Gal Sync Logo Gal Sync
Coming Soon

Privacy & Cookie Policy

Last updated: March 8, 2026

1. Introduction

At Gal Sync, your privacy isn't an afterthought—it's the core architecture of the app. This Privacy Policy outlines how we handle data when you use the Gal Sync iOS application ("the App"). The fundamental promise is simple: your directory data stays on your device as much as possible, and we never touch your unrelated personal contacts.

2. What Data We Access & Why

Microsoft 365 Data (Microsoft Graph)

To synchronize your company directory, Gal Sync requires you to sign in using Microsoft authentication. The app requests read-only access to your organization's directory via Microsoft Graph.

  • What is accessed: Employee names, job titles, departments, phone numbers, email addresses, and optional profile photos.
  • Where it goes: Directly from Microsoft's servers to your local iPhone database. We do not intermediate this traffic with our own proprietary back-end servers.

Local iPhone Contacts Permissions

Gal Sync asks for permissions to your local Contacts database. This is required to write the synced Microsoft directory data into your phone so that caller ID works natively.

  • Strict Boundaries: Gal Sync creates an isolated group or container for the contacts it manages.
  • No Personal Intermediary: The App will only add, edit, or delete the contacts that it explicitly generated. It will never read, modify, or export an unrelated personal contact you created elsewhere.

3. Third-Party Services

While the core directory synchronization flows directly from Microsoft to your device, we use standard third-party SDKs to operate the app securely and sustainably.

  • Aptabase (Analytics): Used to collect anonymous, aggregated crash reports and usage metrics so we can improve the app's performance. It does not track personal identifiers.
  • Google Mobile Ads (AdMob): Free tier users receive basic advertisements. We utilize Google's User Messaging Platform (UMP) to handle consent correctly under GDPR and CCPA.
  • Apple StoreKit: Used securely for managing Premium subscriptions and upgrades. We do not store your payment information.

Website Cookies & Tracking

To respect your privacy globally, including under the EU GDPR and ePrivacy Directive, the Gal Sync website does not use analytics, advertising, or tracking cookies. We do not run Google Analytics, Meta Pixel, ad tags, or cross-site tracking scripts on this website.

The public website therefore does not rely on a cookie-consent banner to set optional trackers. If we ever introduce optional analytics or marketing technologies here, we will request consent before storing them in your browser.

4. Data Retention and Deletion

Because Gal Sync operates mostly on-device, you remain in complete control.

  • If you sign out of the App or choose "Wipe Synced Contacts," the directory data managed by Gal Sync physically deletes from your local iPhone Contacts database.
  • Deleting the App entirely will also prevent further syncing and eventually lead to contact removal, though manual wiping ensures immediate cleanup.

5. Changes to This Policy

We may update this policy periodically to reflect changes in how our App operates or to stay compliant with legal regulations.

6. Contact Details

If you have questions about how Gal Sync handles your data, or if you wish to exercise your data rights, please contact us at: [email protected]