Last Updated: May 18, 2026
This Privacy Policy describes how Lust Reboot ("we", "us", "our") collects, uses, discloses, and protects your personal information when you use the Lust Reboot mobile application and related services (the "App"), which is designed to help users overcome pornography and related compulsive behaviors. By installing or using the App, you acknowledge that you have read and understood this Privacy Policy.
This policy is designed to comply with the EU General Data Protection Regulation (GDPR), the UK GDPR, the California Consumer Privacy Act as amended by the California Privacy Rights Act (CCPA/CPRA), the Children's Online Privacy Protection Act (COPPA), Google Play and Apple App Store data-safety requirements, and Google AdMob's publisher policies.
When you sign in using Clerk, we collect your email address, a unique user identifier, and account credentials so we can give you secure access to your account.
Entries, check-ins, mood logs, triggers, relapse events, streak data, and journal reflections are collected to provide personalized progress tracking and support. This information is treated as sensitive health-related data.
We (and our advertising partners) collect technical information including: device model and manufacturer, operating system and version, language and region, mobile network information, crash logs, app version, time zone, screen size, IP address (truncated where possible), and general diagnostics used to improve security and performance.
If you have not opted out, the App may collect your Google Advertising ID (AAID) on Android or, on iOS, the Identifier for Advertisers (IDFA) where you have granted App Tracking Transparency permission. These are resettable, pseudonymous identifiers used by Google AdMob and its certified ad partners to deliver and measure ads.
When ads are served in the App, our advertising partners may collect ad impressions, clicks, view-time, and approximate (city/region-level) location derived from your IP address. We do not collect precise GPS location for advertising purposes.
Billing details for purchases are processed directly by Google Play or Apple's App Store. We receive only a transaction confirmation and entitlement status — we never store your full payment card number.
Your sensitive recovery data (journal entries, relapse logs, mood data, trigger logs) is never used for advertising, is never sold, and is never shared with advertisers or insurance providers.
If you are in the European Economic Area, the United Kingdom, or Switzerland, we rely on the following lawful bases under Article 6 (and where applicable Article 9) of the GDPR:
You may withdraw consent at any time using the in-app Privacy Settings, without affecting the lawfulness of processing carried out before withdrawal.
We share personal data only with the categories of recipients listed below, and only to the extent necessary:
We do not sell your personal information for money. For the meaning of "sale" and "share" under California law, see Section 7.
The App is monetized in part through advertisements delivered by Google AdMob, a service provided by Google LLC and its affiliates. Google's use of data is governed by the "How Google uses information from sites or apps that use our services" page and the Google Privacy Policy.
We do not transmit your email, name, journal content, mood, trigger, or relapse data to AdMob or any ad partner.
Where personalized advertising is enabled, Google and its certified partners may use the data above to show you ads based on inferred interests and prior interactions. Where you opt out (or where required by law in your region), the App requests non-personalized ads, which use only contextual signals (such as the content of the App and approximate location) and basic frequency capping.
Google works with a list of certified Ad Technology Providers (ATPs) that may receive limited data to serve ads. The current list is published by Google here: https://support.google.com/admob/answer/9012903.
If you are located in the EEA, United Kingdom, or Switzerland, you have the following rights under the GDPR and UK GDPR:
To exercise any of these rights, email support@Lustrebootapp.com. We will respond within 30 days. We do not currently transfer EEA personal data outside the EEA other than to providers that rely on EU Standard Contractual Clauses or equivalent safeguards.
If you are a California resident, you have the following rights under the CCPA, as amended by the CPRA:
"Sale" and "Sharing" of personal information: We do not sell your personal information for monetary value. However, under the broad CCPA definitions, our use of cookies and advertising identifiers to deliver cross-context behavioral advertising via Google AdMob may be considered "sharing" of personal information. The categories involved are: identifiers (advertising IDs, IP address), internet/network activity (ad interactions), and inferences for advertising.
Do Not Sell or Share My Personal Information: California residents can opt out of this sharing at any time in Settings → Privacy → Do Not Sell or Share My Personal Information inside the App, or by emailing support@Lustrebootapp.com with the subject line "CCPA Opt-Out". We also honor the Global Privacy Control (GPC) signal where technically feasible.
Sensitive Personal Information: We use sensitive personal information (such as your journal entries and recovery logs) only to provide the App's features. We do not use or disclose sensitive personal information for purposes that require a "right to limit" under the CPRA.
Authorized agents: You may designate an authorized agent to make a request on your behalf with signed written permission.
The App is not directed to children under 18. We do not knowingly collect personal information from children under 13. The App is tagged in Google AdMob and the Apple App Store as not primarily child-directed, and we do not use the AdMob "tag-for-child-directed-treatment" (TFCD) or "tag-for-under-age-of-consent" (TFUA) flags for general users; however, we configure ad requests so that no behaviorally targeted ads are served when a user indicates they are a minor. If you believe a child has provided us with personal information, please contact us and we will delete it promptly.
The mobile App does not use browser cookies. It does use comparable technologies including local storage, SDK-level identifiers (Clerk session tokens, Supabase auth tokens), and the advertising identifiers described in Section 1.4. The App's web pages (such as this one) may use only strictly-necessary cookies.
Your information may be processed in the United States, the European Union, and other countries where our providers operate. For transfers out of the EEA/UK, we rely on the European Commission's Standard Contractual Clauses (or the UK Addendum) and, where applicable, the EU-U.S. Data Privacy Framework.
We may update this Privacy Policy from time to time. Material changes will be announced in-app and the "Last Updated" date at the top will be revised. Continued use of the App after changes take effect constitutes acceptance.
The data controller for your personal information is Lust Reboot App. For any privacy questions, requests, or to exercise your rights:
Email: support@Lustrebootapp.com
Subject lines we recognize: "GDPR Request", "CCPA Opt-Out", "Delete My Account", "Access Request".