Privacy Policy
Last updated: April 9, 2026
HabitBreaker (“we”, “us”, or “our”) is committed to protecting your privacy. This policy explains what data we collect, why we collect it, and how we keep it safe.
1. Information We Collect
We collect: (a) account data — your email, name, and username when you register; (b) health and behavioural data — daily mood, urge level, stress, sleep hours, free-text notes, relapse logs, and your stated reason for change; (c) AI Mentor messages you type in the SOS chat; (d) a push notification token if you grant permission; (e) basic technical data such as device type and app version. We do not collect precise location.
2. How We Use Your Information
Your data is used to: provide and personalise the App; generate AI-powered check-in feedback and daily motivation; compute your daily risk score; send optional daily check-in reminders; diagnose errors and improve the Service. We do not use your health or behavioural data for advertising.
3. AI Mentor (SOS Chat)
Messages you type in the AI Mentor chat are sent to OpenAI's API over an encrypted connection to generate a response. Conversations are also stored in our database. OpenAI processes these messages under their own Privacy Policy. We have opted out of OpenAI's data-training for API usage.
4. Third-Party Services
We use: Supabase (database and authentication), OpenAI (AI Mentor), Expo (push notifications), and Google (Sign-In via OAuth). None of these providers receive your health data beyond what is strictly necessary to operate the feature.
5. Data Sharing
We do not sell, rent, or trade your personal information. We share data only with the service providers listed above, or if required by law. Community content (testimonials, comments) you post is visible to other users — only your first name and last initial are shown publicly.
6. Data Security
All data is transmitted over TLS (HTTPS). Passwords are never stored in plain text — authentication is handled by Supabase Auth with bcrypt hashing. Database access is protected by Row-Level Security so users can only access their own records.
7. Data Retention & Deletion
We retain your data for as long as your account is active. You can delete your account from Settings inside the App or by visiting our account deletion page. All personal data is permanently deleted within 30 days of an account deletion request.
8. Your Rights
You have the right to access, correct, export, or delete your personal data. You may also withdraw consent for push notifications through your device settings at any time. To exercise any other right, email habitbreaker531@gmail.com.
9. Children's Privacy
The App is not intended for children under 16 (or 13 where applicable). We do not knowingly collect personal information from children. If you believe a child has provided data, contact us and we will delete it promptly.
10. Changes to This Policy
We may update this Privacy Policy. We will notify you of significant changes through the App or by email. Continued use after changes constitutes acceptance of the updated policy.
11. Contact
For questions or data requests, contact us at habitbreaker531@gmail.com.