Privacy Policy
One Last Second
Effective Date: July 8, 2026
1. Introduction
This Privacy Policy describes how ONE PT SIX LLC, doing business as "One Last Second" ("Company," "we," "us," or "our"), collects, uses, stores, shares, and protects information in connection with the One Last Second mobile application and related services (the "App"). It is incorporated into and forms part of our Terms of Service.
By downloading, installing, or using the App, you consent to the practices described in this Privacy Policy. If you do not agree, do not use the App.
The short version: One Last Second is built local-first. On the free tier, your videos never leave your device unless you explicitly share them with friends or export them. Cloud backup exists only for paid subscribers who enable it by linking an account. We do not sell your personal information, and your videos are never public.
2. Information We Collect
2.1 Information you provide
- Account information. By default, the App creates an anonymous account — a random identifier with no name, email, or password. If you choose to link Sign in with Apple, we receive the identifier Apple provides and, if you share it, your name and email address (which may be an Apple private-relay address).
- Profile and life settings. Your date of birth and a life-expectancy number you choose, used solely to render the App's life-grid visualizations and countdowns; a display name and an optional profile photo (avatar) if you set one.
- Your content. Videos you record or import, generated thumbnails, and optional metadata you attach: notes, moods, chapter names, and favorites.
- Location labels (optional). If you grant location permission, the App converts your device location at the moment of capture into a coarse text label at the precision you choose (city, state, or country — e.g., "Tampa, FL"). Only that text label is stored with the moment; we do not store your precise coordinates or track your location in the background. You can decline location permission entirely and the App works normally.
- Feedback. If you submit in-app feedback or a bug report, we receive your message along with your app version, platform, and OS version.
- Preferences. Reminder time, notification settings, sharing defaults, clip-length preference, and similar settings.
2.2 Information collected automatically
- Usage analytics. We use PostHog to collect app usage events (such as screens viewed, features used, app opens/closes) together with device information (device model, OS version, app version) and a pseudonymous identifier. This helps us understand how the App is used and improve it.
- Purchase and subscription status. We use RevenueCat to manage subscriptions. RevenueCat receives a pseudonymous app-user identifier and app-store receipt information. We never receive or store your payment card details — payments are processed entirely by Apple or Google.
- Advertising attribution. The App includes the Meta (Facebook) SDK to measure the effectiveness of our advertising (for example, whether an install came from an ad). This involves app events such as installs and app opens. On iOS, the device advertising identifier (IDFA) is shared with Meta only if you allow tracking via Apple's App Tracking Transparency prompt. If you decline, attribution falls back to Apple's privacy-preserving frameworks (SKAdNetwork), and nothing in the App changes — declining costs you no features.
- Crash and diagnostic data. The operating system and our service providers may provide us aggregated crash and diagnostic information.
2.3 Information we do NOT collect
We do not collect your contacts, your photo library beyond videos you explicitly select, your precise location history, biometric data, or health data. There are no third-party ad networks serving ads inside the App. Notifications are scheduled locally on your device; we do not operate a push-notification server.
3. Where Your Content Lives (Important)
- Free tier: your device only. Videos, thumbnails, and your archive are stored in the App's local storage on your device. We have no copy. (This also means we cannot recover them if your device is lost or the App is deleted — see the Terms of Service.)
- Plus subscribers with a linked account: your videos and metadata are backed up to our cloud storage (Cloudflare R2, with metadata in Supabase) so your archive survives reinstalls and device changes. Backups are private to your account.
- Shared moments: when you share a moment with approved friends, a compressed copy is uploaded to a separate, ephemeral storage area and is automatically deleted approximately 30 days after capture. Friends access it only through short-lived, authorization-checked links. Sharing works on all tiers and is always your explicit choice (per-moment toggle or a default you control).
- Nothing is ever public. There is no public feed. Videos are stored in private buckets and are only ever accessible to you and, if you share a specific moment, to friends you have individually approved.
4. How We Use Information
We use the information we collect to:
- provide, operate, and maintain the App and its features (capture, archive, life grid, compilations, sharing, backup);
- authenticate you and sync your data across devices (Plus);
- process and manage subscriptions and entitlements;
- deliver friend-sharing features you initiate;
- respond to feedback and support requests;
- understand usage and improve the App;
- measure advertising effectiveness and grow the App;
- protect the security and integrity of the App, prevent abuse, and enforce our Terms of Service;
- comply with legal obligations.
We do not use the content of your videos, notes, or moods for advertising, and we do not train machine-learning models on your content.
5. How We Share Information
We do not sell your personal information. We share information only as follows:
- With friends you approve. Moments you choose to share (video, thumbnail, and any note, mood, or location label attached to them, along with your display name and avatar) are visible to your approved friends for up to 30 days.
