Privacy Policy

Privacy Policy for Doctor Iota Applications

Effective date: 2026-05-06

This Privacy Policy explains what information Doctor Iota's applications ("our apps", "our services", "we", "us") process when you use them, why we process it, and the choices you have. We design for privacy and collect only what is necessary to provide the experience described in each app's documentation.

If you have questions or requests, contact: dr2iota@gmail.com.

What our applications do

We create applications focused on mathematical art, education, and recreation. Our apps are designed to be interactive and educational. Examples include:

• Fantastic Fractals: An interactive fractal explorer (e.g., Mandelbrot, Julia, Newton) with real‑time pan/zoom, color palettes, and share‑by‑link.
• Triangular Geometry: An interactive geometry playground for exploring triangles, their properties, and animated proofs.

In the future, we may add optional user accounts and multi‑user experiences (e.g., shared sessions or games) to our apps. We will continue to follow a strict data‑minimization approach across all our services.

Our apps are distributed in multiple forms:

• Native installations (mobile / desktop): available today as preview / release builds, typically kept somewhat behind the latest web version. Once installed, run entirely on your device with no ongoing network calls beyond features you explicitly invoke (e.g., share‑by‑link).
• Web version: today, our most up‑to‑date deployed form. Served from our hosting provider over HTTPS, then runs in your browser. Standard web‑server logs may be retained by the hosting layer.

Today, no version contains ads, third‑party trackers, or analytics of our own. Going forward, paid editions (planned for native installations) will remain ad‑free by design; free distributions (native and web) may include third‑party ads in the future, with the data practices summarized in the Analytics and ads section below.

Summary

• We do not sell your data, serve targeted ads of our own, or share personal information with third parties for their own marketing.
• Our apps are fully functional without an account. Native installations, once installed, run entirely on your device. The web version is loaded from our hosting provider and then runs in your browser, with no ongoing API calls of our own.
• We store settings locally on your device (e.g., theme setting and user-customized color schemes). In the future, we may also save language and speaker settings. Share links encode view parameters in the URL.
• We do not currently run any analytics. Free distributions (native and web) may include third-party ads in the future; ad networks have their own data practices (see Analytics and ads). Paid native installations (planned) will remain ad-free.
• We do not set our own cookies. Where ads ship in the future, the ad provider may set cookies governed by its own privacy policy.

Information we process

Today, we process no personal information of our own. Native installations run entirely on your device once installed. The web version is loaded from our hosting provider, then runs in your browser. The subsections below describe what is stored locally and what is processed automatically across these forms.

Information stored on your device

• App preferences and parameters: When you adjust controls (e.g., theme, color schemes), that information is stored locally in the app or in your browser for the web version. This information is not transmitted to us. URLs you choose to share in the web version may contain parameters that describe the view.
• Optional feedback or support messages: If you contact us via email, we will receive the information you include in your message.

Information processed automatically

What is processed automatically depends on how you use the app:

• Native installations (mobile / desktop, available today as preview builds): Once installed, run entirely on your device. No third-party scripts, no analytics, no ongoing network calls of our own. Today's builds contain no ads; free editions may include third-party ads in future releases (see Analytics and ads), while paid editions (planned) will not.
• Web version (today): Delivered as static files from our hosting provider over HTTPS. The hosting infrastructure may retain standard web-server logs (IP address, request URL, timestamp, User-Agent) for delivery and abuse-prevention purposes; we do not currently use this data for analytics. Once loaded, the app runs in your browser and we make no further API calls of our own. May include third-party ads in the future; see Analytics and ads.

Our apps may read device/runtime capabilities (e.g., WebGL features) locally to adapt rendering. This information stays on-device.

We use your device's or browser's local storage to save your settings; this data is not transmitted to us.

Future features (accounts and multiplayer)

If we introduce accounts or multi‑user experiences in any of our apps, we will process only the minimum data required. These features would require a server connection.

• Account identifiers: For example, an email address or an OAuth provider identifier, plus authentication tokens. We will not request profile details beyond what is necessary to authenticate and provide the service.
• Display name (optional): If shown to other users in multiplayer contexts.
• Personal sync (preferences, history, saved views): if you sign in, the app may store your preferences, in-app history, and saved views on our servers so they follow you across devices. This data exists to serve you; we do not analyze account contents for advertising, profiling, or sale.
• Session and game/fractal state: Parameters needed to synchronize a shared session (e.g., current view, room/session IDs). This may be visible to other participants you explicitly join.
• Moderation/anti‑abuse signals: Minimal metadata strictly needed to keep the service safe (e.g., rate limiting data, rule violations where applicable).
• Basic service logs: Our hosting and security systems may log standard metadata such as IP address, request headers, timestamps, error details, and basic performance metrics. This is used for operations (e.g., troubleshooting, abuse prevention) and kept for a limited retention period.

We will update this policy and, where required, request consent before launching such features.

How we use information

• Provide and improve our apps, including rendering, performance, and reliability.
• Offer requested features such as share‑by‑link; links may contain parameters that reveal your current view/choices to anyone with the link.
• Communicate with you about our apps if you reach out to us.

