Terms of use and Privacy Policy

Terms of Use

Effective Date: 2025-09-06

Introduction and Acceptance

These Terms of Use ("Terms") govern your use of Pillow Sleep Tracker and related services provided by Neybox Digital Ltd., a company registered in the Republic of Cyprus ("we", "us", "our").

By downloading, installing, or using Pillow, you agree to these Terms and our Privacy Policy. If you do not agree, please do not use Pillow. You may use Pillow without creating an account or providing any personal information. No registration is required.

Distribution of Pillow is subject to Apple's export compliance procedures. You may not use Pillow if you are in a jurisdiction where Apple does not make the App Store available or if you are prohibited by law from using the Application.

Intellectual Property Rights

All content in Pillow, including software, design, graphics, text, trademarks, and logos, belongs to Neybox Digital Ltd. or our licensors. You receive a limited, non-transferable license to use Pillow for personal, non-commercial purposes only.

You may not copy, modify, or distribute Pillow's code or content. You may not use our trademarks without written permission. You may not remove copyright or proprietary notices. You may not reverse engineer or attempt to extract source code.

Disclaimer of Warranty and Limitation of Liability

Pillow is not a medical device. It cannot diagnose, treat, cure, or prevent any sleep disorder or medical condition. Do not use Pillow for medical emergencies. Always consult qualified medical professionals before changing your sleep, exercise, medication, nutrition routine or any other aspect of your lifestyle.

Pillow is provided "as is" and "as available." We make no guarantees about continuous availability or functionality, accuracy or completeness of sleep analysis, suitability for your specific needs, or compatibility with all devices.

To the maximum extent permitted by law, Neybox Digital Ltd. will not be liable for any indirect, incidental, or consequential damages, loss of data, profits, or business opportunities, device damage or malfunction, or interruption of service or changes to features. Our total liability for any claim will not exceed the amount you paid for Pillow Premium in the 12 months before the claim arose. You agree to indemnify and hold harmless Neybox Digital Ltd. from any claims arising from your breach of these Terms or misuse of Pillow.

Acceptable Use

You may not use Pillow to violate any applicable laws or regulations, attempt to bypass or circumvent premium subscription requirements, or reverse engineer, decompile, or disassemble the Application except as permitted by law.

Pillow Premium Subscription

If you start a free trial, you will be automatically charged when the trial converts to a paid subscription unless you cancel at least 24 hours before the trial period ends.

All subscriptions are paid in advance through your Apple App Store account. Subscriptions automatically renew unless you turn off auto-renewal at least 24 hours before the current period ends. Renewal charges occur within 24 hours before the current period ends. Current subscription prices are displayed in the app and App Store.

You can manage subscriptions and auto-renewal in your Apple Account Settings. Cancellation takes effect at the end of the current billing period.There are no refunds for partial periods. Unused free trial portions are forfeited when you purchase a subscription.

Cancellation does not result in a refund. If you cancel your subscription, you will retain full access to the features included in the subscription until the end of the period that you purchased. To request a refund you must contact Apple. Apple handles all payment processing and refund decisions. Purchases are tied to your Apple ID. To access purchases on multiple devices or restore purchases, use the same Apple ID on each device. Purchases cannot be transferred between Apple IDs.

Pillow Premium subscriptions can be shared with family members through Apple Family Sharing. Family Sharing availability depends on your region and Apple ID settings and is subject to the limitations imposed by Apple.

Governing Law

These Terms are governed by the laws of the Republic of Cyprus, except where local law requires otherwise. Any disputes should first be addressed by contacting us at pillow@neybox.com.

Changes to Terms

We may update these Terms periodically. Significant changes will be notified through the app. Continued use after changes means acceptance of updated Terms.

How you can contact us

You may contact us via email at pillow@neybox.com. Our postal address is: Griva Digeni, 115, Trident Centre, 3101, Limassol, Cyprus

Privacy Policy

Who We Are

We are Neybox Digital Ltd., a company registered in the Republic of Cyprus. We develop and operate Pillow: Automatic Sleep Tracker ("Pillow"), an app that helps you understand and improve your sleep quality.

