Cleya Privacy Policy
At a glance
- Cleya works without an account. All of your data is stored on your device.
- Pleyra operates no servers. Your data is never sent to, sold by, or rented to Pleyra or any other company.
- No advertising networks, analytics, or tracking SDKs are used. We do not track you and do not request App Tracking Transparency permission.
- You can export your data (JSON) or delete it from your device at any time.
- Cleya is not a medical device; its content is for informational purposes only (see Section 13).
1. Scope of this policy
This Privacy Policy applies to all Cleya components, including the Cleya iOS app and the Home Screen / Lock Screen widgets. By using Cleya you accept the data practices described here. The data controller is Pleyra; our postal address is available on request from privacy@pleyra.com.
2. Data we process
All personal data Cleya processes is either entered by you or, with your permission, read from Apple systems. Pleyra cannot access this data.
2.1. Data stored on your device
- The habit(s) you are quitting, their type and quit date, daily amount, unit cost, currency, and notes
- Your best streak, milestone and badge status, and celebration history
- Daily pledges and relapse records
- Craving events: intensity, trigger, and whether you resisted
- NRT (nicotine replacement) logs
- Journal entries and mood check-ins
- Profile information (name) and an optional profile photo
- App settings (theme, notification preferences, etc.)
This data is kept on your device using SwiftData, and in a shared app group container so the widget can display your progress.
2.2. Sign in with Apple data
You can use Cleya as a Guest (providing no identity at all); all core features work in Guest mode. Optionally, you may use Sign in with Apple. In that case the user identifier provided by Apple and (only if you allow it) your name are stored only in local storage on your device. This information is never sent to any Pleyra server. You can remove it from the device at any time using "Sign Out".
2.3. Apple Health (HealthKit) data
If you grant permission, Cleya writes the breathing exercises you complete to Apple Health only as a "Mindful Session". Cleya reads no data from Apple Health. This data is processed only on your device, remains in the Apple Health store, and is never sent to any server. Cleya does not use Apple Health data for advertising, marketing, or user profiling, and does not share or sell it. HealthKit permission is entirely optional; if you decline, the app continues to work with all of its core features.
2.4. Device permissions
Cleya requests the following permissions only when you use the related feature:
- Notifications: for reminders and motivational messages (local notifications only; there is no remote/push notification)
- Photos: only for an optional profile photo; the image you choose stays on your device
- Apple Health: as described in Section 2.3
3. Where your data is stored
3.1. Your device
Data is stored primarily on your device (a SwiftData database and a shared app group container for the widget; the profile photo is kept as a downscaled JPEG in the app's own file area). Device encryption (your passcode / Face ID / Touch ID) protects this data.
3.2. iCloud
Cleya does not sync your data to iCloud. All data stays only on the device where you entered it. If you want to move your data to another device, use the in-app backup export / import feature (Section 3.4).
3.3. Pleyra servers
There are none. Pleyra operates no backend server and does not transfer your personal data to its own systems.
3.4. Backup and transfer
You can export your data as a JSON file at any time; via the iOS share sheet this file goes wherever you choose (for example Files, iCloud Drive, or email). Where you keep the backup is under your control. You can import the same file to restore your data. Pleyra plays no part in this process.
4. Third parties and network connections
Cleya uses no third-party advertising, analytics, crash-reporting, or marketing services. Only the following connections apply:
- Apple (HealthKit, StoreKit / App Store): Apple is the infrastructure provider for these services. Apple's processing of this data is governed by Apple's own privacy policy (apple.com/legal/privacy). HealthKit data never leaves your device; purchases are processed through the App Store.
The in-app "Privacy Policy", "Terms of Use", and support links are simple web pages opened in your browser and send no personal data.
Tracking: Cleya does not track you. No App Tracking Transparency (ATT) prompt is shown.
5. Purposes and legal basis
Your data is processed solely to provide the app's functionality: the live counter, savings and "avoided" calculations, the recovery journey, milestones and badges, craving support, journal and mood tracking, and reminders.
Under GDPR and Türkiye's KVKK, records relating to addiction/health may be considered special category (sensitive) personal data. Cleya processes this data only with your explicit consent and on your device (GDPR Art. 6(1)(a) and 9(2)(a); KVKK Art. 6). You may withdraw your consent and delete your data at any time.
6. Data sharing and selling
Pleyra does not share, sell, or rent your personal data to any third party. Because Pleyra has no access to your data, there is no transfer for advertising or data-brokerage purposes. The limited processing involving Apple is only what is required for the platform services described above (purchases, HealthKit) to function.
7. Retention
Your data stays on your device until you delete it. Removing the app deletes the local data on the device. You can also delete your records from within the app (Section 8).
8. Your rights
Under GDPR and KVKK Art. 11 you have the rights of access, rectification, erasure, restriction of processing, objection, data portability, and withdrawal of consent. Because your data lives on your device, you can exercise most of these directly within the app:
- Export Data: From Settings, export all of your data as JSON (portability).
- Delete Data: Remove your records, or remove the app, to delete the local data.
- Rectify / Restrict: Edit your information from the relevant screens and turn permissions off from iOS Settings.
You may also exercise your rights by writing to privacy@pleyra.com, and you have the right to lodge a complaint with your local data protection authority (in Türkiye, the Personal Data Protection Authority / KVKK).
9. Security
Data is encrypted at the device level (iOS device encryption and, where appropriate, the Keychain). Because we operate no accounts or server infrastructure, there is no central database to breach. No system is 100% secure, but Cleya is designed around data minimization.
10. Children's privacy
In line with its App Store age rating, Cleya is intended for users aged 12 and older and is not directed to children under 13; we do not knowingly collect data from children under 13. If you are under 18, you should use Cleya with the consent and involvement of a parent or guardian. If you believe a child under 13 has provided us with data, contact privacy@pleyra.com.
11. International data transfers
Pleyra does not transfer your data to its own servers. When the Apple App Store is used for purchases, the related processing is subject to Apple's privacy and transfer policies and may occur in different regions depending on your country.
12. Purchases
Cleya Premium is a one-time purchase (details in the Terms of Use). All payments are processed through the Apple App Store. Pleyra never sees or stores any payment information (card number, billing address, etc.). Apple links the purchase to your Apple ID, subject to Apple's privacy policy.
13. Medical disclaimer
Cleya is not a medical device. The content, counters, calculations, and recovery information it provides are for informational and educational purposes only and are not a substitute for medical diagnosis or treatment. Addiction is a serious health condition, and quitting — especially with alcohol or high levels of dependence — can involve dangerous withdrawal symptoms. Always consult a qualified healthcare professional for decisions about your health. In an emergency, call your local emergency number.
14. Changes
We may update this policy from time to time. Material changes are shared via in-app notification, and the current version is always published on this page with the date above.
15. Contact
- Privacy and data protection requests: privacy@pleyra.com
- Technical support: support@pleyra.com
- General questions and feedback: hello@pleyra.com
← Back to site