication data

If you use Mayday with sync enabled, we store account-related identifiers needed to authenticate and sync your data, including:

  • an anonymous session or account identifier
  • if you use Sign in with Apple, your Apple-linked authentication identifier
  • if you choose to share them through Sign in with Apple, Apple may also provide information such as an email address and name

Anonymous sessions are supported, and you do not need to create a traditional account to use the core app.

3. Subscription and purchase data

If you purchase a subscription, our billing and entitlement providers may process:

  • product and offering identifiers
  • subscription status and expiration data
  • purchase, renewal, cancellation, and restore status

We do not receive your full payment card number.

4. Diagnostics and analytics data

We may collect technical and usage data to operate and improve the Service, including:

  • crash and diagnostic information, such as app version, build number, platform, and technical error context
  • an internal app user identifier and authentication state when attached to crash reports
  • product analytics events and a pseudonymous analytics identifier

5. Website usage data

When you visit our Website, we may collect usage data through PostHog analytics, including:

  • pages visited, referring URL, and general interaction patterns
  • browser type, operating system, screen resolution, and language preference
  • approximate geographic location based on IP address (country or region level)
  • a pseudonymous identifier stored via cookies or similar technologies

We use this data to understand how visitors use the Website and to improve the user experience. We do not use this data for targeted advertising.

6. Support communications

If you email us or contact support, we receive:

  • your email address
  • the contents of your message
  • any attachments or additional information you choose to send

How we use information

We use information to:

  • provide the app's core features
  • save data locally and sync it across devices when sync is enabled
  • authenticate users and maintain sessions
  • generate AI-powered outputs you request
  • process subscriptions and restore purchases
  • diagnose crashes, monitor reliability, and improve product quality
  • send local notifications if you enable them
  • respond to support requests
  • maintain security and prevent misuse

We do not sell your personal data. We do not use your data for third-party advertising.

Legal basis for processing

If you are located in the European Economic Area (EEA), United Kingdom (UK), or another jurisdiction that requires a legal basis for processing personal data, we rely on the following bases:

  • Contract performance: processing necessary to provide the Service you requested, including storing your routine data, authenticating your account, and syncing data across devices
  • Legitimate interests: processing for purposes such as improving the Service, diagnosing crashes, preventing fraud, and maintaining security, where those interests are not overridden by your rights
  • Consent: where you have given explicit consent, such as enabling optional analytics or using AI-powered features that transmit data to third-party providers
  • Legal obligation: processing required to comply with applicable laws or regulations

You may withdraw consent at any time where consent is the basis for processing. Withdrawal does not affect the lawfulness of processing before withdrawal.

How we store information

Your data is stored:

  • locally on your device
  • in Supabase when sync or authenticated account features are used
  • with selected service providers described below when you use analytics, crash reporting, subscriptions, AI features, or support email

We use reasonable administrative and technical measures to protect data, but no system can be guaranteed to be completely secure.

Sign in with Apple

Sign in with Apple is optional. Anonymous sessions are supported.

If you use Sign in with Apple, Apple provides authentication credentials to help us sign you in and link your account. Depending on your Apple settings and what you choose to share, Apple may provide an email address or name. We do not require your real email address to use the app.

AI features

When you use AI-powered features in Mayday, the app may send limited routine-related data to Anthropic's API to generate the requested response. Depending on the feature, this may include:

  • routine titles
  • activity definitions
  • user notes
  • routine context
  • stage and performance context
  • structured routine history, including logged reps, timelines, summaries, evaluation answers, crash summaries, and related routine metadata relevant to the requested AI output

We do not send your contacts, photos, precise location, or advertising data to Anthropic for these features. We use Anthropic only to generate the requested in-app AI response.

Notifications

If you enable notifications, Mayday may request notification permission from your device and schedule reminder or status notifications locally on the device. Notification preferences are stored in the app. We do not currently use these notifications to build advertising profiles.

Analytics and crash reporting

Mayday uses analytics and crash reporting tools to understand product usage and diagnose failures.

In the App, usage analytics (powered by PostHog) can be disabled in Settings. If enabled, analytics may include product interaction events and a pseudonymous analytics identifier.

On the Website, we use PostHog to collect anonymous usage analytics. PostHog may set cookies or use similar technologies to distinguish visitors and understand usage patterns.

Crash reporting (powered by Sentry) may include technical diagnostic information, app and build metadata, device or platform context, and an internal app user identifier used to help us diagnose issues. Crash reporting is used for reliability and debugging, not advertising.

Cookies and similar technologies

Our Website uses cookies and similar technologies for analytics purposes. These are small data files stored on your device that help us understand how visitors interact with the Website.

