Aspera

Legal  —  Privacy

Privacy Notice

Last updated May 02, 2026

This Privacy Notice describes how David Sharpe (doing business as Aspera) accesses, collects, stores, uses, and shares your personal information when you use Aspera.

Aspera is an identity-based discipline app that helps you build lasting habits by proving daily progress against personal goals. You declare an identity, set 3–6 daily proof tasks, and track your consistency over time through streaks, reflections, and progress history. This notice applies whenever you download or use the app, or engage with us in any related way.

Questions or concerns? Reading this notice will help you understand your privacy rights and choices. If you do not agree with our policies and practices, please do not use Aspera. If you have questions, contact us at davidbsharpe@icloud.com.

Summary of key points

The points below summarise the notice. The full sections that follow are authoritative — read them for the detail.

What personal information do we process? Information you give us directly (your name, email address, password, username) and a small amount of technical data collected automatically when you use the app.

Do we process sensitive personal information? No.

Do we collect information from third parties? No.

How do we process your information? To provide, improve, and administer Aspera; to communicate with you; to keep the service secure; and to comply with law.

With whom do we share information? Only with the limited service providers that help us run Aspera (listed below).

What are your rights? Depending on where you live, you can request access, correction, deletion, portability, or withdraw consent at any time.

What information do we collect?

Personal information you disclose to us

In short — we collect personal information that you provide to us.

We collect personal information that you voluntarily provide when you register on Aspera, express an interest in our products and services, participate in activities in the app, or otherwise contact us. The information we collect depends on how you interact with us, the choices you make, and the features you use. It may include:

Sensitive Information. We do not process sensitive information.

Application data. If you use Aspera and grant permission, we may also receive push-notification tokens so we can deliver reminders and account-related notifications. You can turn these off at any time in your device settings.

All personal information you provide must be true, complete, and accurate, and you must notify us of any changes.

Information automatically collected

In short — some information, such as IP address and device characteristics, is collected automatically.

We automatically collect certain information when you use Aspera. This data does not directly reveal your identity but may include device and usage information such as IP address, device model, operating system, language preferences, country, and information about how and when you use the Services. This is used primarily to keep the app secure, diagnose issues, and improve the experience.

How do we process your information?

In short — we process your information to provide, improve, and administer Aspera, communicate with you, keep the service secure, and comply with law.

What legal bases do we rely on?

In short — we only process your personal information when we have a valid legal reason to do so.

If you are in the EU or UK

The GDPR and UK GDPR require us to explain the legal bases we rely on. We may rely on the following:

If you are in Canada

We may process your information where you have given us express or implied consent. In limited cases, applicable law permits processing without consent — for example, for fraud detection, witness statements, journalism, or where disclosure is required by subpoena.

When and with whom do we share your personal information?

In short — we may share information in specific situations and with specific third parties.

We share your data only with third-party vendors and service providers who require access to perform services on our behalf. We have contracts in place that are designed to safeguard your personal information; these third parties may not use it for any purpose other than the one we instruct, and they commit to protect the data and retain it only for the period we specify.

The third parties we currently rely on are:

We may also share your information in connection with a business transfer — for example, during negotiations of a merger, sale of company assets, financing, or acquisition of all or part of our business.

Is your information transferred internationally?

In short — we may transfer, store, and process your information in countries other than your own.

Our servers are located in the United States. Regardless of where you are, please be aware that your information may be transferred to, stored by, and processed in the United States and other countries where our service providers operate. If you are in the EEA, UK, or Switzerland, those countries may not have data-protection laws as comprehensive as your own. We will take all necessary measures to protect your personal information in accordance with this notice and applicable law.

We have implemented the European Commission's Standard Contractual Clauses for transfers of personal information between us and third-party providers where applicable. These clauses can be provided upon request.

How long do we keep your information?

In short — we keep your information for as long as necessary to fulfil the purposes outlined in this notice unless otherwise required by law.

We will only keep your personal information for as long as it is necessary for the purposes set out in this notice, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements). No purpose in this notice will require us to keep your personal information for longer than the period of time in which you have an account with us.

When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymise it, or — if that's not possible (for example, because it sits in backup archives) — we will securely store it and isolate it from any further processing until deletion is possible.

How do we keep your information safe?

In short — we aim to protect your personal information through a system of organisational and technical security measures.

We have implemented appropriate and reasonable technical and organisational security measures designed to protect the personal information we process. However, despite our safeguards, no electronic transmission over the internet or information-storage technology can be guaranteed to be 100% secure. We cannot promise that hackers, cybercriminals, or other unauthorised third parties will never defeat our security and improperly collect, access, steal, or modify your information. Transmission of personal information to and from Aspera is at your own risk.

What are your privacy rights?

In short — depending on your state of residence in the US or your region (EEA, UK, Switzerland, Canada), you have rights that allow you greater access to and control over your personal information.

