Privacy Policy for Mouture
1. In short
Mouture is designed to keep your data on your device. We do not require an account, we do not build a profile of you, and by default we collect no analytics or usage data about you.
A small number of clearly listed features connect to the internet — the weather forecast, the one-time download of the on-device AI model, purchases, remote configuration, and (only if you opt in) anonymous diagnostics. Everything else — your app usage, calendar, contacts, notes, and every AI conversation — is processed locally and never leaves your phone.
You can verify these claims in the app’s Privacy Center (Settings → Privacy), which shows a live view of what Mouture accesses and lets you delete on-device data at any time.
2. Who is responsible for your data
The data controller for any personal data processed through Mouture is:
Advisely
35 rue Pouchet, 75017 Paris, France
hello@doppio-lab.com
For most of what Mouture does, there is no controller relationship at all, because the data is processed entirely on your device and is never transmitted to us or anyone else.
3. Data processed only on your device (never transmitted)
The following are read and used exclusively on your device. They are not sent to us, and we have no ability to access them:
| Data | Why it is used | Where it stays |
|---|---|---|
| App usage (which apps you open and when) | Suggestions, smart folders, digital wellbeing, AI insights | On device |
| Calendar events | Showing your agenda; optional correlation with app usage for reminders | On device |
| Contacts | Making contacts searchable from the launcher (opt-in) | On device |
| Notes | The notes you write in Mouture | On device |
| AI conversations & prompts | Running the on-device assistant | On device |
| Home layout, folders, gestures, preferences | Your launcher configuration | On device |
| Learned patterns and predictions | Proactive suggestions and reminders | On device |
The AI assistant runs a language model locally using Google AI Edge LiteRT-LM. Your prompts and the assistant’s answers are processed on the device’s own hardware and are not sent to any server for inference.
4. Data that may leave your device
Mouture connects to the internet only for the specific purposes below. Each one is limited to what the feature strictly needs.
4.1 Weather (approximate location)
To show local weather, Mouture sends your approximate (coarse) location to Open-Meteo (api.open-meteo.com), a free, key-less weather API. No account or precise GPS location is used, and the request contains no identifier that ties it to you.
4.2 On-device AI model download
The first time you enable the AI assistant, Mouture downloads the model file (~557 MB) from Hugging Face (huggingface.co). This is a standard file download; once downloaded, the model runs fully offline.
4.3 Optional diagnostics — off by default
If — and only if — you turn on “Usage analytics & crash diagnostics” (Settings → Privacy Center), Mouture shares anonymous feature-usage events and crash reports through Google Firebase Analytics and Firebase Crashlytics to help us fix bugs and improve the app. This setting is disabled by default and can be turned off at any time. We never include your notes, messages, contacts, calendar content, or anything that identifies you.
4.4 Remote configuration
Mouture uses Firebase Remote Config to fetch non-personal configuration (such as the AI model catalog). This involves a Firebase installation identifier managed by Google’s SDK; it does not identify you personally.
4.5 Purchases and subscriptions
If you buy Mouture Premium, the purchase is handled by Google Play Billing and processed through RevenueCat, which manages your entitlement. Payment card details are handled by Google and are never seen by us. RevenueCat receives a pseudonymous app-user identifier and purchase metadata to keep your subscription status in sync.
4.6 Network connectivity
Mouture checks network state to know whether the features above are reachable. No data is transmitted by this check itself.
5. Permissions we request and why
| Permission | Purpose | Optional? |
|---|---|---|
| Internet / Network state | Weather, model download, purchases, remote config, opt-in diagnostics | Required for those features |
Approximate location (ACCESS_COARSE_LOCATION) | Local weather | Yes — decline to disable weather-by-location |
| Usage access (special access) | App-usage suggestions, wellbeing, AI insights | Yes — grant in system settings |
Calendar (READ_CALENDAR) | Show your agenda; optional usage correlation | Yes |
Contacts (READ_CONTACTS) | Search contacts from the launcher | Yes (opt-in) |
Notifications (POST_NOTIFICATIONS) | Reminders and briefings | Yes |
| Notification policy / Do Not Disturb | Focus features | Yes |
| Request delete packages | Let you uninstall apps from the launcher | Used only when you choose to uninstall |
You can grant or revoke each permission at any time in Android system settings. Denying a permission disables only the feature that needs it.
