Habit Flow

Privacy Policy

Version 2026-04-23 • Effective April 23, 2026

This policy explains what data Habitflow collects, how we use it, and your choices. It applies to Habitflow web and app experiences.

1. Data we collect

We process account data (such as email, UID, display name, sign-in provider), profile metadata (plan flags, timestamps), and habit content you create (habit names, completion history, labels, colors, streak values).

We also process technical data needed to operate the app, such as device/browser details, crash diagnostics, and request metadata. Cookies and local storage are used for authentication/session behavior and app functionality.

2. End-to-end encryption data handling

If you enable E2EE, habit payloads are encrypted client-side before being persisted. Habitflow stores encryption metadata required for decryption flow (such as wrapped keys and encrypted payload blobs), but does not store your passphrase.

If your passphrase is lost, encrypted content cannot be recovered.

3. Why we process data

We process data to provide and secure the service, sync your account data, support account management, diagnose bugs, and improve product performance and reliability.

Where applicable, processing is based on contract necessity, legitimate interests, consent, and legal obligations.

4. Third-party processors

Habitflow relies on service providers to operate the app, including:

  • Google Firebase (authentication and database infrastructure)
  • Google Analytics for Firebase and Vercel Analytics (usage analytics)
  • Paddle (billing and merchant-of-record services, once paid checkout is enabled)

5. Retention and deletion

We retain personal data as long as needed to provide the service and meet legal/security obligations. You can request account deletion from account settings to remove your authentication account. You can also delete habits and labels directly in-app. If you need full data erasure assistance, contact support.

6. International transfers

Your data may be processed in jurisdictions where our infrastructure providers operate. When required by law, we apply appropriate transfer safeguards.

7. Your rights

Depending on your location, you may have rights to access, correction, deletion, portability, and objection/restriction for certain processing. To request these, contact us at hello@habitflowapp.com.

8. Policy updates

We may update this policy as the product evolves. Material updates may be announced in-app or by other appropriate notice.

9. Contact

Privacy requests and questions: hello@habitflowapp.com