Privacy Policy

How we collect, use, and protect your information

Effective Date: December 1, 2025

Last Updated: December 1, 2025

Ventryn LLC ("we," "our," or "us") operates the Habit Tracker mobile application (the "App"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our App. We are committed to protecting your privacy and complying with applicable data protection laws worldwide.

1. Information We Collect

1.1 Information You Provide

  • Account Information: When you create an account, we collect your email address and password (securely encrypted). You may optionally provide a display name and phone number.
  • Habit Data: The habits you create, including titles, goals, completion records, and any notes you add.
  • Routine Groups: If you organize habits into routines, we store those groupings.
  • Subscription Information: If you subscribe to premium features, we receive confirmation of your subscription status (processed by RevenueCat and your app store).

1.2 Information Collected Automatically

  • Device Information: Device type, operating system version, and unique device identifiers for app functionality.
  • Usage Analytics: How you interact with the App, features used, and session information via Firebase Analytics.
  • Crash Reports: Error logs and crash data via Firebase Crashlytics to improve app stability.
  • Push Notification Tokens: Firebase Cloud Messaging (FCM) tokens to deliver habit reminders and notifications.
  • Onboarding Progress: Your progress through the initial app setup to provide a better experience.

1.3 Information from Third Parties

If you sign in using Google or Apple, we receive your name and email address from those services as permitted by your privacy settings with them.

1.4 AI Features Data

  • AI-Generated Insights: We may generate personalized habit insights based on your usage patterns. These insights are stored in your account.
  • AI Coaching Conversations: If you use AI coaching features, your conversation history is stored to provide continuity.
  • Habit Suggestions: Data used to generate personalized habit recommendations.

2. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the App
  • Create and manage your account
  • Sync your habit data across devices
  • Send you notifications you've enabled (habit reminders, achievements)
  • Generate AI-powered habit insights and coaching
  • Send transactional emails (password reset, account verification)
  • Analyze usage patterns to improve features and fix bugs
  • Process subscriptions and manage premium features
  • Detect and prevent fraud or abuse
  • Comply with legal obligations

3. Data Storage and Security

Your data is stored securely using industry-standard measures:

  • Infrastructure: Firebase (Google Cloud Platform) with data centers in the United States
  • Subscription Processing: RevenueCat for secure payment and subscription management
  • Encryption in Transit: All data transmitted via TLS/SSL encryption
  • Encryption at Rest: Data encrypted on our servers
  • Authentication: Secure authentication via Firebase Authentication
  • API Protection: Firebase App Check to prevent unauthorized access
  • Access Controls: Limited to authorized personnel with legitimate business need

4. Data Sharing and Disclosure

We do not sell your personal information. We may share information only in these circumstances:

  • Service Providers: With trusted third parties who assist in operating our App:
    • Firebase/Google Cloud Platform (infrastructure and analytics)
    • RevenueCat (subscription and payment processing)
    These providers are bound by confidentiality agreements and may only use your data to provide services to us.
  • Legal Requirements: If required by law, court order, or governmental authority.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, with notice to you.
  • With Your Consent: For any other purpose with your explicit consent.

5. Your Rights and Choices

You have the following rights regarding your personal data:

  • Access: Request a copy of your personal data
  • Correction: Update or correct inaccurate data
  • Deletion: Request deletion of your account and associated data
  • Data Export: Export your data in PDF format through the App
  • Opt-out of Analytics: Disable optional analytics in App settings
  • Manage Notifications: Control push notifications and reminders per habit

To exercise these rights, use the in-app settings or contact us at support@ventryn.com.

6. Analytics and Tracking

  • Firebase Analytics: We collect anonymized usage data to improve the App. You can disable optional analytics in Settings while essential analytics remain active for app stability.
  • Firebase Crashlytics: Automatically collects crash reports to help us fix bugs and improve reliability.
  • No Advertising Trackers: We do not use third-party advertising networks or tracking pixels.

7. Data Retention

  • Active Account: Your data is retained for as long as your account is active.
  • Account Deletion: Upon deletion request:
    • Personal data is deleted within 30 days
    • Backup copies are purged within 90 days
    • Anonymized analytics data may be retained for service improvement
  • Crash Logs: Retained for 90 days per Firebase defaults.

8. Children's Privacy

The App is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately at support@ventryn.com and we will delete it promptly.

9. International Data Transfers

Your information may be transferred to and processed in the United States where our servers are located. By using the App, you consent to this transfer. We implement appropriate safeguards for international transfers, including Standard Contractual Clauses where required.

10. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

  • Right to Know: Request what personal information we collect, use, disclose, and sell
  • Right to Delete: Request deletion of your personal information
  • Right to Correct: Request correction of inaccurate personal information
  • Right to Opt-Out: We do not sell personal information, so this right does not apply
  • Right to Limit: Limit use of sensitive personal information (we do not collect sensitive personal information as defined by CPRA)
  • Non-Discrimination: We will not discriminate against you for exercising these rights

To exercise these rights, contact us at support@ventryn.com.

11. European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have rights under the General Data Protection Regulation (GDPR):

  • Legal Basis: We process your data based on:
    • Contract: To provide the App services you requested
    • Consent: For optional analytics and marketing
    • Legitimate Interest: For security, fraud prevention, and service improvement
  • Data Controller: Ventryn LLC, Delaware, USA
  • Your Rights:
    • Right to access your personal data
    • Right to rectify inaccurate data
    • Right to erasure ("right to be forgotten")
    • Right to restrict processing
    • Right to data portability
    • Right to object to processing
    • Right to withdraw consent at any time
  • Supervisory Authority: You have the right to lodge a complaint with your local data protection authority
  • International Transfers: We use Standard Contractual Clauses for transfers outside the EEA

Contact our Data Protection contact at support@ventryn.com.

12. UK Privacy Rights (UK GDPR)

If you are located in the United Kingdom, you have the same rights as under EU GDPR. The Information Commissioner's Office (ICO) is your supervisory authority. Post-Brexit data transfers are conducted using appropriate mechanisms such as Standard Contractual Clauses.

13. Brazil Privacy Rights (LGPD)

If you are located in Brazil, you have rights under the Lei Geral de Protecao de Dados (LGPD):

  • Right to confirmation of data processing
  • Right to access your data
  • Right to correct incomplete, inaccurate, or outdated data
  • Right to anonymization, blocking, or deletion of unnecessary data
  • Right to data portability
  • Right to deletion of data processed with your consent
  • Right to information about third parties with whom we share data
  • Right to revoke consent

14. Australia Privacy Rights

If you are located in Australia, you have rights under the Privacy Act 1988:

  • Right to access your personal information
  • Right to request correction of your personal information
  • Right to complain about privacy breaches to the Office of the Australian Information Commissioner (OAIC)

We will notify you of cross-border disclosures of your personal information.

15. Canada Privacy Rights (PIPEDA)

If you are located in Canada, you have rights under the Personal Information Protection and Electronic Documents Act (PIPEDA):

  • Right to access your personal information
  • Right to challenge the accuracy of your information
  • Right to withdraw consent (subject to legal or contractual restrictions)
  • Right to complain to the Office of the Privacy Commissioner of Canada

We obtain meaningful consent before collecting, using, or disclosing your personal information.

16. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of significant changes via the App or email. The "Last Updated" date at the top indicates when the policy was last revised. Continued use of the App after changes constitutes acceptance of the updated policy.

17. Contact Us

If you have questions about this Privacy Policy, our data practices, or wish to exercise your rights:

Ventryn LLC
Email: support@ventryn.com

We will respond to your request within 30 days (or sooner if required by applicable law).