Privacy policy

Last updated:

Halo ("we", "us", or "our") is operated by Amos Whitewolf Webb. This Privacy Policy explains how we collect, use, and protect information when you use the Halo mobile application.

What Halo Does

Halo is a parental safety app that helps parents monitor voice chat in their children's games. When a child starts a gaming session, the app records game and voice audio, analyses it on-device using speech recognition and AI-powered safety analysis, and presents a safety report to the parent.

Information We Collect

Account Information

  • Email address (from Google or Apple Sign-In)

  • Name (if provided via Apple Sign-In)

Family Information

  • Child nicknames (entered by parent)

Session Data

  • Session timestamps (when a session started and ended)

  • Safety flags (green, orange, or red status)

  • Category scores (numeric risk levels for safety categories)

  • AI-generated summaries (paraphrased descriptions of concerning moments, generated on-device, these are not direct quotes or raw transcripts)

Device Information

  • Device pairing token (to link child device to parent account)

  • Device model and OS version (for compatibility and support)

  • Last seen timestamp (when child device was last active)

  • Push notification token (APNs token, used to send safety alerts to the parent's device)

Information We Do NOT Collect

  • Audio recordings - Audio is processed entirely on-device and is never uploaded to our servers

  • Raw transcripts - Voice-to-text conversion happens on-device and raw text is not stored or transmitted

  • Location data

  • Contacts, photos, or other personal files

  • Browsing or search history

How We Use Information

We use collected information to:

  • Create and manage your account

  • Link parent and child devices within a family

  • Display session history and safety summaries to parents

  • Send push notifications to the parent's device when a session is flagged for review

  • Send transactional emails (welcome, safety reports, pairing reminders)

How Audio Processing Works

  1. The child starts a recording session before gaming

  2. Audio is captured on-device via Apple's ReplayKit framework

  3. Audio is transcribed on-device using Apple's Speech framework

  4. The transcript is analysed on-device using rule-based classifiers and an on-device AI language model for safety concerns

  5. AI-generated summaries of any concerning moments are created on-device (these are paraphrased descriptions, not direct quotes)

  6. Safety scores and AI-generated summaries are sent to our servers for the parent to review

  7. Audio files and raw transcripts are deleted from the device after processing

Data Storage and Security

Your data is stored securely using Supabase, a cloud database platform with encryption at rest and in transit. We do not sell your data. We may share limited data with the third-party service providers described below to operate the app, measure marketing performance, and manage subscriptions.

Third-Party Services

  • Supabase - Database hosting and authentication (EU data center)

  • Apple/Google - Sign-in authentication

  • Sentry - Crash reporting and error tracking (EU data center)

  • Resend - Transactional email delivery

  • Amplitude - Product analytics (usage patterns, feature adoption)

  • Singular - Mobile measurement and attribution analytics (MMP)

  • Meta (Facebook SDK & Conversions API) - Advertising attribution for Meta platforms (hashed email and name sent via CAPI for ad measurement)

  • Halo Attribution (api.halosafe.app) - Our own attribution service for Meta ad measurement (device fingerprint + hashed email/name)

  • Superwall - Paywall presentation and subscription management

Sentry Crash Reporting

We use Sentry to identify and fix app crashes and errors. When an error occurs, Sentry may collect:

  • Crash data (stack traces, error messages)

  • Device info (device model, OS version, app version)

  • Breadcrumbs (a trail of app events before the crash, e.g., "recording started", "user signed in")

Sentry does NOT collect:

  • IP addresses (we have disabled this)

  • Email addresses or names

  • Audio, transcripts, or any content from monitoring sessions

Sentry data is stored in the EU and is used solely to improve app stability.

Product Analytics

We use Amplitude to understand how the app is used (e.g., which features are popular, where users drop off in onboarding). Amplitude collects app usage events and device metadata. It does not receive audio, transcripts, or safety report content. Amplitude is configured with COPPA-compliant settings.

Advertising, Analytics, and Paywalls

We use Singular and the Meta (Facebook) SDK to measure the effectiveness of our marketing (e.g., installs and subscriptions attributed to campaigns). We use Superwall to present paywalls and determine subscription access. These attribution services only run on the parent's device, not on child devices.

These services may process:

  • Device identifiers (such as IDFV)

  • Advertising Identifier (IDFA) if you grant permission via Apple's App Tracking Transparency prompt

  • App events (e.g., sign up completed, onboarding completed, subscription started)

  • Purchase/subscription metadata (such as product identifier, currency, and amount) for attribution and analytics

If you do not allow tracking, we do not access the IDFA and attribution is limited (e.g., via SKAdNetwork where available).

Meta Ad Measurement

When you create an account, we send a hashed (SHA-256) version of your email address and name (as provided by Google or Apple Sign-In) to Meta Platforms, Inc. via Meta's Conversions API, solely to measure which ads led to Halo installs and subscriptions. The raw values never leave your device in plaintext — only irreversible hashes are transmitted to Meta. We also record a device fingerprint (IP address, browser version, screen dimensions, timezone, locale) on our own attribution endpoint at api.halosafe.app for the same measurement purpose. This data is used exclusively for ad measurement and is not sold or shared for any other purpose. You can opt out of ad measurement at any time via iOS Settings → Privacy & Security → Tracking.

Children's Privacy

Halo is designed for parents to monitor their children's online safety. The parent account holder is responsible for:

  • Setting up and authorising monitoring on the child's device

  • Pairing the child device via QR code

  • Explaining to their child that monitoring is active

Children do not create accounts. The child device operates in a limited monitoring mode controlled by the parent. Advertising and attribution SDKs do not run on child devices.

Data Retention and Deletion

  • Session data is retained while your account is active

  • You can delete your account and all associated data directly within the app (Settings menu)

  • You may also request deletion by emailing hello@halosafe.app

  • Upon deletion, all data (account, family, children, devices, sessions, and email records) is permanently removed

Your Rights

You may:

  • Access your data within the app

  • Request a copy of your data via email

  • Delete your account and data from within the app

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via the app or email.

Contact Us

If you have questions about this Privacy Policy, contact us at:

Email: hello@halosafe.app

Amos Whitewolf Webb
Halo Safe