VYC Sahitya app

Privacy policy VYC Sahitya

Last updated: May 2026

Privacy policy of the websiteThis page applies exclusively to the “VYC Sahitya” mobile app.

1. Data protection at a glance

General notes

The following notes provide a simple overview of what happens to your personal data when you use the VYC Sahitya app. Personal data is any data by which you can be personally identified. For detailed information, please refer to the privacy policy below.

Principle: local data storage

The VYC Sahitya app processes all data exclusively locally on your device. There is no backend, no server and no cloud synchronisation. Your data is never transmitted to us or third parties at any time. The app contains no analytics, advertising or tracking SDKs.

What rights do you have regarding your data?

You have the right at any time to receive information free of charge about the origin, recipients and purpose of your stored personal data. You also have the right to request the rectification or erasure of this data. Since all data is stored exclusively locally on your device, you can delete it yourself in the app at any time. Furthermore, you have the right to lodge a complaint with the competent supervisory authority.

You can contact us at any time about this and any other questions on the subject of data protection.

2. Controller

The controller responsible for data processing in the “VYC Sahitya” app is:

Anne und Robert Böhme
Vinayaki-Yoga & Coaching
Blumenstraße 30
21481 Lauenburg
Phone: +49 (0) 176 47 34 79 48 / +49 (0) 176 47 32 15 02

3. What data is stored?

All stored data remains exclusively on your device.

Encrypted database

The app stores the following usage data in an encrypted SQLite database (256-bit AES encryption via SQLCipher):

Hydration (drink tracking)

  • Daily recorded drink amounts with timestamp and drink type
  • Personal daily goal and individual drink list (including self-created entries)
  • Favourite drinks
  • Reminder settings

Breathing exercises

  • Kapalabhati: profiles, round configurations, completed sessions
  • Anuloma Viloma (alternate-nostril breathing): profiles, completed sessions

App settings

The following preferences are stored locally in device storage (SharedPreferences):

  • Selected app language
  • Selected appearance (theme)
  • Date and number format
  • Custom breathing profiles

Encryption material (vault)

To protect the database, an encryption key (DEK) is stored in the device's secure system storage (iOS Keychain / Android EncryptedSharedPreferences). This key is device-bound and never leaves the device. For recovery on a new device, a recovery passphrase is generated and likewise stored in the secure system storage.

4. Device access and permissions

The app accesses only the following device functions:

  • Local notifications: drink reminders – one-time permission request, only when activated.
  • Device time zone: correct scheduling of reminders – one-time read access at startup.

The app does not access the camera, microphone, location, contacts, health data or other sensors.

5. Network access

The app itself establishes no network connections and transmits no data. The only network-related operation is opening external links in your device's browser (contact form, legal notice) – the app itself transmits no data in the process.

The fonts included in the app (Google Fonts: Playball, Libre Baskerville) are fully bundled locally. No connection to Google servers takes place.

6. Device backups

Your device's operating system may create automatic backups (iCloud on iOS, Google Drive on Android). The app's encrypted database may also be included in your private device backup.

Important: this backup copy is encrypted with the same 256-bit AES key as the original database. Without the associated recovery passphrase, the data cannot be read. The passphrase itself is never included in the backup – it remains in the device's secure system storage. Restoring on a new device is only possible with the recovery passphrase, which you can view in the app settings under “Data & security”.

7. Your rights

Since all data is stored exclusively locally on your device, no personal data is held on our servers.

Deleting data in the app

You can delete all locally stored app data yourself at any time:

In the app: Settings → Data & security → Delete all data. This operation irrevocably deletes all entries from the database, clears all app settings and cancels all scheduled reminders. The encryption material (passphrase and key) is retained in the process.

Complete removal: uninstalling the app removes all local data including the encryption material from the device.

Right to lodge a complaint

You have the right to lodge a complaint with the competent data protection supervisory authority. The authority responsible for us is: Unabhängiges Landeszentrum für Datenschutz Schleswig-Holstein (ULD), Holstenstraße 98, 24103 Kiel, Germany, www.datenschutzzentrum.de.

8. Legal bases of processing

Insofar as the app processes personal data, this is done on the following legal bases pursuant to the General Data Protection Regulation (GDPR):

  • Art. 6(1)(a) GDPR – consent: local notifications (drink reminders) are only sent after your express consent, which you can revoke at any time in the device settings.
  • Art. 6(1)(b) GDPR – performance of contract: storing usage data (hydration entries, breathing exercises, settings) is necessary to provide the contractually agreed functionality of the app.
  • Art. 6(1)(f) GDPR – legitimate interest: encrypting the database and storing the encryption key in the device's secure system storage are based on our legitimate interest in the security of your locally stored data.

Since all data is processed exclusively locally on your device and no transmission to us takes place, processing on other legal bases does not occur in normal operation of the app.

9. Storage period

Since all data is stored exclusively locally on your device, the storage period is entirely under your control:

  • Usage data (hydration entries, breathing exercises, settings): stored until you delete it in the app or uninstall the app.
  • Encryption material (DEK and recovery passphrase in secure system storage): stored until the app is uninstalled.
  • App settings (SharedPreferences): stored until the app is uninstalled or until manually deleted via “Delete all data” in the settings.
  • Device backups (iCloud / Google Drive): the storage period depends on your backup settings and the policies of the respective operating-system provider.

10. Contacting us outside the app

The app itself transmits no data to us. If you contact us via the external channels linked in the app (email, contact form on the website), the provisions of our website's privacy policy apply to the personal data arising in the process: vinayaki-yoga-und-coaching.com/privacy-policy-de-de.

In particular: contact enquiries by email or via the contact form are stored for the purpose of processing and are not passed on without your consent (legal basis: Art. 6(1)(b) or (f) GDPR). The data is deleted as soon as the enquiry has been conclusively processed and no statutory retention obligations stand in the way.

11. Third-party providers

The app uses exclusively open-source libraries that are bundled locally in the app package. The following libraries have no network access in normal operation:

  • Drift / SQLCipher – encrypted local database
  • flutter_secure_storage – secure device key storage (iOS Keychain / Android EncryptedSharedPreferences)
  • flutter_local_notifications – local notifications (no remote push)
  • google_fonts (bundled locally, no network access) – fonts
  • audioplayers – local audio playback
  • url_launcher – opening external links in the browser (the app itself transmits no data in the process)

12. Children

The app is aimed at the general public. No personal data is collected or transmitted to us.

13. Future changes

The app is under active development. Future versions may contain additional features that require extended data processing (e.g. optional community features or an account system). In that case, this privacy policy will be updated accordingly before their introduction.

14. Contact

If you have questions about data protection in the app, please contact: datenschutz@vinayaki-yoga-und-coaching.com. Or use the contact form on our website: vinayaki-yoga-und-coaching.com/kontakt.

This privacy policy applies exclusively to the mobile app “VYC Sahitya”. The privacy policy for the website vinayaki-yoga-und-coaching.com is available at vinayaki-yoga-und-coaching.com/privacy-policy-de-de.