- With service providers who process data on our behalf and under contractual restrictions: Supabase (authentication, database, avatar storage), Cloudflare (video storage/R2), RevenueCat (subscription management), PostHog (analytics), Resend (delivery of feedback emails to us), and Expo (app infrastructure).
- With Apple and Google in connection with app distribution, payments, and Sign in with Apple.
- With Meta for advertising measurement as described in Section 2.2, subject to your App Tracking Transparency choice on iOS.
- For legal reasons. We may disclose information if we believe in good faith it is required by law, subpoena, or legal process, or necessary to protect the rights, property, or safety of the Company, our users, or the public.
- Business transfers. If we are involved in a merger, acquisition, financing, reorganization, or sale of assets, information may be transferred as part of that transaction, subject to this Privacy Policy.
6. Data Retention
- Local content remains on your device until you delete it or the App.
- Cloud backups (Plus) are retained while your account exists. If your subscription lapses, we may retain your backed-up archive as a courtesy so it is available if you resubscribe; you can permanently remove it at any time by deleting your account.
- Shared moments are automatically deleted from sharing storage approximately 30 days after capture, and immediately upon your deletion or un-sharing of the moment. Removing a friend revokes their access promptly.
- Analytics and attribution data are retained according to our providers' standard retention schedules.
- Feedback records are retained as needed for support and product improvement; if you delete your account, feedback is disassociated from your identity.
- Account deletion (Section 8) permanently removes your cloud data.
7. Security
We use commercially reasonable safeguards designed to protect your information, including encryption in transit (TLS), private storage buckets with no public access, database row-level security scoping every record to its owner, short-lived signed URLs for media access, and secure on-device storage for authentication tokens. However, no method of transmission or storage is 100% secure, and we cannot and do not guarantee absolute security. You use the App at your own risk, and you are responsible for maintaining the security of your device.
8. Your Choices and Controls
- Delete your account. In the App: Me → Delete Account. This permanently deletes your cloud-stored videos, backups, shared moments, avatar, and account records from our systems. This action is irreversible. (Content stored only on your device is under your control and is removed by deleting the App or its data.)
- Location. Grant, deny, or revoke location permission at any time in system settings; choose the precision of the stored label (city/state/country) in the App.
- Sharing. Sharing is per-moment and off by default; you control the default toggle, can un-share within the 30-day window, and can remove friends at any time.
- Tracking (iOS). Decline the App Tracking Transparency prompt, or change it later in iOS Settings → Privacy & Security → Tracking. Declining does not limit any App feature.
- Notifications. All reminders are local and can be disabled in the App or system settings.
- Camera, microphone, photos. All controlled through system permissions; the App functions in a limited capacity without them.
9. Your Privacy Rights
Depending on where you live, you may have rights under applicable law — such as the EU/UK GDPR, the California Consumer Privacy Act (CCPA/CPRA), or similar state laws — including the right to access, correct, delete, or receive a copy of your personal information, the right to opt out of certain sharing, and the right not to be discriminated against for exercising your rights.
- Access and deletion are available directly in the App (your archive is visible in-app; deletion via Me → Delete Account). For other requests, contact us at the address in Section 14. We will verify your request using your account credentials and respond within the time required by applicable law.
- "Sale" / "sharing" (California). We do not sell personal information for money. The use of the Meta SDK for ad measurement may constitute "sharing" for cross-context behavioral advertising under the CPRA; you can opt out on iOS by declining or revoking App Tracking Transparency, or by contacting us.
- EU/UK users. Our legal bases are performance of contract (providing the App), legitimate interests (analytics, security, growth), and consent (location, tracking, sharing). You may withdraw consent at any time and have the right to lodge a complaint with your supervisory authority.
- Authorized agents may submit requests on your behalf where permitted by law, subject to verification.
10. International Data Transfers
We are based in the United States, and our service providers process data primarily in the United States. If you use the App from outside the U.S., you acknowledge that your information will be transferred to and processed in the U.S. and other jurisdictions that may have different data-protection laws than your own, and you consent to such transfer and processing.
11. Children's Privacy
The App is not directed to children under 13 (or the higher minimum age of digital consent in your jurisdiction), and we do not knowingly collect personal information from them. If you believe a child under the applicable age has provided us personal information, contact us at the address in Section 14 and we will delete it. The App deals with themes of mortality and carries a corresponding app-store age rating.
12. Third-Party Privacy Policies
Our service providers' handling of data is described in their own policies: Apple, Google, Supabase, Cloudflare, RevenueCat, PostHog, Meta, Resend, and Expo. We are not responsible for the practices of third parties.
13. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. When we do, we will revise the Effective Date above and post the updated policy. Material changes may also be communicated in the App. Your continued use of the App after an updated policy takes effect constitutes your acceptance of it.
14. Contact Us
For privacy questions or to exercise your rights:
ONE PT SIX LLC Email: legal@onelastsecond.com
By using One Last Second, you acknowledge that you have read and understood this Privacy Policy.