Summary of Key Points

You can use Pillow anonymously without providing name or email, as no registration is required. Your health data stays on your device. Your sleep tracking, audio recording data, personal preferences and configuration data also stays on your device except if you enable iCloud for data synchronisation between devices or backups. In this case, a copy of that data will be stored on your iCloud storage space. This space is only accessible by you. As developers we do not have access to this storage space.

For marketing analytics, we use randomly generated identifiers created fresh with each app installation - not persistent device IDs or IDFA. These random IDs cannot be linked across app reinstalls or devices, and we often cannot access them directly. Third-party services like Adjust may share these temporary, installation-specific IDs with advertising partners (Meta, Google) solely to measure campaign effectiveness. Since these are non-persistent, randomly generated IDs that reset on each install, they provide minimal tracking capability and maximum privacy protection by design. We do not sell your data.

What Data We Collect and What We Do Not Collect and How We Use that Data

What Data We Collect; and What We Do Not Collect; and How We Use that Data

What Data We Collect; What We Do Not Collect; and How We Use that Data

What Data We Collect and What We Do Not Collect and How We Use that Data

Core App Functionality - Sleep Tracking and Analysis (All On-Device)

Pillow analyzes your sleep using motion sensors, Apple Watch data, and optional audio recording but all processing happens entirely on your device. We never see, access any or the raw of generated data (sleep sessions, audio recordings, other sleep health related metrics)

This data exists only on your device and in your personal iCloud backup (if enabled). We have no access to it, and neither do our analytics providers. You control this data completely and can delete it anytime by removing the app or by deleting your iCloud data.

Technical Support with Health Data (Only When You Explicitly Share)

If you experience issues with Pillow, you can choose to share your sleep data, audio recordings, or Apple Health data with our support team to help diagnose and resolve problems. This sharing is completely voluntary and only happens when you explicitly select the option to include this data in your support request. We use this data solely to investigate your specific issue and improve Pillow's functionality.

Service Improvement
Third-party services collect anonymous usage data, device identifiers, and optional profile information (age, sex, sleep disorder if you provide them) to help us fix bugs, improve features, and understand how Pillow is used. This never includes your actual sleep data, health metrics, or audio recordings.

Marketing Analytics
We use Adjust to share pseudonymous device IDs with Meta and Google. This helps us understand which advertising campaigns bring users to Pillow. We never share health data, sleep data, audio recordings, or profile information for marketing purposes.

Newsletter
If you subscribe to our newsletter, we use your email to send sleep tips and product updates.

Third-Party Processors and Transfers
We work with these service providers who process data on our behalf:

Apple iCloud provides optional backup services and may store encrypted sleep data if enabled, with servers located in USA and EU. When you submit feedback or report issues through the app, anonymous diagnostic information is stored in Apple's CloudKit infrastructure. This data contains no personal identifiers and cannot be linked to you.

We use Mixpanel to understand how Pillow is used and improve the app experience. Mixpanel receives a randomly generated ID that resets when you reinstall the app, along with information about which app features you use, your subscription status, and basic device information like model and iOS version. If you choose to provide it, Mixpanel may also receive optional profile information such as age, gender, or whether you have a sleep disorder, but this is always linked only to your random ID, never to your name or email. Mixpanel never receives any of your sleep data, health data, or audio recordings. They process this information under appropriate data protection safeguards.

We use RevenueCat to process in-app purchases and manage subscriptions. RevenueCat receives purchase receipts and a randomly generated ID that is created on your device. This ID may sync across your devices through your iCloud Keychain to facilitate purchase restoration, but it cannot be used to identify you personally. RevenueCat does not receive your name, email address, or any health data. They process this information in the United States under appropriate data protection safeguards.

We use Sentry to monitor app crashes, fix errors, and improve Pillow's reliability. When an error or performance issue occurs, Sentry receives diagnostic information including error messages, crash logs, device model, iOS version, app version, and a randomly generated ID that resets when you reinstall the app. Sentry never receives your name, email, or any health data. They process this information in the United States under appropriate data protection safeguards.

