Habitao app icon
Habitao
A simple & free daily habit tracker app

Habitao

Privacy Policy

Effective date: March 20, 2026

Habitao is designed to be privacy-friendly: no accounts, no advertising tracking, and your content stays on your device.

1) Overview

We built Habitao to respect your privacy:

  • No accounts or logins
  • No backend servers run by us
  • No advertising tracking
  • Your app content is stored locally on your device

This policy explains what data we (and our service providers for subscriptions, payments, analytics, and crash reporting) process.

2) Data we collect

We do not operate our own backend for the App and do not collect or store your habit content on our own servers.

The App stores your content (for example: tasks, notes, lists, preferences) on-device.

We collect limited usage analytics through PostHog to understand how the App is used (see Section 3.3 and Section 5).

We collect limited crash and diagnostics data through Sentry to detect, investigate, and fix errors (see Section 3.4 and Section 5).

If you contact us at support@habitao.app or privacy@habitao.app, we receive your email address and message content so we can respond.

When you visit our website, our hosting and infrastructure providers may process basic request logs (such as IP address and user-agent) to deliver the site and protect it from abuse. We do not run analytics or advertising tracking.

3) Data processed by third parties (subscriptions, payments, analytics, crash reporting)

Even though we do not run a backend, subscriptions, analytics, and crash reporting rely on third-party services:

3.1 Apple (In-App Purchase)

Purchases and subscriptions are processed by Apple. Apple may process purchase information (including payment method details) under Apple's own policies. We do not receive your full payment details.

3.2 RevenueCat (subscription management)

We use RevenueCat to manage subscriptions and entitlements (for example, to check whether premium is active and to restore purchases). RevenueCat may process limited information such as:

  • an anonymous App User ID (generated by the SDK);
  • purchase/entitlement status and transaction/receipt-related information;
  • device/technical information (for example, device identifiers, app version);
  • IP address (commonly used for fraud prevention or region rules).

This information is used to operate subscriptions, prevent fraud, and provide purchase restoration.

3.3 PostHog (product analytics)

We use PostHog to understand how the App is used and to improve it. We configure PostHog to use EU data residency. We do not use session replay, feature flags, experiments, or surveys.

PostHog may process:

  • event data we send (for example: onboarding completion, habit created, screen viewed, paywall viewed);
  • a pseudonymous device/app identifier (distinct_id);
  • device and app metadata (OS version, device model, app version, locale, time zone);
  • IP address and derived location (such as city/region/country) used for security and analytics.

We do not send your habit content or personal profile information to PostHog.

3.4 Sentry (crash reporting and diagnostics)

We use Sentry to detect, investigate, and fix crashes, errors, and stability issues in the App.

Sentry may process:

  • error and crash data (for example: stack traces, exception messages, timestamps, and technical context associated with the failure);
  • device and app metadata (for example: OS version, device model/type, app version, release, environment, locale, and time zone);
  • diagnostic identifiers and event metadata used to group and investigate issues;
  • additional technical context generated by the SDK or our configuration, which can include request URLs, headers, breadcrumbs, or IP address.

We do not intentionally send your habit names, notes, or other habit content to Sentry.

If an unexpected error includes such information in technical context (for example in a stack trace, breadcrumb, URL, or log message), it could be transmitted as part of the error event.

4) Legal bases (GDPR)

Under GDPR, we rely on the following legal bases for limited processing:

  • Performance of a contract (to provide the App and purchased features, including restoring purchases).
  • Legitimate interests (to prevent fraud, maintain security, operate the App and site, understand how the App is used, and diagnose crashes and stability issues).
  • Legitimate interests (to respond to support and privacy requests sent to support@habitao.app or privacy@habitao.app).
  • Consent (if required by applicable law for certain optional analytics features).

5) Analytics, crash reporting, ads, and tracking

We use PostHog analytics in the App to measure retention and improve features (see Section 3.3).

We use Sentry crash reporting and diagnostics in the App to monitor app health and fix bugs (see Section 3.4).

We do not run ads in the App.

We do not sell personal information.

We do not use third-party ad tracking or cross-app tracking.

If we add additional features that expand data collection (such as session replay, profiling, or user feedback widgets), this policy will be updated first.

6) Device backups (iCloud / computer backups)

If you enable device backups, your operating system may include App data in backups (such as iCloud or computer backups). Those backups are managed by Apple or your OS provider, not by us.

7) Data retention

We do not store your app content on our servers.

Third-party providers (Apple / RevenueCat / PostHog / Sentry) retain data according to their own retention policies and our configured settings, as needed for purchases, compliance, analytics, crash reporting, and fraud prevention.

8) Security

We take reasonable measures within the App to protect data stored on your device. No system is 100% secure, and we cannot guarantee absolute security.

9) Your choices and rights

Because we do not maintain user accounts or store your content on our servers:

  • You can typically delete your App data by deleting the App (and/or clearing storage in device settings where available).
  • Subscription management (cancel/renew) is handled in your Apple ID / App Store subscription settings.
  • If you have privacy questions, contact us at privacy@habitao.app.

10) Your data protection rights (EU/EEA)

Depending on your location, you may have rights to access, correct, delete, restrict, object to processing, and data portability.

Because Habitao does not store your habit content on our servers, we may have limited ability to access or delete app content beyond what you control on your device. For purchase or subscription data, Apple and RevenueCat handle much of this processing; for analytics or crash data, PostHog and Sentry may also be involved, depending on the request and the data available to us.

11) Complaints

If you are in the EU/EEA, you have the right to lodge a complaint with your local supervisory authority. In Bulgaria, this is the Commission for Personal Data Protection (CPDP).

12) International transfers

RevenueCat, Apple, PostHog, and Sentry may process data on servers in different countries. They use safeguards as required by applicable laws.

13) Children's privacy

The App is not intended for children under 13, and we do not knowingly collect personal information from children.

14) Changes to this Privacy Policy

We may update this policy from time to time. We will update the effective date and, if changes are material, provide notice in the App.

15) Contact

For privacy questions, contact us at privacy@habitao.app.

Developer: Ivelin Ivanov