Lab Laps

Back to Lab Laps

Legal

Lab Laps Privacy Policy (Mobile App)

Lab Laps ("we," "our," or "us") respects your privacy. This Privacy Policy explains how we collect, use, disclose, and protect information when you use the Lab Laps mobile application and related services (the "Service").

By using the Service, you agree to this Privacy Policy. If you do not agree, please do not use the Service.

In short: We do not sell your personal information. We do not use your data for advertising or to build advertising profiles. Optional usage analytics can be turned off in the app at any time.

1. Information We Collect

1.1 Account and Identity Information

When you create or use an account, we may collect:

  • Email address
  • Authentication credentials handled by Supabase Auth
  • Optional profile data (for example, full name)
  • Unique account/user identifiers

If you sign in with Apple or Google, we receive account information provided by those providers (subject to your settings and their policies).

1.2 Project and App Content

We process and store data you create in the app, such as:

  • Projects, steps, timers, groups, and configuration details
  • Project metadata (for example, creation/update timestamps)
  • Step images you upload

1.3 Scan-to-Project (AI) Inputs

If you use AI scan features, we process files you choose (photos, PDFs, or text) to extract structured protocol data.

  • Files are sent through our backend to AI providers (for example, OpenAI) for processing.
  • Extracted results may be saved as project content if you create or update a project.
  • Do not submit confidential or sensitive data to AI scan features.

1.4 Subscription and Purchase Data

If you use paid features, we process subscription status and purchase-related metadata through:

  • Apple in-app purchase infrastructure
  • RevenueCat (subscription management)
  • Our backend subscription records (for entitlement sync)

We do not receive your full payment card number from Apple.

1.5 Usage Analytics (Optional)

When you leave "Usage data (analytics)" enabled in the app Settings (under Privacy), we use PostHog to collect product analytics to help us improve the app. This is optional and can be turned off at any time.

When enabled, we may collect:

  • Usage events (for example, sign-in, onboarding completed, project created, timer or scan usage)
  • Screen or page views within the app
  • App and device context (for example, app version, platform) necessary to interpret usage
  • An anonymous or account-linked identifier used only for analytics when you are signed in

We do not use session replay or record screen content. If you disable "Usage data (analytics)" in Settings, we stop sending analytics data; existing preferences are respected on app start.

1.6 Device, App, and Technical Information

We may process limited technical information needed to operate and secure the Service, such as:

  • Device/platform details and app version
  • Network status and service request metadata
  • Error information necessary for troubleshooting and abuse prevention
  • Crash and diagnostic data captured through Sentry (for example, stack traces and technical context)

1.7 Information We Do Not Collect

We do not collect precise location, contacts, or calendar data. We do not use your data for targeted or behavioral advertising.

2. Permissions and On-Device Access

The app may request:

  • Camera access (to capture protocol images)
  • Photo library access (to select images)
  • File/document access (to import PDF/text files)
  • Notification permission (to deliver timer alerts)

These permissions are optional, but related features will not function without access. You can change permissions in your device settings.

Push notifications are used only for timer and alarm alerts within the app. We do not send marketing or promotional push messages.

3. Local Storage and Cloud Sync

Lab Laps stores app data on your device (local storage). If cloud sync is enabled, project data and related content are synced to our Supabase backend.

If cloud sync is disabled, data may remain local-only on your device and may be lost if the app is deleted or the device is reset.

If you create share links, shared project content may be accessible to anyone with the link and may expire or be deleted automatically after a limited period (for example, up to 30 days), depending on feature configuration.

4. How We Use Information

We use information to:

  • Provide and maintain the Service
  • Authenticate users and manage accounts
  • Sync projects across devices when cloud sync is enabled
  • Upload, display, and manage project images
  • Process AI scan requests and generate structured project output
  • Deliver timer and alarm notifications
  • Process subscriptions, purchases, and entitlement checks
  • Respond to support requests
  • Monitor crashes and diagnose app reliability issues
  • Analyze product usage (when analytics is enabled) to improve the app
  • Detect misuse, secure the Service, and comply with legal obligations

5. Sharing and Disclosure

We do not sell personal information. We do not share your personal information with third parties for their advertising or marketing, or for cross-context behavioral advertising (as defined under laws such as the California Consumer Privacy Act).

