01 About This Policy
Vongsion (Beijing) Technology Co., Ltd. ("we", "us", or "our") operates the mobile application sleep sounds : X ("App"). This Privacy Policy explains what personal data we collect, why we collect it, how it is used and shared, and what rights you have under the Singapore Personal Data Protection Act 2012 (PDPA).
By downloading or using the App, you acknowledge that you have read and understood this Privacy Policy. If you do not agree, please uninstall the App and discontinue use.
02 Data We Collect
We collect only the minimum data necessary to operate and improve the App. All data is collected automatically via the Firebase SDK when you use the App.
| Data Type | Specific Items | Collection Method | Purpose |
|---|---|---|---|
| Device Information | Device model, operating system version, Android Advertising ID (AAID) | Automatically via Firebase SDK | App performance analysis; advertising attribution and optimisation |
| Usage Behaviour | Sound type selected, session duration, timer settings, play frequency | Automatically via Firebase Analytics | Improve sound features and user experience |
Data We Do NOT Collect
- Name, email address, phone number, or any registration details
- Location data (GPS or network-based)
- Health or biometric data (sleep quality, heart rate, etc.)
- Financial or payment information
- Microphone or camera data
- Cookies or cross-site tracking identifiers
03 How We Use Your Data
We use the data collected for the following purposes:
| Purpose | Data Used | Legal Basis (PDPA) |
|---|---|---|
| Improve App functionality and user experience | Usage behaviour data | Legitimate interests |
| Detect abnormal usage and ensure App security | Device information, usage behaviour | Legitimate interests |
| Advertising attribution — measure which marketing channels drive App installs | Android Advertising ID (AAID) | Legitimate interests |
| Advertising audience optimisation — improve external ad campaign targeting | Android Advertising ID (AAID) | Legitimate interests |
04 Android Advertising ID (AAID)
The Android Advertising ID (AAID) is a resettable device identifier provided by Google. We collect and use the AAID for the following specific purposes:
1. Advertising Attribution
We use the AAID to understand which advertising channels or campaigns led to the installation of sleep sounds : X on your device. This helps us measure the effectiveness of our marketing spend and decide where to invest in reaching new users.
2. Advertising Audience Optimisation
We may share the AAID with advertising platforms (such as Google Ads) to build similar-audience models and refine who our external advertisements are shown to. This means our ads may be more relevant to people likely to enjoy sleep or relaxation apps.
How to Opt Out or Reset Your AAID
You can limit or completely remove advertising ID tracking at any time using your device settings:
-
Android 12 and above:
Settings → Privacy → Ads → Delete Advertising ID.
Deleting the AAID prevents all apps, including ours, from using it. - Android 11 and below: Settings → Google → Ads → Opt out of Ads Personalisation, or Reset Advertising ID to generate a new anonymous identifier.
Resetting or deleting your AAID will mean we can no longer associate your device with any prior advertising campaign. This will not affect your ability to use any feature of the App.
05 Data Sharing & Third Parties
We share data only with the third parties listed below and only for the stated purposes. We do not sell your personal data.
| Third Party | Data Shared | Purpose | Privacy Reference |
|---|---|---|---|
| Google Firebase (Analytics) |
Device information, usage behaviour data | App performance analysis and crash reporting | Firebase Privacy |
| Google Ads | Android Advertising ID (AAID) | Advertising attribution and audience optimisation | Google Privacy Policy |
We may also disclose personal data if required to do so by law, court order, or any governmental or regulatory authority, or where we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
06 Overseas Data Transfers
Your data is stored and processed on Google Cloud servers, which may be located outside Singapore, including in the United States. By using the App, you consent to this transfer.
We ensure that such transfers are protected by requiring that third-party recipients apply a standard of protection comparable to that under the PDPA. Specifically:
- Google LLC is certified under recognised international data protection standards and maintains contractual commitments consistent with PDPA requirements for overseas transfers.
- Data shared with Google Ads is governed by Google's standard data processing terms, which include appropriate safeguards for international transfers.
07 Data Retention & Security
Retention
| Data Type | Retention Period | Basis for Retention |
|---|---|---|
| Usage behaviour and device data (Firebase Analytics) | 12 months from collection | App improvement purposes |
| AAID (advertising attribution records) | 12 months from collection | Marketing attribution analysis |
After the applicable retention period, data is automatically deleted or anonymised in accordance with Firebase's data lifecycle management. Aggregated, anonymised statistics that cannot be linked to any individual may be retained for longer periods for product improvement purposes.
Security
We implement the following measures to protect your data:
- Data in transit and at rest is encrypted using AES-256 encryption on Google Cloud infrastructure.
- Access to data within Firebase is restricted to authorised personnel only.