6. Legal bases (GDPR / UK GDPR)
Where the GDPR applies, we rely on the following legal bases:
- Consent (Art. 6(1)(a)) — optional diagnostics, contacts search, calendar-usage correlation, and any feature you explicitly opt into. You may withdraw consent at any time.
- Performance of a contract (Art. 6(1)(b)) — processing needed to provide a paid subscription you requested.
- Legitimate interests (Art. 6(1)(f)) — keeping the app secure and functioning (e.g. crash diagnostics you enabled, fetching remote configuration).
7. Third-party services (sub-processors)
We do not sell your personal data. We do not share it with third parties except through the services strictly required to run the features above:
| Service | Purpose | Data involved | Their policy |
|---|---|---|---|
| Open-Meteo | Weather forecast | Approximate location | open-meteo.com/en/terms |
| Hugging Face | One-time AI model download | Standard request metadata (e.g. IP) | huggingface.co/privacy |
| Google Firebase (Analytics, Crashlytics, Remote Config) | Opt-in diagnostics; app config | Anonymous events/crash data; installation ID | firebase.google.com/support/privacy |
| Google Play Billing | Payment processing | Handled by Google | policies.google.com/privacy |
| RevenueCat | Subscription management | Pseudonymous app-user ID, purchase metadata | revenuecat.com/privacy |
8. Data retention
- On-device data is kept until you delete it. You control the raw-activity retention window in the Privacy Center, and older events are pruned automatically. “Delete my data” wipes all activity, predictions, and learned patterns from the device.
- Opt-in diagnostics are retained by Google/Firebase according to their standard retention settings.
- Purchase records are retained by Google and RevenueCat for as long as needed to manage your entitlement and meet legal/accounting obligations.
Uninstalling Mouture removes all on-device data.
9. Your rights
Depending on where you live, you may have the right to access, correct, delete, restrict, or object to the processing of your personal data, and to data portability.
- Most of your data never reaches us — you can exercise these rights directly, on the device, via the Privacy Center (view, restrict retention, and delete).
- For any personal data a third party above holds, you may contact that provider directly or contact us at hello@doppio-lab.com and we will assist.
For EEA/UK users (GDPR): you also have the right to lodge a complaint with your local data protection authority.
For California users (CCPA/CPRA): we do not sell or “share” your personal information, and we do not use it for cross-context behavioral advertising. You may exercise your rights by contacting us at hello@doppio-lab.com. We will not discriminate against you for exercising them.
10. Children’s privacy
Mouture is not directed to children under the age of 13 (or the minimum age required in your country), and we do not knowingly collect personal data from them. If you believe a child has provided us with personal data, contact us and we will delete it.
11. Security
Your data is stored in the app’s private storage on your device and protected by Android’s application sandbox and the device’s own security (lock screen, encryption). Network requests use HTTPS. Because most processing is local, the primary safeguard for your data is the security of your device itself. No method of transmission or storage is 100% secure, and we cannot guarantee absolute security.
12. International data transfers
The optional third-party services above (Google, RevenueCat, Hugging Face, Open-Meteo) may process data on servers located outside your country, including the United States. Where required, these transfers are covered by appropriate safeguards such as the EU Standard Contractual Clauses, as described in the providers’ respective privacy policies.
13. Changes to this policy
We may update this Privacy Policy from time to time. Material changes will be reflected by an updated “Effective date” and, where appropriate, announced in the app or on our store listing. Continued use of Mouture after an update constitutes acceptance of the revised policy.
14. Contact
Questions or requests about this policy or your data:
Advisely
35 rue Pouchet, 75017 Paris, France
hello@doppio-lab.com