  • Analytics cookies: set by PostHog to collect anonymous usage data, such as pages visited, session duration, and interaction patterns
  • Essential cookies: may be used for basic website functionality

We do not use advertising or tracking cookies. You can control cookies through your browser settings. Disabling cookies may affect your experience on the Website but will not affect App functionality.

Subscriptions and purchases

If you purchase a subscription, billing is handled by the platform app store and subscription state is managed with RevenueCat. These providers may receive purchase-related data needed to process transactions, manage entitlements, and support restore purchases.

Third-party services

We may use the following third-party services:

  • Supabase, for database, sync, and authentication: https://supabase.com/privacy
  • Anthropic, for AI features: https://www.anthropic.com/privacy
  • Sentry, for crash reporting and diagnostics: https://sentry.io/privacy/
  • PostHog, for product analytics: https://posthog.com/privacy
  • RevenueCat, for subscription management and purchase entitlement status: https://www.revenuecat.com/privacy
  • Apple, for Sign in with Apple and platform billing where applicable: https://www.apple.com/legal/privacy/
  • Google, if you contact us through support email hosted on Google Workspace: https://policies.google.com/privacy

Each provider processes data under its own privacy policy and terms.

International data transfers

We and our service providers may process and store data in the United States and other countries. If you access the Service from outside the United States, your data may be transferred to, stored in, and processed in the United States or other jurisdictions where our service providers operate.

Where required by applicable law, we rely on appropriate transfer mechanisms, such as standard contractual clauses approved by the European Commission or other lawful bases, to facilitate international data transfers.

By using the Service, you acknowledge that your data may be transferred to and processed in jurisdictions with different data protection laws than your own.

Data retention

We retain data for as long as needed to operate the service and support the features you use.

  • local app data remains on your device until you remove it, clear app data, or uninstall the app
  • synced routine and activity data remains in our app systems until you delete it or request deletion through the app's available controls
  • analytics, crash, billing, authentication, and support records may be retained by our service providers for operational, security, fraud-prevention, legal, and compliance purposes according to their policies

Your choices

You can:

  • use the app anonymously
  • choose whether to use Sign in with Apple
  • enable or disable local notifications
  • enable or disable usage analytics in Settings
  • contact support or choose not to do so
  • delete synced app data through the app's deletion flow
  • remove the app from your device to remove local-only data stored there

If you simply sign out, synced data may remain associated with your previous account or anonymous session until it is deleted through the app's deletion controls.

Data deletion

Mayday includes an in-app deletion flow in Settings. This deletion flow is intended to delete synced routine and log data associated with your current app account and clear local app data stored on the device.

Some records maintained by authentication, billing, analytics, crash reporting, email, or other service providers may remain for security, fraud-prevention, legal, billing, or operational reasons, subject to those providers' policies.

Your privacy rights

Depending on your location, you may have certain rights regarding your personal data under applicable privacy laws, including the EU General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). These rights may include:

  • Right to access: request a copy of the personal data we hold about you
  • Right to rectification: request correction of inaccurate or incomplete personal data
  • Right to erasure: request deletion of your personal data, subject to certain exceptions
  • Right to restriction: request that we limit the processing of your personal data in certain circumstances
  • Right to data portability: request your personal data in a structured, commonly used, machine-readable format
  • Right to object: object to processing of your personal data based on legitimate interests
  • Right to withdraw consent: where processing is based on consent, withdraw that consent at any time
  • Right to non-discrimination: exercise your privacy rights without receiving discriminatory treatment

To exercise any of these rights, contact us at support@themayday.app. We will respond to your request within the timeframe required by applicable law. We may need to verify your identity before fulfilling your request.

If you are in the EEA or UK and believe your data protection rights have been violated, you have the right to lodge a complaint with your local data protection supervisory authority.

California residents

Under the CCPA, California residents have the right to know what personal information we collect, request deletion of that information, and opt out of the sale of personal information. We do not sell personal information. For details on the categories of personal information we collect and the purposes of collection, see the sections above.

Do Not Track

Some browsers transmit "Do Not Track" (DNT) signals. There is currently no industry standard for how websites should respond to DNT signals. We do not currently alter our data practices in response to DNT signals, but we do not use tracking for advertising purposes.

Children's privacy

The Service is not directed to children under 13 (or under 16 in the EEA/UK). We do not knowingly collect personal information from children under these ages. If we learn that we have collected personal information from a child under the applicable age threshold, we will take steps to delete that information promptly.

If you are a parent or guardian and believe your child has provided personal information through the Service, please contact us at support@themayday.app and we will review and address the matter.

Changes to this policy

We may update this Privacy Policy from time to time. If we make material changes, we will update the "Last updated" date and may provide additional notice where appropriate.

Contact

If you have questions about this Privacy Policy or your data, contact support@themayday.app.

Please also see our Terms of Use for the terms governing your use of the Service.