Privacy Policy

Effective date: April 17, 2026  |  Last updated: May 13, 2026

Thank you for using StillFocus (“App”), package name com.stillfocus.yesaa. We respect your privacy. This Privacy Policy explains how we handle your information and is designed to comply with Google Play requirements and applicable privacy laws in the United States, the European Union/EEA, the United Kingdom, and other regions where the app may be available.

For the purposes of this Privacy Policy:

1. Information we collect

1.1 Information we do not ask you to submit

StillFocus does not require registration or login. We do not ask you for your name, email, phone number, or postal address for core timer and task features.

1.2 Local app data (on your device)

To provide tasks, focus sessions, statistics, favorites, and in-app preferences, the Application stores related data locally on your device (for example task titles, session history, streaks, sound and UI preferences, and similar data) using local app storage (including Jetpack DataStore, Room, or SharedPreferences where applicable). This data is used to restore your session and is not uploaded to our own servers by the Application for the features described in this version.

Except for the single internal statistic request described in Section 1.5, task content, session records, and similar local feature data are not uploaded to our own servers.

1.3 Advertising-related data (TopOn and ad networks)

The Application integrates the TopOn SDK and multiple third-party advertising networks to show ads (such as interstitial and rewarded ads). Those partners may process data for ad delivery, measurement, fraud prevention, and optimization, which may include:

These Service Providers process data under their own privacy policies. We recommend reviewing their policies to understand their practices.

1.4 Transmission security (ads)

Communications between the Application and TopOn, and between TopOn and its partners, normally use industry-standard HTTPS/TLS encryption to protect data in transit. No method of transmission over the Internet is 100% secure.

1.5 First open after install (internal statistics only)

After you install the Application and open it for the first time, the Application sends one lightweight HTTPS POST to:

https://www.aiabn.space/api/stat/report?appCode=stillfocus

The body is minimal JSON ({}) with Content-Type: application/json. The Application does not add custom HTTP headers that carry your app version, device model, operating-system version, advertising ID, or task or session data—only the JSON body (and the minimal headers the HTTP client needs to send that body, such as Content-Type) are sent. It is only for our internal count of installs or first opens. Under normal use it runs once per install (first Application process start), before the TopOn GDPR / consent UI if that UI is shown on that start, and does not depend on login (there is none), advertising consent completion, or TopOn initialization. The call is asynchronous; success or failure does not affect using the App or ads. Clearing app storage or reinstalling may cause this one-time request to be attempted again because the on-device “already sent” flag is reset.

Like any HTTPS request, the server may still receive ordinary connection-layer metadata (for example IP address and TLS-related signals). Align your Google Play Data safety answers with what you declare for this endpoint.

2. How we use information

We use locally stored app data solely to operate focus, task, and related features on your device.

We use the first-open request described in Section 1.5 solely for internal install / first-open statistics and not for identifying individuals.

We rely on TopOn and advertising partners to show ads and measure ad performance. Their processing is described in their policies and in Section 5 of this Privacy Policy.

We do not sell your personal data. Where advertising partners process identifiers or usage data that may be considered personal data under applicable law, their processing is governed by their policies and your device and platform settings.

3. Data storage and retention

Locally stored app data remains on your device until you clear app data or uninstall the Application, unless your device backup/restore copies it according to your OS or account settings.

Advertising partners may retain ad-related data according to their own retention schedules (often months to up to approximately 24 months, then deletion or anonymization, depending on the partner).

4. Permissions (our manifest and merged SDK manifest)

The final installed APK/AAB merges permissions from StillFocus’s own AndroidManifest.xml with those contributed by TopOn and integrated advertising SDKs (Section 5). Labels on your device may differ slightly by OEM or Android version; the authoritative list is under Settings → Apps → StillFocus → Permissions. We do not enable precise/coarse location or legacy external storage write permissions in our manifest (those lines remain commented).

4.1 Declared in our own AndroidManifest.xml

These are the uses-permission entries we actively declare and enable (not commented out) in our project:

4.2 Additional permissions commonly merged from third-party SDKs

Depending on SDK version and build variant, the merged manifest may also include permissions such as the following. They are listed for transparency; not every build or device will surface every item in Settings. Typical purposes are summarized; see each partner’s policy for detail.

If a merged permission is not granted at runtime (where Android requires runtime consent), affected SDK features may be limited. Your Google Play Data safety section should align with actual data collected or shared, which may depend on these SDKs—not only the three permissions in Section 4.1.

5. Third-party services: TopOn SDK and integrated advertising SDKs

The Application integrates TopOn (TPN / Anythink) mediation and the following advertising-related components (versions may change between releases; see your installed build or store listing for details):

Supporting Google Play services libraries may also be present (for example components used with advertising identifiers or related APIs).

5.1 Privacy policy links (third parties)

PartnerPrivacy policy (URL)
TopOnhttps://www.toponad.net/en/privacy-policy
Vunglehttps://vungle.com/privacy/
Unityhttps://unity.com/legal/game-player-and-app-user-privacy-policy
ironSourcehttps://developers.is.com/ironsource-mobile/air/ironsource-mobile-privacy-policy/
BIGO Adshttps://forbusiness.bigo.sg/privacy
Panglehttps://www.pangleglobal.com/policy-center
Meta (Facebook)https://www.facebook.com/privacy/policy
InMobihttps://www.inmobi.com/privacy-policy/
AppLovinhttps://legal.applovin.com/privacy/
Mintegralhttps://www.mintegral.com/en/privacy/
Kwaihttps://www.kwai.com/legal?id=privacy_policy
Chartboosthttps://docs.chartboost.com/en/legal/privacy-policy/
Yandexhttps://yandex.com/legal/confidential/
Fyberhttps://www.fyber.com/privacy-policy/

For SmartDigiMktTech / Tramini and other TopOn companion components, also refer to TopOn documentation and the TopOn privacy policy above.

