Habits Warrior LogoHabits Warrior
Start Your Journey

Privacy Policy

Effective Date: May 12, 2025

1. Introduction

Welcome to Habits Warrior ("we," "us," or "our"). We are committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our web application/Progressive Web App (PWA) "Habits Warrior" (the "Service").

Please read this Privacy Policy carefully. By using the Service, you agree to the collection and use of information in accordance with this policy. If you do not agree with the terms of this Privacy Policy, please do not access or use the Service.

For the purpose of this policy, "Habits Warrior" is the data controller for the personal data processed through the Service.

2. Information We Collect

We may collect information about you in a variety of ways. The information we may collect via the Service includes:

2.1 Personal Data You Provide to Us

  • Account Information: When you register for an account, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you. Personally identifiable information may include, but is not limited to:
  • Habit Information: To use the core functionality of Habits Warrior, you will provide information related to the habits you want to track. This includes:
    • Habit name
    • Reason for the habit
    • Stats related to the habit (you can choose from 6 default stats, and completing weekly goals increases these stats)
    • Weekly and daily goals
    • Type of habit (e.g., times, pages, minutes)
    • Difficulty level
    • Start date
  • Subscription Information: If you subscribe to a paid plan (e.g., monthly, yearly, lifetime after your 7-day trial), our payment processor, Lemon Squeezy, will collect payment information necessary to process the transaction. We receive confirmation of your subscription status but do not directly store your full payment card details.
  • Communications: If you contact us directly (e.g., via email for support), we may receive additional information about you such as your name, email address, the contents of the message and/or attachments you may send us, and any other information you may choose to provide.

2.2 Data Collected Automatically

  • Usage Data: We may automatically collect certain information when you access and use the Service. This information may include your Internet Protocol (IP) address, browser type, browser version, operating system, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, device identifiers, and other diagnostic data. This data is partly collected through Google Analytics.
  • Push Notification Tokens: If you opt-in to receive push notifications, we will collect a push notification token to send you reminders about your habits and other relevant service notifications.

2.3 Information from Third-Party Services:

We use third-party services for various functionalities, and these services may collect information as governed by their own privacy policies:

  • Supabase: For backend services including authentication, database storage, and functions.
  • Google Analytics: For understanding service usage.
  • Lemon Squeezy: For processing subscriptions and payments.
  • Vercel: For hosting our web application and providing serverless functions.
  • Resend: For sending transactional emails (e.g., email confirmation, password resets).

3. How We Use Your Information

We use the information we collect in various ways, including to:

  • Provide, operate, and maintain our Service;
  • Create and manage your account;
  • Process your subscriptions and transactions through Lemon Squeezy;
  • Track your habit progress, including habit chains, progress bars, and stat increases;
  • Personalize your experience within the Service;
  • Send you service-related communications, including account verification, password resets, transactional emails via Resend, and push notifications for habit reminders and important service announcements (via the in-app announcement banner or push notifications);
  • Respond to your comments, questions, and provide customer support;
  • Improve, and expand our Service by analyzing how users interact with it (e.g., using Google Analytics);
  • Develop new features, products, services, and functionality (such as custom stats creation and social sharing in the future. Use of such features may involve additional data processing which will be made clear at the time of introduction);
  • Monitor and analyze trends, usage, and activities in connection with our Service;
  • Detect, prevent, and address technical issues and fraudulent or illegal activity;
  • Comply with legal obligations.

We currently do not use your personal information for marketing emails. If this changes, we will seek your explicit consent where required by law.

4. Legal Basis for Processing Your Information (for EEA/UK Users)

If you are from the European Economic Area (EEA) or the United Kingdom (UK), our legal basis for collecting and using the personal information described in this Privacy Policy depends on the Personal Data we collect and the specific context in which we collect it:

  • Contractual Necessity: We process your information to provide the Service to you as per our Terms of Service (e.g., account creation, habit tracking, subscription management).
  • Consent: We may rely on your consent for certain processing activities (e.g., sending push notifications, or for future marketing communications). You can withdraw your consent at any time.
  • Legitimate Interests: We may process your information for our legitimate interests, such as to improve our Service, for analytics, and for security purposes, provided that such processing shall not outweigh your rights and freedoms.
  • Legal Obligation: We may process your information to comply with legal obligations.

