Back to Home

Privacy Policy

Last Updated: March 12, 2026

1. Introduction

This Privacy Policy explains how Habitin ("we", "us") collects, uses, stores, and shares your information when you use our mobile application ("App"). By using the App, you consent to the practices described here.

Contact: hi@habitin.app

2. Information We Collect

2.1 Account Information

When you sign in with Google or Apple, we collect your email address for authentication. We also collect a username you provide during onboarding.

2.2 User Content

We collect and store data you create within the App, including habit details, completion records, notification preferences, onboarding responses (such as your goals and motivation), and display settings.

2.3 Device and Usage Data

We automatically collect device information (device type, OS version, app version, device identifier) and usage data (app interactions, session information) through Firebase Analytics. We also collect crash reports (stack traces, error logs, device and app state) through Firebase Crashlytics to diagnose and fix bugs.

2.4 Subscription Data

If you purchase a subscription, we collect transaction information (subscription status, purchase and renewal dates) through RevenueCat. Payment processing is handled entirely by Apple through the App Store. We do not collect or store your payment information.

2.5 Notifications

The App uses local notifications scheduled on your device to send habit reminders. We do not use remote push notification services or collect push notification tokens.

2.6 Tracking and Advertising

The App requests your permission via Apple's App Tracking Transparency (ATT) framework to allow Firebase to collect analytics and crash data more effectively. We do not use the Identifier for Advertisers (IDFA) or any cross-app tracking. We do not share your data with advertising networks or data brokers.

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and sync the service across sessions
  • Send habit reminders (only if you opt in)
  • Process subscriptions and provide premium features
  • Analyze usage patterns, fix bugs, and improve the App
  • Comply with legal obligations and prevent abuse
  • Communicate important updates about the App or policy changes

4. Data Storage and Security

4.1 Where We Store Your Data

Your data is stored locally on your device and synced to our cloud database hosted on Supabase, which uses encryption in transit (TLS) and at rest. The App works offline and syncs when a network connection is available.

When you delete data within the App, it is synced as deleted to the server. Upon account deletion, all data is permanently removed from our servers.

4.2 Third-Party Service Providers

We use the following third-party providers to operate the App:

  • Supabase: Database, authentication, and data synchronization
  • Firebase (Google): Analytics and crash reporting
  • RevenueCat: Subscription management
  • Google Sign-In: OAuth authentication
  • Apple: Sign in with Apple and App Store payments

These providers access your information only to perform tasks on our behalf and are obligated to provide the same or equal protection of your data as described in this policy.

4.3 Security

We implement industry-standard security measures including encryption in transit and at rest, secure authentication via OAuth 2.0, and access controls. However, no method of electronic transmission or storage is 100% secure.

4.4 Data Sales

We do not sell, rent, or trade your personal information to third parties.

5. Data Sharing

We only share your information with:

  • Service providers listed in Section 4.2, solely to operate the App
  • Legal authorities when required by law, court order, or to protect our rights and safety
  • Acquiring entities in connection with a merger, acquisition, or sale of assets
  • You, with your explicit consent for specific purposes

6. Your Privacy Rights

6.1 GDPR (EU Users)

If you are in the European Union, you have the right to access, correct, delete, port, object to processing, restrict processing, and withdraw consent regarding your personal information.

6.2 CCPA (California Users)

If you are a California resident, you have the right to know what personal information we collect, request deletion, opt-out of sale (we do not sell your data), and receive equal service regardless of exercising your rights.

6.3 How to Exercise Your Rights

Contact us at hi@habitin.app. We will respond within 30 days. You can also delete your account and all associated data at any time through the App settings.

7. Data Retention

We retain your information as long as your account is active. When you delete your account, your data is permanently removed from our servers within 30 days. Crash logs are retained by Firebase for 90 days. Some data may be retained longer if required by law.

8. Children's Privacy

The App is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us at hi@habitin.app and we will delete it.

9. International Data Transfers

Your information may be transferred to and stored on servers outside your country of residence. We ensure appropriate safeguards are in place, including using service providers that comply with applicable data protection regulations and encryption in transit and at rest.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will update the "Last Updated" date and notify you of material changes via email or in-app notification. Your continued use of the App constitutes acceptance of the updated policy.

11. Contact Us

Email: hi@habitin.app