Privacy Policy

Last updated: April 13, 2026

Summary

Stilla does not collect, store, or transmit your personal data to any server. All your data stays on your device.

Data We Do NOT Collect

• We do not see which apps you use
• We do not track your screen time on our servers
• We do not collect your journal entries, craving logs, or mood data
• We do not use analytics or tracking SDKs
• We do not sell any data to third parties

Data Stored On Your Device

Stilla stores the following data locally on your device only:

• Your app selection (which apps to monitor/block)
• Usage statistics (provided by Apple Screen Time API / Android UsageStats)
• Journal entries and mood check-ins
• Craving logs (triggers, intensity, interventions used)
• Onboarding answers (your self-reported worst-time window, primary trigger, preferred intervention) — used to seed the on-device model with a useful day-one starting point
• ML model state — Bayesian probability tables derived from your cravings and journal
• Prediction & insight logs — for our "How accurate is Stilla?" transparency page, tracking whether predictions matched reality and whether insights preceded a resist
• A/B experiment cohort — a single letter (A or B) assigned randomly at first launch, used only locally to allow future in-app experiments to slice results cleanly; no cohort data ever leaves your device
• Settings and preferences

This data is stored using your device's secure storage and is never transmitted to our servers or any third party.

On-Device ML Model

Stilla uses a small statistical model (Bayesian probability tables) to predict high-risk hours and surface personalized insights. The model runs entirely on your device. It starts from research priors (Hasenkamp et al., 2022) and gradually shifts to your own logged data as you use the app. There are no neural networks, no cloud inference, and no outgoing network calls related to ML. The model's inputs and outputs can be audited from inside the app under Settings → How accurate is Stilla?

You Can Reset Everything

Settings → Reset → Reset data lets you clear individual data slices (craving history, journal, or ML model state) or wipe everything in one action. All resets are local — nothing is synced or uploaded. Uninstalling the app also removes all stored data.

Screen Time API

On iOS, Stilla uses Apple's Screen Time API (FamilyControls, DeviceActivity, ManagedSettings). Apple processes usage data on-device. We cannot access raw usage data — the system provides only aggregated, anonymized activity reports within the app.

On Android, Stilla uses the UsageStats API with your explicit permission. Usage data is read locally and never transmitted.

Subscriptions

If you subscribe to Stilla Premium, your payment is processed by Apple (App Store) or Google (Play Store). We use RevenueCat to manage subscription status. RevenueCat receives only an anonymous user ID and subscription status — no personal information, usage data, or app data.

DNS Blocking

When DNS blocking is enabled, Stilla creates a local VPN configuration on your device to filter DNS queries. No network traffic leaves your device through our service — blocked domains are resolved locally to 0.0.0.0. We do not operate any external VPN servers.

Children's Privacy

Stilla is not directed at children under 13. We do not knowingly collect data from children.

Changes

We may update this policy. Changes will be posted on this page with an updated date.

Contact

Questions? Email support@stillaa.net