Privacy Policy

Last updated: May 14, 2026

Flipped is a Mac desktop application that helps you reduce phone distraction by temporarily hiding apps and blocking distracting websites on your iPhone. To do this, the Mac app supervises your iPhone via USB and our server sends restriction profiles to your iPhone over Apple's Push Notification service.

By installing Flipped you agree to this privacy policy and to having your iPhone managed (a standard iOS feature called Mobile Device Management) while Flipped is active. You can remove this management at any time — see the Device Management Disclosure section below.

What we collect

From your Flipped account

• Email address — to identify you, send a 6-digit sign-in code when you log in, and send account-related notices (security alerts, billing receipts if you're on a paid plan).
• Sign-in codes — when you sign in via Mac or web, we email you a 6-digit code that's valid for 10 minutes. We store these as SHA-256 hashes; they're consumed on first use and never reused.
• Session tokens — short-lived JWTs we issue after you sign in, so the Mac and web can talk to our backend without re-prompting for a code every time. Stored on your device; refresh tokens are stored on our server only as SHA-256 hashes.
• Active profile and "Always allow" bundle list — your selected block profile (which apps go away during a flip) and any per-app exceptions you've added. We store these against your account so they follow you across Mac reinstalls and so the web flip page (useflipped.com/flip) honours your customizations.
• Account timestamps — when you created your account, signed in, and triggered sessions.

From your iPhone (via MDM)

• Unique Device Identifier (UDID) — Apple's iPhone-unique ID, required by iOS for MDM enrollment.
• Device serial, model, iOS version — for compatibility.
• APNs push token + push magic — tokens Apple issues that let us send MDM commands. These can only be used to deliver MDM commands, not to read your personal data.
• App classifications you choose — which apps you've decided to block, allow, or toggle per session.
• Session history — which focus modes you've started, when, and when they ended.

What we do NOT collect

• Contents of anything on your iPhone (photos, messages, files, browsing history, location). MDM restricts apps and URLs — it cannot read their contents.
• Keystrokes, screen contents, microphone or camera data.
• Any data from apps on your iPhone.

How we use your data

• To provide the service — MDM data is used to push restriction profiles to your iPhone when you start a session and remove them when you end.
• Account management — email + password for login, password reset, device management.
• Analytics — we use Sentry to capture application errors so we can fix bugs. Sentry receives error stack traces and minimal request context (user ID, timestamps). We do NOT send Sentry your iPhone contents, APNs tokens, or any sensitive identifiers.
• Email — transactional emails only (password reset, security notices). No marketing unless you opt in.

Who we share with (subprocessors)

• Apple — Apple's Push Notification service relays MDM commands to your iPhone. Apple sees that a command is being sent but not its contents. (Flipped is not affiliated with or endorsed by Apple Inc.; we use standard iOS supervision APIs available to developers.)
• Railway (privacy policy) — hosting; runs our backend and database under their own commitments.
• Resend (privacy policy) — sends transactional emails (sign-in codes, security notices).
• Sentry (privacy policy) — error reports for engineering debugging. Receives stack traces and minimal context (user ID, timestamps).
• Stripe (privacy policy, when we monetize) — payment details per their privacy policy; we never see or store full card numbers.

We do not sell your data, share it with advertisers, or use it for marketing profiles.

Children's privacy

Flipped is not intended for children under 13. We do not knowingly collect personal information from anyone under 13. If you believe a child has signed up for Flipped, email privacy@useflipped.com and we'll delete the account and associated data.

Users aged 13–17 should have a parent or guardian review this policy before signing up.

International users

Flipped is operated from the United States. By using Flipped from outside the US, you consent to the transfer of your data to the US for processing. We honor data-rights requests (access, deletion, export) from all users regardless of jurisdiction — email privacy@useflipped.com.

Cookies and analytics on useflipped.com

Our website uses only essential storage (your sign-in code session, your selected active profile). We do not use third-party advertising cookies, behavioral tracking, or marketing analytics scripts on useflipped.com.

Device Management Disclosure

When you supervise your iPhone with Flipped, your iPhone enters a state called "Supervised" with Flipped as the organization. This allows Flipped to:

• Hide and un-hide apps from your home screen
• Filter URLs in Safari and other browsers
• Enable Apple's built-in adult-content filter during sessions

Flipped cannot:

• Read your messages, photos, emails, browsing history, or files
• Track your location
• Listen to your microphone or camera
• Install or remove apps beyond hiding them
• Modify system settings beyond the restrictions above

Removing Flipped's management

You can remove Flipped's management at any time:

1. Run the Mac app's "Remove Management" command, OR
2. On your iPhone, open Settings → General → VPN & Device Management, tap the Flipped profile, and tap "Remove Management."

Data retention

• Account data — kept as long as your account exists. Delete your account to remove it.
• MDM enrollment data — kept while your iPhone is enrolled. Automatically cleared when you remove management.
• Session history — kept for the lifetime of your account.
• Error logs / analytics — 30 days in Sentry.

Your rights

• Access — see your account data by logging in.
• Deletion — email privacy@useflipped.com. We complete deletions within 30 days.
• Export — on request, we'll provide your data in machine-readable form.
• Correction — update email and password from the app.

Security

• All traffic is HTTPS (TLS 1.2+).
• Passwords are bcrypt-hashed.
• Refresh tokens are stored only as SHA-256 hashes.
• Login is rate-limited; accounts lock after 10 failed attempts.

Contact

privacy@useflipped.com