Legal bases (EEA/UK users)

Where applicable, we rely on the following legal bases:

• Performance of a contract: To provide our apps and requested features.
• Legitimate interests: For security, fraud prevention, and service reliability (applicable if we introduce server-side features).
• Consent: Where required (e.g., third-party ad cookies in ad-supported tiers, or new server-side features). You can withdraw consent at any time.

Analytics and ads

Our own analytics. We do not currently run any analytics, and we have no plans to introduce user-tracking analytics. We may aggregate anonymous infrastructure signals (e.g., daily request counts, error rates) for capacity planning and reliability; these are not tied to identifiable users.

Third-party ads (future, ad-supported tiers). Free distributions of native apps and the web version may, in the future, include display ads served by third-party ad networks. These networks load their own scripts, may set cookies or browser local storage, and may collect data such as IP, User-Agent, ad interactions, approximate location, and inferred interests. Their handling is governed by their own privacy policies; the active provider(s) and links to those policies will be disclosed at the point ads are shown. Where required by law (e.g., EEA/UK), we will obtain consent before ad scripts load, and you can withdraw consent at any time. Paid native installations contain no ads and load no third-party ad scripts.

Data sharing

We do not sell personal data. We share data with third parties only as follows:

• Hosting provider (web version): standard web-server delivery; the provider may retain access logs as described above.
• Third-party ad networks (future, ad-supported tiers only): when ads ship, the active ad provider receives data per its own privacy policy. Paid native installations are ad-free and share no data with ad networks.
• Service providers (future server-side features): e.g., error logging, under agreements that restrict their use of data to our instructions.
• Legal and safety: If required by law or to protect the rights, property, or safety of users or the public.

Data retention

• Local preferences: Stored on your device until you clear them.
• Server logs/diagnostics (future): If we introduce server features, logs will be retained only as long as necessary for operations and security, then deleted or anonymized.
• Account and multiplayer data (future): Retained for as long as your account or session is active and for a reasonable period thereafter for backup, security, or legal compliance.

International transfers

Currently, we do not transfer user data across borders — we collect none of our own. If we introduce server-based features in the future that involve transferring user data across borders, we will use appropriate safeguards (e.g., Standard Contractual Clauses) where required by law.

Your rights

Depending on your location, you may have rights to access, correct, delete, or export your information, and to object to or restrict certain processing. As we do not currently hold any of your personal information, these rights are not applicable at this time. To exercise these rights in relation to future services or for any privacy-related questions, contact us using the details above. We will honor these requests as required by applicable law.

Children, schools, and education contexts

COPPA (United States, under 13)

Our applications are not directed to children under 13 (or the minimum age required by your jurisdiction), and we do not knowingly collect personal information from children under 13. In today's form, the native and web versions collect no personal information at all — no accounts, no analytics of our own, no third-party trackers — so the COPPA collection trigger is not met.

If we introduce features that would collect personal information (e.g., accounts, multiplayer rooms, classroom mode), we will either verify users are 13 or older at sign-up, or, where features are expressly directed to under-13 users, obtain verifiable parental consent as required by COPPA before enabling those features for that account. We will not enable child-directed features by default.

If you believe a child under 13 has provided personal data to us, contact us at dr2iota@gmail.com and we will delete it.

FERPA (United States schools)

We are not, by default, a "school official" with a legitimate educational interest under FERPA — schools do not need to give us access to student education records to use our apps as they ship today. The apps run locally (native) or in the browser (web) and do not require accounts.

If a school adopts a future classroom feature that involves processing student records on our behalf (e.g., per-class progress tracking, teacher-led sessions tied to student rosters), we will operate as a school official under the school's direct control, under a written data-handling agreement, and only for the educational purposes the school authorizes. We will not use student records for advertising, profiling, or sale.

What to evaluate

For schools or districts evaluating our apps:

• Today's apps (native and web) do not require accounts, do not collect personal information, and ship without third-party analytics. The web version is delivered through standard hosting logs (IP, User-Agent, request URL, timestamp) retained briefly for delivery and abuse prevention.
• Future classroom features will be opt-in per school and governed by a written data-handling agreement; details will be disclosed before activation.
• Free editions may add third-party ad networks in the future (see Analytics and ads). Paid native installations will remain ad-free; we recommend paid editions for classroom use to avoid third-party ad-network data practices entirely.

Schools or parents with questions: dr2iota@gmail.com.

Security

We use reasonable administrative, technical, and organizational measures to protect information. Our apps are designed to be secure by default, with minimal privileges. Native installations do not require ongoing internet access to function once installed; the web version requires loading from our hosting provider but does not contact our servers thereafter. Any external links are opened in your device's default browser, not within the application itself. No system is 100% secure; we encourage you to use current software and secure your devices.

Changes to this policy

We may update this policy to reflect changes in our apps or law. We will post the updated version here and revise the effective date. Material changes will be highlighted within the relevant app(s) where appropriate.

Contact

Questions or requests: dr2iota@gmail.com