5. Sharing Your Information

We do not sell your personal information. We may share your information in the following situations:

  • With Service Providers: We share information with third-party vendors and service providers that perform services for us or on our behalf. These include:
    • Supabase: (USA/Globally Distributed) For database hosting, authentication, and backend functions.
    • Vercel: (USA/Globally Distributed) For hosting our web application.
    • Google Analytics: (USA/Globally Distributed) For analytics and usage tracking.
    • Resend: (USA/Globally Distributed) For sending transactional emails.
    • Lemon Squeezy: (USA/Globally Distributed) For processing payments and subscriptions.
  • For Legal Reasons: We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or a government agency), to protect and defend our rights or property, to prevent or investigate possible wrongdoing in connection with the Service, or to protect the personal safety of users or the public.
  • Business Transfers: If Habits Warrior is involved in a merger, acquisition, or asset sale, your Personal Data may be transferred. We will provide notice before your Personal Data is transferred and becomes subject to a different Privacy Policy.
  • With Your Consent: We may disclose your personal information for any other purpose with your consent (e.g., if we implement social sharing features in the future, you will be asked for consent before sharing any data).

6. Data Retention

  • Account and Habit Data: We retain your account information and habit data as long as your account is active. If you choose to delete your account, we will delete this data within a reasonable timeframe (e.g., 30-90 days) to allow for accidental deletion recovery, after which it will be permanently removed, subject to any legal retention requirements.
  • Inactive Accounts: We may delete data associated with accounts that have been inactive (e.g., no logins) for an extended period (e.g., 1-2 years), after providing notice if feasible.
  • Subscription and Transaction Data: Information related to your subscriptions processed via Lemon Squeezy may be retained for longer periods as required by financial and tax laws (often 5-10 years). Lemon Squeezy maintains its own retention policies for the payment details they process.
  • Usage Data (Analytics): Data collected by Google Analytics is subject to Google's data retention policies, which you can configure within your Google Analytics settings.
  • Backup Data: Backups of our database (managed by Supabase) are kept for a limited period for disaster recovery purposes and are not used for regular operational purposes.

7. Data Security

We take reasonable administrative, technical, and physical security measures to help protect your personal information. This includes using Supabase's Row Level Security (RLS) policies for table access control and relying on the security measures provided by our third-party service providers (Supabase, Vercel).

However, please be aware that no security measures are perfect or impenetrable, and no method of data transmission can be guaranteed against any interception or other type of misuse. Any information disclosed online is vulnerable to interception and misuse by unauthorized parties. Therefore, we cannot guarantee complete security if you provide personal information.

8. Your Data Protection Rights

You may have the following rights based on your location:

  • The right to access, update, or delete your information
  • The right to rectification (to correct inaccurate data)
  • The right to object to our processing of your personal data
  • The right to restriction (to request we restrict processing of your data)
  • The right to data portability (to receive a copy of your data)
  • The right to withdraw consent

9. Google Analytics

We use Google Analytics to monitor and analyze the use of our Service. Google Analytics collects information such as how often users visit the Service, what pages they visit when they do so, and what other sites they used prior to coming to the Service. We use the information we get from Google Analytics only to improve our Service. Google Analytics collects only the IP address assigned to you on the date you visit the Service, rather than your name or other identifying information. We do not combine the information collected through the use of Google Analytics with personally identifiable information. Google's ability to use and share information collected by Google Analytics about your visits to this Service is restricted by the Google Analytics Terms of Use and the Google Privacy Policy. You can prevent Google Analytics from recognizing you on return visits to this site by disabling cookies on your browser or by installing the Google Analytics Opt-out Browser Add-on.

10. Children's Privacy

Our Service is not intended for use by children under the age of 16 (or a higher age threshold if mandated by applicable local law, e.g., 18 in some contexts without parental consent). We do not knowingly collect personally identifiable information from children under this age. If you are a parent or guardian and you are aware that your child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we will take steps to remove that information from our servers.

Users are advised not to input highly sensitive personal information, especially information that could be classified as special category data (e.g., detailed health information for medical purposes) into free-text fields like "reason for habit." The app is designed for general habit tracking and self-improvement.

11. Third-Party Services

Our Service may contain links to other sites that are not operated by us. If you click on a third-party link, you will be directed to that third party's site. We strongly advise you to review the Privacy Policy of every site you visit.

We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

12. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Effective Date" at the top of this Privacy Policy. We may also notify you through an in-app announcement or by email, prior to the change becoming effective.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

13. Contact Us

If you have any questions about this Privacy Policy, please contact us at info@habitswarrior.com.