We use Statsig to test new features and analyze how Pillow is used to improve functionality and user experience. When you interact with the app, Statsig receives usage data including app events, feature engagement metrics, and a randomly generated ID that resets when you reinstall the app. Statsig never receives your name, email, or any health data. They process this information in the United States under appropriate data protection safeguards.

We use Adjust to help understand app usage and attribute engagement, while maintaining user anonymity. The only data transmitted are randomly created IDs (randomly generated per installation and resets on every install) and event metadata. Without the advertising identifier (IDFA), this data cannot be used to track or identify users. The random identifiers reset on every reinstall and cannot be linked to you or used for targeted advertising. Pillow’s Adjust integration uses global data residency by default, meaning data may be processed and stored across Adjust’s worldwide infrastructure rather than within a specific region. This setup may result in your anonymized usage data crossing national or regional borders, subject to the data protection and privacy laws of multiple jurisdictions. Adjust aggregates raw data so that it cannot be traced back to individual users after processing. We configure Adjust to align with applicable privacy laws, such as GDPR, by limiting retention and collecting only necessary event data. We configure Adjust to comply with applicable privacy laws by setting appropriate data retention and consent parameters.

We use Meta’s advertising networks (Facebook, Instagram, and Audience Network) to show ads and measure their effectiveness. Pillow does not include Meta’s SDK or send data directly to Meta from the app. Instead, any ad attribution or performance measurement occurs through our analytics provider Adjust, which communicates with Meta. Meta Receives data from Adjust and Apple (not from Pillow’s app) such as install/open signals and limited campaign performance data necessary for attribution/measurement according to the Meta–Adjust integration. Where applicable, attribution may also rely on platform-provided frameworks such as Apple’s SKAdNetwork and/or aggregated measurement features offered by Meta. Pillow does not transmit your name, email, or other directly identifying personal, sleep, audio or health data to Meta from the app. Attribution data is relayed indirectly via Adjust, and consists only of the limited signals needed for ad measurement as described above. Meta may process this information in their global infrastructure, which may include countries outside your region. When data is transferred internationally, appropriate safeguards such as Standard Contractual Clauses are in place.

We use Google Ads to run and measure advertising campaigns for Pillow. Pillow does not include Google’s advertising SDK and does not send data directly from the app to Google. Instead, any ad attribution or performance measurement occurs through our analytics provider Adjust, which integrates with Google Ads. Google Receives data from Adjust (not from the Pillow app) and Apple such as install/open signals and limited campaign performance data needed for attribution/optimization under the Adjust/Google Ads integration (for example, session and post-install events; on iOS, SKAdNetwork postbacks may also be used). Pillow does not transmit names, emails, or other directly identifying personal, sleep, audio or health data to Google from the app. Attribution data is relayed indirectly via Adjust and is limited to what is necessary for ad measurement as described above. Google may process this information in their global infrastructure, which may include countries outside your region. When data is transferred internationally, appropriate safeguards such as Standard Contractual Clauses are in place.

We use Intercom to provide customer messaging and support outside the Pillow app, such as through our website and help channels. When you contact us through Intercom, the information you choose to share, such as your name, email address, and the content of your messages, along with standard technical details like your device type and browser, is sent to Intercom. All Pillow-related Intercom data is hosted in the United States using Amazon Web Services. Intercom acts as our data processor under a GDPR-compliant Data Processing Addendum, and processes information solely according to our instructions. We also use Intercom’s Fin AI feature to help provide automated responses to some support requests. This means that conversation content may be processed by automated systems to generate replies and assist our support team. Intercom applies industry-standard security measures, including encryption of data in transit and at rest, strict access controls, and the use of Standard Contractual Clauses for international transfers when required by law. Visitor conversation data is retained for as long as necessary to provide support and may be deleted upon request in accordance with applicable privacy laws. You can contact us at any time to request access to, correction of, or deletion of your data processed through Intercom.

We use MailerLite to send newsletters and product updates if you choose to subscribe. When you sign up, MailerLite receives your email address, subscription preferences, and basic engagement data such as whether you opened an email. You can unsubscribe at any time using the link in any newsletter. MailerLite stores this information primarily in the European Union under appropriate data protection safeguards.

Newsletter
If you subscribe to our newsletter, we use your email to send sleep tips and product updates.

