Endlo.

Privacy Policy

Effective date: 16 July 2026

Endlo is operated by Lucian Vaduva, its sole developer, operator, and owner, referred to in this Privacy Policy as “Endlo”, “we”, “us”, or “our”.

This Privacy Policy explains what information is collected when you use the Endlo mobile application or visit Endlo’s website, how that information is used, and what choices and rights you have.

For privacy-related questions or requests, contact legal@endlo.app.

The short version. Endlo has no accounts and no login. We do not collect your name, email, phone number, contacts, or precise location. Your reading progress and reminder preference are stored only on your device. Endlo does not currently collect usage analytics. We do not sell data and we show no ads.

1. About Endlo

Endlo is a finite nightly discovery application. It presents a small collection of editorial content and allows you to progress through and complete each nightly edition. Endlo does not require you to create an account or provide your name, email address, phone number, or password.

2. Information we collect

2.1 On-device application data

To make the ritual work, Endlo stores the following only on your device (in the app’s local storage). It is not transmitted to our servers:

This data stays on your device and is removed when you clear the app’s storage or uninstall the app. The installation identifier is not connected to your name, email, telephone number, or other directly identifying information.

2.2 Analytics

Endlo does not currently collect usage analytics. The application includes Google’s Firebase SDK, but analytics auto-collection is disabled, so no usage or telemetry data is collected or sent to Google or to us. If we introduce analytics in the future, we will update this Privacy Policy and, where required by law, ask for your consent first.

2.3 Notifications

Endlo may ask for permission to display nightly reminders. Reminders are scheduled locally on your device. Your selected reminder time is stored on the device and used only to schedule these notifications. Endlo does not store remote push-notification tokens and sends no reminder data to our servers. You can disable notifications at any time through your device settings.

2.4 Content delivery

Each nightly edition and its images are fetched from our content backend (hosted on Supabase) when you open the app. As with any internet request, serving that content necessarily processes your device’s IP address and standard connection metadata. Endlo only reads published content from this backend; it does not write your personal data to it.

2.5 Communications with us

If you contact us by email, we may receive your email address, your name (if included), the content of your message, and anything you voluntarily provide. We use this to respond, provide support, investigate problems, and meet legal obligations. Please do not send sensitive personal information unless necessary.

2.6 Website information

When you visit Endlo’s website or legal pages, the hosting provider may automatically process standard technical information such as IP address, browser and device type, date and time of access, requested page, and security/server-log information. This is used to deliver the site, maintain security, prevent abuse, and diagnose technical problems.

3. Information we do not collect

Endlo does not require or intentionally collect: account credentials, full name, postal address, telephone number, precise GPS location, contacts, photos or videos, microphone recordings, health data, financial or payment-card information, private communications, or advertising-profile information. Endlo displays no third-party advertisements and uses no advertising identifiers.

4. How we use information

We do not sell personal information, and we do not use your activity for behavioural advertising.

5. Legal bases for processing

Where the GDPR or similar laws apply, we rely on one or more of these bases:

6. Service providers

We use a small number of providers that process information on our behalf:

We may also disclose information when required by law or a valid legal request; to investigate fraud, security incidents, or misuse; to protect the rights, safety, and property of Endlo, its users, or others; or as part of a merger, acquisition, or transfer of the application, subject to appropriate safeguards.

7. International data transfers

Our service providers may process information in countries outside Romania or the European Economic Area. Where required, such transfers are protected through appropriate legal safeguards, such as adequacy decisions, standard contractual clauses, or other recognised transfer mechanisms.

8. Data retention

On-device data (installation identifier, progress, reminder preference) remains until you clear the app’s storage or uninstall. Support communications are kept only as long as necessary to respond, maintain records, resolve disputes, and comply with legal obligations. We may retain aggregated or de-identified information that no longer identifies a device or individual.

9. Deletion requests

Because Endlo has no personal accounts and stores your application data only on your device, you can remove that data yourself at any time by clearing the app’s storage or uninstalling the app. As Endlo does not currently store your personal data on our servers, there is generally no server-side personal record to delete. If you have contacted us by email and would like that correspondence deleted, or have any other request, contact legal@endlo.app. We may retain limited information where required by law or to establish, exercise, or defend legal claims.

10. Your privacy rights

Depending on your location and applicable law, you may have the right to request access to, correction of, or deletion of personal information; to restrict or object to certain processing; to data portability; to withdraw consent; and to lodge a complaint with a data-protection authority. Users in Romania may contact the Romanian National Supervisory Authority for Personal Data Processing (ANSPDCP). To exercise your rights, contact legal@endlo.app. We may need to verify that a request relates to the person making it.

11. Security

We use reasonable technical and organisational measures to protect information against accidental loss and unauthorised access, alteration, disclosure, or destruction — including encrypted network communications, access controls, and restricted administrative access. No method of transmission or storage is completely secure, but because the app collects so little, the risk to you is low.

12. Children’s privacy

Endlo is intended for adults aged 18 and over and is not designed for children. We do not knowingly collect personal information from children. If you believe a child has provided personal information through Endlo, contact us so we can investigate and, where appropriate, delete it.

13. External sources and third-party links

Endlo links to original articles, publications, videos, museums, research organisations, and other third-party sources. When you open an external link, that third party’s privacy policy and terms apply. We do not control how third-party sites collect or use information; please review their practices before providing information.

14. Changes to this Privacy Policy

We may update this Privacy Policy when Endlo changes, when our service providers change, or when legal requirements change. The updated version will be published on this page with a revised effective date. Where a change materially affects your rights, we may also provide an in-app notice.

15. Contact

Endlo is operated by Lucian Vaduva, Romania. Email: legal@endlo.app.