Privacy Policy

Last Updated: October 27, 2025

At GrowHabit, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application.

1. Information We Collect

1.1 Information You Provide

• Account Information: When you sign in with Apple, we receive your Apple ID, name (if you choose to share it), and email address (real or private relay).
• Habit Data: Information about habits you create, including titles, descriptions, schedules, durations, categories, and completion records.
• User Settings: Your preferences for notifications, appearance, HealthKit integration, and other app settings.
• AI Prompts: When you use AI features, we process your habit context to generate personalized suggestions and motivational scripts.

1.2 Automatically Collected Information

• Usage Analytics: We use Firebase Analytics to understand how users interact with our app (e.g., which features are most popular, session duration). This data is aggregated and anonymized.
• Crash Reports: Firebase Crashlytics collects crash logs and device information to help us fix bugs and improve stability.
• Device Information: Device type, operating system version, unique device identifiers, and mobile network information.

1.3 Health Data (Optional)

If you enable HealthKit integration (Premium feature), we write workout data to your Apple Health app. We never read or access your existing Health data. All health data is stored locally on your device and controlled by iOS.

2. How We Use Your Information

We use your information to:

• Provide Core Services: Track your habits, calculate streaks, show statistics, and sync data across your devices.
• AI Features: Generate personalized habit suggestions and motivational scripts using Google Gemini AI. Your prompts are processed securely and not used to train AI models.
• Subscription Management: Process payments through RevenueCat and manage your Premium subscription status.
• Notifications: Send you reminders, streak milestones, and important account updates via Firebase Cloud Messaging.
• Improve Our Services: Analyze usage patterns to fix bugs, improve features, and enhance user experience.
• Customer Support: Respond to your inquiries and provide technical assistance.

3. Data Storage and Security

3.1 Where We Store Data

• Firebase Firestore: Your account information, habits, and settings are stored in Google Cloud Firestore with servers located in the United States.
• Local Device Storage: Habit data is also stored locally using SwiftData for offline access.
• iCloud (Optional): App Groups data for widgets is stored in your personal iCloud account.

3.2 Security Measures

• Encryption in Transit: All data transmission uses HTTPS/TLS encryption.
• Encryption at Rest: Firebase Firestore encrypts all data at rest by default.
• Authentication: We use Firebase Authentication with Sign in with Apple, which uses industry-standard OAuth 2.0.
• Access Controls: Firestore security rules ensure users can only access their own data.
• Regular Audits: We regularly review our security practices and update dependencies to address vulnerabilities.

4. Third-Party Services

We use the following trusted third-party services:

4.1 Firebase (Google)

• Purpose: Authentication, database, cloud functions, analytics, crash reporting, push notifications.
• Privacy Policy: firebase.google.com/support/privacy

4.2 RevenueCat

• Purpose: Subscription management and payment processing.
• Data Shared: User ID, subscription status, purchase events.
• Privacy Policy: revenuecat.com/privacy

4.3 Google Gemini AI

• Purpose: Generate AI-powered habit suggestions and motivational scripts.
• Data Shared: Your habit context (titles, categories, schedules) to provide personalized suggestions.
• Privacy Policy: policies.google.com/privacy

4.4 Google AdMob (Free Users Only)

• Purpose: Display ads for free users.
• Data Shared: Device identifiers, IP address, ad interaction data.
• Privacy Policy: support.google.com/admob/answer/6128543
• Opt-Out: Upgrade to Premium to remove all ads.

4.5 Runware (Image Generation)

• Purpose: Generate images for weekly discovery articles.
• Data Shared: Only AI-generated text prompts (no personal data).
• Privacy Policy: runware.ai/privacy

5. Data Sharing and Disclosure

We DO NOT sell, rent, or trade your personal information to third parties for marketing purposes.

We may share your information only in the following circumstances:

• With Your Consent: When you explicitly authorize us to share specific information.
• Service Providers: With third-party services listed above, only to the extent necessary to provide our services.
• Legal Requirements: If required by law, court order, or government request.
• Business Transfers: If GrowHabit is acquired or merged, your data may be transferred (you will be notified).
• Protection of Rights: To protect our rights, property, or safety, or that of our users or the public.

6. Your Rights and Choices

6.1 Access and Export Your Data

You can export all your data (habits, entries, suggestions, settings) as a JSON file from Settings → Data & Privacy → Export Data.

6.2 Delete Your Data

You can permanently delete your account and all associated data from Settings → Data & Privacy → Delete Account. This action is irreversible.

6.3 Manage Permissions

• Notifications: iOS Settings → GrowHabit → Notifications
• HealthKit: iOS Settings → Privacy & Security → Health → GrowHabit
• Tracking: iOS Settings → Privacy & Security → Tracking

6.4 Opt-Out of Ads

Upgrade to Premium to remove all advertisements. Free users can limit ad tracking via iOS Settings → Privacy & Security → Tracking → Allow Apps to Request to Track (disable).

7. Children's Privacy

GrowHabit is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected such information, please contact us immediately.

8. International Data Transfers

Your data may be transferred to and stored on servers located outside your country of residence, including the United States. By using GrowHabit, you consent to such transfers. We ensure appropriate safeguards are in place to protect your data in accordance with this Privacy Policy.

9. Data Retention

• Active Accounts: We retain your data as long as your account is active.
• Deleted Accounts: Upon account deletion, we permanently delete all personal data within 30 days, except where required by law.
• Aggregated Data: Anonymized, aggregated analytics data may be retained indefinitely.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via:

• In-app notification
• Email (if you provided one)
• Updating the "Last Updated" date at the top of this page

Your continued use of GrowHabit after changes take effect constitutes acceptance of the updated policy.

11. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your data, please contact us:

12. GDPR Compliance (EU Users)

If you are located in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR):

• Right to Access: Request a copy of your personal data.
• Right to Rectification: Correct inaccurate or incomplete data.
• Right to Erasure: Request deletion of your data ("right to be forgotten").
• Right to Restriction: Request limitation of processing your data.
• Right to Data Portability: Receive your data in a machine-readable format.
• Right to Object: Object to processing based on legitimate interests.
• Right to Withdraw Consent: Withdraw consent at any time (does not affect prior processing).

To exercise these rights, contact us at [email protected].

13. California Privacy Rights (CCPA)

California residents have the right to:

• Know what personal information is collected, used, shared, or sold
• Delete personal information held by businesses
• Opt-out of the sale of personal information (we do not sell personal information)
• Non-discrimination for exercising CCPA rights

To make a request, email [email protected] with "California Privacy Rights" in the subject line.

---

Thank you for trusting GrowHabit with your personal growth journey. We are committed to protecting your privacy and data.