Third-Party Processors and Transfers
We work with these service providers who process data on our behalf:

Newsletter
If you subscribe to our newsletter, we use your email to send sleep tips and product updates.

Third-Party Processors and Transfers
We work with these service providers who process data on our behalf:

Children’s Privacy

Pillow is intended for users aged 18 and above. We do not knowingly collect or process information from individuals under 18 years of age. Because age is optional and when provided must be 18 or above, Pillow does not implement children's privacy protections or parental consent mechanisms.

If we learn that we have collected personal information from a child under the applicable age without parental consent, we will delete any information within our control as quickly as possible. Since Pillow does not require registration or user accounts, most data is stored locally on your device or in your personal iCloud account, which we cannot access or delete. Parents or guardians who believe their child under the required age is using Pillow should delete the app from the child's device and cancel any premium subscriptions through their Apple App Store account settings.

If a parent or guardian believes someone under 18 is using Pillow, please contact us at pillow@neybox.com and remove the app from the device.

Your Rights and How to Exercise Them

Control Your On-Device Data
Since your sleep and health data never leaves your device, you have complete control through iOS: Disable audio recording by choosing a tracking mode without audio. Manage Apple Health access in iOS Settings or the Health app. Control iCloud sync in Pillow's settings. Delete all data using "Delete All Data" in Pillow settings. Export your data using Pillow's export feature.

Your Privacy Rights
For the limited analytics data our processors collect (tied to random IDs that reset on reinstall), you have the right to request information about what data exists, though we cannot identify your specific records without your random ID. You can request deletion of any data associated with your email if you contacted support or subscribed to our newsletter. For EU residents, you have the right to lodge a complaint with your local data protection authority. California residents have the right to know what personal information we collect and can request deletion.

To exercise these rights, contact us at pillow@neybox.com. Since most data is either on your device or tied to anonymous IDs, the most effective privacy control is simply deleting and reinstalling the app, which resets all tracking identifiers.

Security Measures

Third-Party Service Selection:
We only work with established service providers that implement industry-standard security measures including encryption, access controls, and regular security audits.

Data Minimization:
We share only the minimum data necessary with each service. Health data is never shared with analytics or marketing services.

Secure Transmission:
All data sent from your device to our third-party services is encrypted in transit using industry-standard protocols.

Support Data Handling:
When you explicitly share health data for support purposes, it is accessed only by authorized support staff, used only for resolving your issue.

Pseudonymization:
All analytics services receive only random identifiers that change when you reinstall the app, preventing long-term tracking.

Changes to This Policy

We may update this Privacy Policy periodically. Significant changes will be notified through the app. We will never change our handling of health data without your explicit consent.

Data Retention

As we use specialized services, retention varies by provider.

Intercom:
When you use in-app support without providing an email, your conversations are handled through Intercom's visitor system. While Intercom deletes visitor records after 9 months of inactivity, the conversations themselves persist in their system. Because these conversations are anonymous and the visitor record is deleted, we cannot identify or delete specific conversations upon request. Support requests through our website where you provide an email are retained in Intercom's system. These can be deleted upon request as they remain identifiable.

Mailerlite:
For newsletter subscriptions, we use MailerLite (UAB “MailerLite”, Lithuania) as our email marketing service provider. Your email address and any related subscription preferences are stored on MailerLite’s servers and are retained until you unsubscribe or request deletion, after which they are removed from our active mailing lists. MailerLite deletes subscriber data from their systems within 30 days of a deletion request, subject to any legal obligations to retain the data.

While we cannot always control retention directly, we commit to process deletion requests with all providers within 30 days, regularly review and minimize retention where possible and be transparent about limitations.

Since Pillow operates without accounts or persistent identifiers, we cannot verify user identity or link data to specific individuals. This protects your privacy but means we cannot provide access to or delete anonymous data.

Your Health Data Stays Private

All sleep tracking, health metrics, and audio analysis occur exclusively on your device. We never receive, access, or process your health data. We don’t have servers collecting health data and we don’t transmit health data to any third party. We cannot sell, share, or disclose health data because we never have it. This local-only processing is fundamental to Pillow's privacy-by-design architecture.