We may share data with service providers that support our app operations:

  • Supabase (authentication, database, edge functions, storage)
  • OpenAI or similar AI providers (only when AI scan is used)
  • RevenueCat (subscription/purchase management)
  • PostHog (product analytics, only when you have analytics enabled in the app)
  • Sentry (crash reporting and diagnostics)
  • Apple (in-app purchases, platform services, Sign in with Apple)
  • Google (if you use Google sign-in)

We may also disclose data if required by law, to protect rights/safety, or in connection with a business transfer.

6. Data Retention

We keep data for as long as needed to provide the Service and for legitimate business or legal purposes.

  • Account/project data is retained while your account is active.
  • Local device data remains until removed by you or the app.
  • Cloud data can be removed through in-app deletion features where available.
  • Analytics data is processed according to PostHog's data practices when analytics is enabled.
  • Backup copies may be retained for a limited period.

7. Your Choices and Rights

Depending on your location, you may have rights to access, correct, export, or delete your data. Residents of the European Economic Area, United Kingdom, California, and other jurisdictions may have additional rights under applicable law (for example, data portability, restriction of processing, or objection).

In the app, you can generally:

  • Turn off "Usage data (analytics)" in Settings -> Privacy to stop analytics collection
  • Update account profile details
  • Change email/password
  • Sign out (including all devices)
  • Delete cloud project data
  • Request account deletion (or contact support if unavailable in-app)
  • Manage notification and permission settings on your device

To exercise your rights or for privacy-related requests, contact us at support@lablaps.com or use the in-app options above.

8. How to Request Deletion of Your Data

If you want us to delete your account and all associated user data, you can submit a deletion request by email.

  1. Send an email to support@lablaps.com from the email address linked to your Lab Laps account.
  2. Use a subject line such as "Delete My Account and Data".
  3. State in the email that you want Lab Laps to delete all personal data associated with your account.
  4. We may ask you to verify the request before deleting data, to help prevent unauthorized account deletion.
  5. After verification, we will process the request within a reasonable timeframe, subject to applicable legal retention requirements.

This request applies to the personal data associated with your Lab Laps account, including account information and cloud-stored project data. We may retain limited information where required by law or where needed for security, fraud prevention, billing, backup, or recovery purposes.

9. Children's Privacy

The Service is not directed to children under 13, and we do not knowingly collect personal information from children under 13.

10. International Transfers

Your information may be processed in countries other than your own, including where our service providers operate. We use reasonable safeguards appropriate to such transfers.

11. Third-Party Privacy Policies

Third-party services used by Lab Laps have their own privacy terms. Please review:

12. Usage Analytics, Tracking, and Advertising

Lab Laps uses optional product analytics (PostHog) to understand how the app is used and to improve it. This is controlled by the "Usage data (analytics)" setting in the app (Settings -> Privacy). When you disable it, we stop sending analytics data. We do not use session replay or record screen content.

This app does not use Apple's App Tracking Transparency (ATT) framework for cross-app or cross-website tracking. We do not use your data for advertising or for building advertising profiles. Lab Laps is not an advertising app and does not use third-party advertising SDKs. We do not track you across third-party apps or websites for targeted advertising. Crash and diagnostic data collected through Sentry is used for reliability and debugging only.

13. Security

We use reasonable technical and organizational safeguards to protect information, including encryption of data in transit (e.g. HTTPS/TLS). No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

14. Changes to This Policy

We may update this Privacy Policy from time to time. We will post the updated policy and revise the effective date. Material changes may be communicated in-app or by other reasonable means.

15. Contact

For questions about this Privacy Policy, your data, or to exercise your privacy rights (including under GDPR or CCPA), contact us:

Email: support@lablaps.com