- We conduct periodic reviews of our data protection practices.
While we take reasonable steps to protect your data, no method of electronic storage or transmission is completely secure. In the event of a data breach that is likely to result in significant harm, we will notify the Personal Data Protection Commission (PDPC) within 3 calendar days and affected individuals as required under the PDPA.
08 Your Rights Under the PDPA
As a user in Singapore, you have the following rights under the PDPA:
| Right | Description | How to Exercise |
|---|---|---|
| Right of Access | Request information about the personal data we hold about you and how it is used. |
Email: support@vongsion.com Subject: "Data Request" We will respond within 30 days. |
| Right of Correction | Request correction of inaccurate or incomplete personal data we hold about you. | |
| Right of Deletion | Request deletion of personal data we hold about your device. | |
| Right to Withdraw Consent | Withdraw consent to our processing of your personal data at any time (subject to legal or contractual restrictions). |
Data Deletion Process
Because we do not collect any account identifiers, deletion requests are processed using your device's Firebase App Instance ID, which uniquely identifies your App installation. When you contact us:
- We will acknowledge your request within 72 hours.
- We will process and complete your request within 30 days.
- Deletion is performed via Firebase's User Data Deletion API. Firebase will complete the underlying deletion within 180 days of our request submission; your data will not be used for any purpose during this period.
- Aggregated, anonymised statistics that cannot identify you individually will be retained in accordance with our legitimate business purposes.
Lodge a Complaint
If you believe we have not handled your personal data in accordance with the PDPA, you may lodge a complaint with the Personal Data Protection Commission (PDPC):
- Website: www.pdpc.gov.sg
- Hotline: 6377 3131
We encourage you to contact us first so we can address your concerns directly.
09 Age Restriction
We do not knowingly collect personal data from individuals under the age of 18. Our App store listings are configured to restrict access to users aged 18 and above.
If we discover or are notified that we have inadvertently collected data from a user under the age of 18, we will:
- Immediately terminate that user's access to the App.
- Delete all data associated with that user without delay.
If you are a parent or guardian and believe your child has used this App, please contact us immediately at support@vongsion.com.
10 Future Subscription Services
sleep sounds : X is currently provided free of charge. We do not offer any paid subscriptions or in-app purchases at this time.
We may introduce an optional subscription tier in the future to provide enhanced content or features. If and when we do so:
- We will notify all existing users of the new subscription option at least 30 days in advance via an in-app notification displayed on your next App launch, and through the App store update release notes.
- All core free features will remain available at no cost and will not be removed or restricted in order to compel subscription purchases.
- Detailed subscription terms, pricing, billing cycles, cancellation policy, and applicable refund rights will be published separately and communicated to you before any subscription is offered.
- If a subscription is introduced, we will update this Privacy Policy to describe any additional data collected in connection with payment processing (which will be handled by Apple App Store or Google Play — we will not collect your payment card details directly).
11 Policy Changes & Notification
We may update this Privacy Policy from time to time. The updated Policy will always be accessible within the App and via the App store listing.
How We Notify You
Because sleep sounds : X is a purely local, client-side application with no persistent server connection, we notify users of changes through the following channels:
- App update release notes: Material changes will be described in the "What's New" section of the App store update, published at least 30 days before the changes take effect.
- In-app notification: On the first launch following an App update containing policy changes, you will see a notice describing the changes and, for material changes, be asked to confirm your acceptance before continuing to use the App.
Material vs Non-Material Changes
| Change Type | Examples | Notice Period | User Action Required |
|---|---|---|---|
| Material | New data types collected; new third-party sharing; AAID use expanded; subscription introduced | At least 30 days in advance | In-app confirmation required |
| Non-material | Typographical corrections; contact detail updates; clarifications that do not change data practices | Effective on publication | None — in-app notice only |
We recommend enabling automatic updates for the App on your device to ensure you receive policy change notifications promptly. By enabling automatic updates, you agree that App store update notes constitute valid notice of upcoming policy changes.
If you do not agree to any updated Privacy Policy, please uninstall the App prior to the effective date of the changes.
12 Contact & Data Protection Officer
If you have any questions, concerns, or requests regarding this Privacy Policy or the handling of your personal data, please contact our Data Protection Officer (DPO):
Vongsion (Beijing) Technology Co., Ltd.
Email: support@vongsion.com
Subject line: Privacy / Data Request
We will acknowledge your enquiry within 72 hours and provide a substantive response within 30 days. If additional time is required, we will inform you before the 30-day period expires.
For complaints that remain unresolved after contacting us, you may refer the matter to the Singapore Personal Data Protection Commission (PDPC) at www.pdpc.gov.sg.