5.2 EEA/UK users (consent and SDK initialization) — how the current build behaves

Depending on your region, advertising SDKs may require a lawful basis such as consent before processing certain data for personalized advertising. In the current build:

The first-open install statistic in Section 1.5 is intended to run once per install on the first Application process start, before any TopOn consent UI if shown on that start; it does not depend on advertising consent completion and is not blocked by the advertising consent flow.

We encourage users in the EU/EEA/UK to use system ad privacy controls (for example reset advertising ID, limit ad personalization). Whether an additional certified consent platform (CMP) is required for your use case is governed by current Google and local rules—verify against the latest official guidance.

6. Children’s privacy

The app is not directed at children under 13 (or under 16 in the EEA/UK where applicable). We do not knowingly collect personal data from children for our own independent profiling. Advertising partners may have their own age-related rules and controls. If you believe we have inadvertently collected such data, please contact us at yesaatechnologies1990@gmail.com and we will address it promptly.

7. Data security

We take reasonable technical and organizational measures to protect information. Local app data stays primarily on your device. Ad-related transmissions normally use HTTPS/TLS as described above. No method of storage or transmission is 100% secure.

8. International data transfers

Advertising partners may process data in countries other than your own. Their practices are described in their privacy policies. Where required by law, they may rely on appropriate safeguards for international transfers.

9. Your rights by region

Depending on where you live, you may have rights to access, correct, delete, restrict, or object to processing, to data portability, and to withdraw consent where processing is based on consent. You may also have the right to opt out of certain “sales” or “sharing” of personal information under US state laws, where applicable.

Because advertising partners may process identifiers or usage data that can be personal data in some jurisdictions, you can also exercise controls through your device (for example reset advertising ID, opt out of ads personalization) and through partner policies linked in Section 5.

For requests to us regarding this Privacy Policy, contact yesaatechnologies1990@gmail.com.

9.1 Deletion of your personal data (and limits)

Depending on applicable law, you may have the right to request deletion of personal data we hold about you, subject to the limits below.

No in-app accounts: StillFocus does not offer registration or login. There is no user account to cancel. Please describe your request clearly (for example, data related to our first-open statistic in Section 1.5) rather than using “account closure” wording.

How to contact us: Email yesaatechnologies1990@gmail.com with a clear subject line (for example, “StillFocus – data deletion request”). Where we control the data and deletion is technically feasible and lawful, we aim to complete appropriate steps within approximately 30 days, unless a longer period is required by law or legitimate dispute resolution.

Data stored on your device: Local data described in Section 1.2 can be removed by clearing app data or uninstalling the Application.

Advertising ID and ad partners: You can reset or limit the Google advertising ID and ad personalization in your device settings (paths vary by OEM/Android version). That reduces linkage of future ad activity to the previous identifier for TopOn and partners, but it does not erase historical records already held by third-party networks; they process data under their policies (Section 5).

TopOn and other independent controllers: For data processed primarily by TopOn or another advertising partner, you may need to exercise rights directly with that partner using its privacy policy and tools. Our email address is for the Company’s own practices and data we control (for example, reasonable requests regarding our first-open statistic endpoint in Section 1.5, where applicable and technically feasible).

What we may retain: We may keep information where law requires it, for dispute resolution or to protect legal rights, or where information is already aggregated or anonymized so that it can no longer reasonably identify you.

Third-party retention: Advertising partners may retain ad-related data according to their schedules (often on the order of months to up to approximately 24 months, then deletion or anonymization, depending on the partner). A request to us does not automatically delete copies held by third parties.

Withdrawing consent (where applicable): You may use device settings (advertising ID, app permissions such as network access where applicable), TopOn’s GDPR/consent UI when it is shown, and email to the address above. Withdrawing consent or limiting identifiers may affect ads personalization or measurement; core timer and task features may remain usable depending on your choices and connectivity.

This Application does not use an in-app account system, in-app WebView–based login, or cookies for the features described in this Policy; deletion lists referring to “passwords,” “WebView session tokens,” or similar items do not apply to the current store build.

9.2 European Union (EU) / European Economic Area (EEA) / United Kingdom (UK) — GDPR / UK GDPR

You may have the rights described above and the right to lodge a complaint with a supervisory authority. Contact us at yesaatechnologies1990@gmail.com for questions.

9.3 United States — California (CCPA / CPRA)

California residents may have additional rights regarding personal information. We do not “sell” personal information in the traditional sense; some sharing of identifiers for cross-context behavioral advertising may be treated as “sharing” under California law—use device opt-outs and partner controls where available.

9.4 Other US states / Brazil / other regions

Similar rights may apply under local laws. Contact us at yesaatechnologies1990@gmail.com for requests or questions.

10. Changes to this policy

We may update this Privacy Policy from time to time. We will change the “Last updated” date at the top and, where appropriate, notify you through the app or the store listing. Your continued use of the app after changes constitutes acceptance of the updated policy where permitted by law.

11. Governing law

This policy is governed by the laws of the jurisdiction in which Yesaa Technologies is established, without prejudice to any mandatory rights you have under the laws of your country of residence (including in the EEA, UK, or US states).

12. Contact us

For any questions, requests, or complaints about this Privacy Policy or our handling of your information:

Email: yesaatechnologies1990@gmail.com

We will respond within a reasonable time.


This document describes StillFocus’s practices for the current store build (package com.stillfocus.yesaa). If anything conflicts with mandatory law or store rules, the law and store rules prevail.