Legal
Last updated: July 6, 2026
This policy describes what data the Writely app and this website (getwritely.app) process. It does not constitute legal advice.
The data controller for the processing described here is the operator named in the Imprint. Contact for privacy questions: support@getwritely.app.
Writely is deliberately built local-first: your handwritten characters ("glyphs") and the documents you create are stored on your device, never on a server. Neither the app nor this website use third-party analytics, advertising, or crash-reporting SDKs.
What: your handwriting glyphs, the documents you create, folder structure, and app settings.
Where: exclusively on your device.
Why: so the app works at all (its core function — turning text into your handwriting). Legal basis: Art. 6(1)(b) GDPR (contract performance).
Shared with: no one. This data never leaves your device unless you export or share it yourself.
Retention: until you delete it in the app or uninstall the app.
The app contains a prepared, optional account and cloud-backup feature. This feature is fully disabled in the currently published build: there is no visible sign-in entry point, and no account data is transmitted to any server. Once activated, we will update this section to describe the data then transmitted, its storage location, and the legal basis.
The app is prepared so that Pro/Lifetime features will eventually be handled through Apple's in-app purchase system. In the currently published build, the purchase SDK is not linked — no real purchases happen, and the paywall shows "Coming soon". Once real purchases are activated, Apple alone processes your payment data; we receive at most a purchase confirmation.
The app counts locally on your device how many free exports, handwritings, and documents you've already created. This count is purely local and never transmitted to a server.
In the app, "Contact support" opens a pre-filled email to support@getwritely.app in your own mail app — the app itself neither stores nor transmits anything.
On the website, we process the data you enter in the contact form (name optional, email, topic, message) solely to answer your request. Legal basis: Art. 6(1)(b) or (f) GDPR. Your message is forwarded by email to our support inbox and is not stored in a database.
To prevent spam, submissions are also checked against an invisible honeypot field, a timing check, and a short-lived, in-memory rate limit; none of this processes data beyond what the form already collects.
The app does not include any crash-reporting or analytics SDK. iOS itself may independently generate its own crash reports and offer to send them to Apple — that's outside the app's control and governed by Apple's own privacy notices. The app also uses no push notifications.
When you visit this website, our hosting provider processes technically necessary server logs (e.g. IP address, timestamp, requested URL) to deliver and secure the site. Legal basis: Art. 6(1)(f) GDPR (legitimate interest in operation and security).
To send support emails, we use an email delivery provider with whom a data processing agreement under Art. 28 GDPR is in place.
Our hosting provider processes server logs as part of delivering the website.
Prepared but inactive: Supabase (accounts/cloud backup) and Apple/RevenueCat (purchases) — see sections 4 and 5.
App data: none, it stays on your device. For the website, any international transfer depends on the hosting and email providers in use; where necessary, we secure it through appropriate safeguards (e.g. standard contractual clauses).
Support messages remain in our inbox only as long as needed to handle your request and to meet legal retention obligations, after which they are deleted. Local app data: until you delete it or uninstall the app.
Under the GDPR you always have the right to:
Since all app content lives locally on your device, you can access, correct, and delete it directly in the app. For questions about support messages or deletion, see the data deletion page.
Writely is used by students, among others. Neither the app nor the support form collect age information or data beyond what's described above.
We update this policy whenever data processing changes, in particular once accounts or real purchases are activated. The current version is always available on this page.