Habitao app icon
Habitao
A simple & free daily habit tracker app

Habitao

Privacy Policy

Effective date: June 3, 2026

Habitao is designed to be privacy-friendly: no accounts, no advertising tracking, and your habit content stays on your device.

1) Overview

We built Habitao to respect your privacy:

  • No accounts or logins
  • No backend from us that stores your habit content
  • No advertising tracking
  • Your habit content is stored locally on your device

This policy explains what data we and our service providers process for subscriptions, payments, analytics, and crash reporting.

2) Data we collect

We do not operate our own backend that collects or stores your habit content.

The App stores your habit content (for example: habits, notes, completions, preferences, and settings) on-device.

We collect limited usage analytics through PostHog to understand how the App is used (see Section 3.3 and Section 5).

We collect limited crash and diagnostics data through Sentry to detect, investigate, and fix errors (see Section 3.4 and Section 5).

If you contact us at support@habitao.app or privacy@habitao.app, we receive your email address and message content so we can respond.

When you visit our website, our hosting and infrastructure providers may process basic request logs (such as IP address and user-agent) to deliver the site and protect it from abuse. We do not run analytics or advertising tracking.

3) Data processed by third parties (subscriptions, payments, analytics, crash reporting)

Even though we do not run a backend that stores your habit content, subscriptions, analytics, and crash reporting rely on third-party services:

3.1 Apple (In-App Purchase)

Purchases and subscriptions are processed by Apple. Apple may process purchase information (including payment method details) under Apple's own policies. We do not receive your full payment details.

3.2 RevenueCat (subscription management)

We use RevenueCat to manage subscriptions and entitlements (for example, to check whether Premium is active and to restore purchases). RevenueCat may process limited information such as:

  • an anonymous App User ID generated by the SDK;
  • purchase/entitlement status and transaction/receipt-related information;
  • device and technical information (for example, device identifiers, app version, and operating system);
  • IP address (commonly used for fraud prevention or region rules).

This information is used to operate subscriptions, prevent fraud, and provide purchase restoration.

3.3 PostHog (product analytics)

We use PostHog to understand how the App is used and to improve it. PostHog is configured with EU data residency. We do not use PostHog session replay, feature flags, experiments, or surveys.

PostHog may process:

  • event data we send (for example: onboarding completion, habit created, screen viewed, paywall viewed);
  • a pseudonymous device/app identifier (distinct_id);
  • device and app metadata (OS version, device model, app version, locale, time zone);
  • IP address and derived location (such as city/region/country) used for security and analytics.

We do not send your habit names, notes, or other habit content to PostHog.

3.4 Sentry (crash reporting and diagnostics)

We use Sentry to detect, investigate, and fix crashes, errors, and stability issues in the App.

Sentry may process:

  • error and crash data (for example: stack traces, exception messages, timestamps, and technical context associated with the failure);
  • device and app metadata (for example: OS version, device model/type, app version, release, environment, locale, and time zone);
  • diagnostic identifiers and event metadata used to group and investigate issues;
  • additional technical context generated by the SDK or our configuration, which can include request URLs, headers, breadcrumbs, or IP address.

We do not intentionally send your habit names, notes, or other habit content to Sentry.

If an unexpected error includes such information in technical context (for example in a stack trace, breadcrumb, URL, or log message), it could be transmitted as part of the error event.

4) Legal bases (GDPR)

Under GDPR, we rely on the following legal bases for limited processing:

  • Performance of a contract (to provide the App and purchased features, including restoring purchases).
  • Legitimate interests (to prevent fraud, maintain security, operate the App and site, understand how the App is used, and diagnose crashes and stability issues).
  • Legitimate interests (to respond to support and privacy requests sent to support@habitao.app or privacy@habitao.app).
  • Consent (if required by applicable law for certain optional analytics features).

5) Analytics, crash reporting, ads, and tracking

We use PostHog analytics in the App to measure retention and improve features (see Section 3.3).

We use Sentry crash reporting and diagnostics in the App to monitor app health and fix bugs (see Section 3.4).

We do not run ads in the App.

We do not sell personal information.

We do not use third-party ad tracking, cross-app tracking, data broker sharing, or tracking for targeted advertising.

If we add additional features that expand data collection (such as session replay, profiling, experiments, surveys, or user feedback widgets), this policy will be updated first.

6) Device backups (iCloud / computer backups)

If you enable device backups, your operating system may include App data in backups (such as iCloud or computer backups). Those backups are managed by Apple or your OS provider, not by us.

7) Data retention

We do not store your habit content on our servers.

Third-party providers (Apple / RevenueCat / PostHog / Sentry) retain data according to their own retention policies and our configured settings, as needed for purchases, compliance, analytics, crash reporting, and fraud prevention.

8) Security

We take reasonable measures within the App to protect data stored on your device. No system is 100% secure, and we cannot guarantee absolute security.

9) Your choices and rights

Because we do not maintain user accounts or store your habit content on our servers:

  • You can typically delete your App data by deleting the App (and/or clearing storage in device settings where available).
  • Subscription management (cancel/renew) is handled in your Apple ID / App Store subscription settings.
  • You can limit analytics and crash reporting by disabling network access for the App in your device settings, where your device supports that control.
  • If you have privacy questions, contact us at privacy@habitao.app.

10) Your data protection rights (EU/EEA)

Depending on your location, you may have rights to access, correct, delete, restrict, object to processing, and data portability.

Because Habitao does not store your habit content on our servers, we may have limited ability to access or delete app content beyond what you control on your device. For purchase or subscription data, Apple and RevenueCat handle much of this processing; for analytics or crash data, PostHog and Sentry may also be involved, depending on the request and the data available to us.

11) Complaints

If you are in the EU/EEA, you have the right to lodge a complaint with your local supervisory authority. In Bulgaria, this is the Commission for Personal Data Protection (CPDP).

12) International transfers

RevenueCat, Apple, PostHog, and Sentry may process data on servers in different countries. They use safeguards as required by applicable laws.

13) Children's privacy

The App is not intended for children under 13, and we do not knowingly collect personal information from children.

14) Changes to this Privacy Policy

We may update this policy from time to time. We will update the effective date and, if changes are material, provide notice in the App.

15) Contact

For privacy questions, contact us at privacy@habitao.app.

Developer: Ivelin Ivanov