In some regions you have the right to: (i) request access to and obtain a copy of your personal information; (ii) request correction or erasure; (iii) restrict processing; (iv) data portability where applicable; and (v) not to be subject to automated decision-making. In certain circumstances you may also object to processing. To make a request, contact us using the details in section 12.

If you are in the EEA or UK and believe we are unlawfully processing your personal information, you also have the right to complain to your Member State data protection authority or the UK Information Commissioner's Office. If you are in Switzerland, you may contact the Federal Data Protection and Information Commissioner.

Withdrawing your consent

If we are relying on your consent to process your personal information, you may withdraw it at any time by contacting us using the details in section 12. Withdrawal will not affect the lawfulness of processing before your withdrawal, nor processing conducted on lawful grounds other than consent.

Account information

You can review, change, or delete the information in your account at any time by logging into Aspera and visiting your account settings. Upon request to terminate your account, we will deactivate or delete your account and information from our active databases. We may retain limited information to prevent fraud, troubleshoot problems, assist investigations, enforce our terms, or comply with applicable legal requirements.

If you have questions about your privacy rights, email us at davidbsharpe@icloud.com.

Controls for Do-Not-Track features

Most web browsers and some mobile operating systems include a Do-Not-Track ("DNT") feature you can activate to signal a preference not to have data about your online browsing monitored. No uniform technology standard for recognising and implementing DNT signals has been finalised. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates a tracking-opt-out choice. If a standard is adopted, we will revise this notice accordingly.

Do United States residents have specific privacy rights?

In short — if you are a resident of California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, or Virginia, you may have specific rights regarding your personal information.

Categories of personal information we collect

CategoryExamplesCollected
A. IdentifiersReal name, alias, postal address, telephone or mobile contact number, unique personal identifier, online identifier, IP address, email address, account nameYes
B. Personal information as defined in the California Customer Records statuteName, contact information, education, employment, employment history, financial informationYes
C. Protected classification characteristics under state or federal lawGender, age, date of birth, race and ethnicity, national origin, marital status, demographic dataNo
D. Commercial informationTransaction information, purchase history, financial details, payment informationNo
E. Biometric informationFingerprints and voiceprintsNo
F. Internet or other similar network activityBrowsing history, search history, online behaviour, interactions with our services and advertisementsYes
G. Geolocation dataDevice locationNo
H. Audio, electronic, sensory, or similar informationImages and audio, video, or call recordings created in connection with our business activitiesNo
I. Professional or employment-related informationBusiness contact details, work history, professional qualificationsNo
J. Education informationStudent records and directory informationNo
K. Inferences drawn from collected personal informationInferences drawn from any of the above to create a profile about preferences and characteristicsNo
L. Sensitive personal informationNo

We will use and retain the collected personal information as needed to provide the Services or for as long as you maintain an account with us.

Sources of personal information

Learn more about the sources of personal information in section 1, "What information do we collect?"

How we use and share personal information

Learn more about how we use your personal information in section 2, "How do we process your information?"

Will your information be shared with anyone else?

We may disclose your personal information to our service providers pursuant to a written contract. We do not sell or share personal information for targeted advertising. We have not sold or shared any personal information to third parties for a business or commercial purpose in the preceding twelve (12) months. We have disclosed identifiers and internet/network-activity information to service providers in the preceding twelve (12) months for the categories of business purposes listed in section 4.

Your rights

How to exercise your rights

To exercise these rights, contact us using the details in section 12. Under certain US state data-protection laws, you can designate an authorised agent to make a request on your behalf; we may deny a request from an agent that does not provide proof of valid authorisation.

Request verification

Upon receiving your request, we will need to verify your identity. We will only use the personal information provided in your request to verify identity or authority. If we cannot verify you from existing information, we may request additional information for verification, security, or fraud-prevention purposes.

Appeals

If we decline to take action on your request, you may appeal by emailing davidbsharpe@icloud.com. We will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons. If your appeal is denied, you may submit a complaint to your state attorney general.

California "Shine the Light" law

California Civil Code §1798.83, also known as the "Shine the Light" law, permits California residents to request once a year, free of charge, information about the categories of personal information (if any) we disclosed to third parties for direct-marketing purposes, and the names and addresses of those third parties in the immediately preceding calendar year. To make such a request, please write to us at the address in section 12.

Do we make updates to this notice?

In short — yes, we will update this notice as necessary to stay compliant with relevant laws.

The updated version will be indicated by an updated "Revised" date at the top of this notice. If we make material changes, we may notify you by prominently posting a notice or by sending you a direct notification. We encourage you to review this notice frequently.

How can you contact us about this notice?

If you have questions or comments about this notice, you can contact us by email at davidbsharpe@icloud.com or by post at:

David Sharpe
87 White St
New York, NY 10013
United States

How can you review, update, or delete the data we collect from you?

Based on the applicable laws of your country or state of residence in the US, you may have the right to request access to the personal information we hold, details about how we have processed it, correction of inaccuracies, or deletion of your personal information. You may also have the right to withdraw consent. To make a request, email us at davidbsharpe@icloud.com.