Privacy Policy for Sei Habits

Effective Date: August 1, 2025

1. Introduction

This Privacy Policy describes how Individual Entrepreneur Arsenii Pomazkov ("we," "us," or "our") collects, uses, and protects your information when you use the Sei Habits mobile application (the "App").

The app collects minimal analytics data to help improve the app experience while protecting your privacy. We collect usage patterns, limited habit-related metadata, and standard analytics data through PostHog, which may include IP addresses for technical purposes. We do not collect the actual content of your personal reflections, planning details, or skip reasons.

2. Information We Collect

2.1 Information Stored Locally on Your Device

• Habit tracking data (habits, completion status, streaks)
• Mood entries and emotional reflections
• Personal notes and reflections about habits
• App preferences and settings
• Progress statistics and analytics

Your personal habit data, mood entries, and detailed reflections are stored locally on your device and are not accessible to us directly.

2.2 Analytics and Usage Data

We collect usage data through PostHog Analytics to improve the App. This data is minimized to protect your privacy:

App Usage Metrics:

• Session duration, app open/close patterns, time in background
• Page views (statistics, settings, habit details, affirmations)
• Tab interactions and feature usage patterns
• Onboarding progression and completion data

Limited Habit Information:

• Habit name lengths only (number of characters in habit names - we do not collect the actual names)
• Text lengths only for planning context (number of characters in your "when," "where," and "what helps" entries - we do not collect the actual content)
• Reminder times you set for habits (in HH:mm format)
• Completion patterns (completed, skipped, partially completed with quantities)
• Skip and reflection metadata (text length of notes and IDs of which predefined reasons/feelings you select - we do not collect your actual written content or custom item text)

Onboarding and Preferences:

• Selected struggle types and pain levels (1-10 scale)
• Life improvement goals you select during setup
• Theme preferences and settings changes
• Notification permission responses

Support and Feedback:

• Full content of support messages (support emails are forwarded to our inbox; we process the full text solely to assist you)
• Whether you access help features

Subscription and Paywall Data:

• Where paywalls are triggered and user responses
• Purchase success/failure events
• Current habit count when limits are reached

Habit Set Interactions:

• Which habit sets you view and select
• Set names, icons, and completion decisions
• Journey progress through habit sets

Limited Device Information:

• Operating system name and version only
• App locale and timezone
• All device identifiers, models, and manufacturers are explicitly removed

2.3 Support Communications

When you contact us through our support form:

• Email address (processed via EmailJS)
• Full support inquiry content (support emails are forwarded to our inbox; we process the full text solely to assist you)
• Device information relevant to your issue

2.4 App Store Data

• App Store reviews and ratings (managed by Apple)
• Download and installation data (managed by Apple)

3. Legal Basis for Processing (GDPR)

For EU/UK users, we process your data under the following legal bases:

4. How We Use Your Information

4.1 Analytics Data Usage

We use analytics data to:

• Improve app performance and user experience
• Understand feature usage patterns and optimize user flows
• Identify and fix bugs through crash reports and error logs
• Optimize onboarding processes by identifying drop-off points
• Analyze habit formation patterns in aggregate across users
• Improve coaching content based on which habit sets and suggestions work best
• Understand paywall effectiveness and subscription conversion
• Make data-driven product decisions about new features

Limited Metadata Analysis: We analyze usage patterns and metadata to:

• Identify common habit categories and themes in aggregate
• Improve our habit suggestion algorithms
• Develop better coaching prompts and support content
• Understand user needs and preferences

All analysis is done in aggregate to identify patterns across users, not to target individual users. We only analyze metadata such as text lengths, counts, and IDs of selected options - we do not collect or analyze any actual text content of your habits, planning details, skip reasons, reflection notes, or custom items you create.

4.2 Local Data Usage

Your locally stored data is used solely to:

• Provide habit tracking functionality
• Display your progress and statistics
• Send local notifications and reminders
• Maintain your app preferences

4.3 Support Data Usage

Support communications are used to:

• Respond to your inquiries and provide assistance
• Improve our support processes
• Resolve technical issues

5. Data Sharing and Third Parties

5.1 Third-Party Services

We use the following third-party services:

PostHog (Analytics):

• Purpose: Usage analytics and limited habit metadata
• Data processed: App usage data, text lengths (not content), selected predefined option IDs, custom item counts (not content), limited device information (OS name/version, locale, timezone only - all device identifiers are explicitly disabled)
• Location: Compliant with GDPR
• Privacy Policy: https://posthog.com/privacy

EmailJS (Support):

• Purpose: Processing support form submissions
• Data processed: Email content for support inquiries (support emails are forwarded to our inbox; we process the full text solely to assist you)
• Privacy Policy: https://www.emailjs.com/legal/privacy-policy/

RevenueCat (Subscriptions):

• Purpose: Managing subscriptions and purchases
• Data processed: Purchase and subscription data
• Privacy Policy: https://www.revenuecat.com/privacy/

SuperWall (Paywall):

• Purpose: Managing subscription prompts
• Data processed: Anonymous usage data for paywall optimization
• Privacy Policy: https://superwall.com/privacy

Apple App Store:

• Purpose: App distribution and payment processing
• Data processed: Purchase transactions, app downloads
• Privacy Policy: https://www.apple.com/privacy/

5.2 No Sale or Sharing of Personal Data

We do not sell, rent, or trade your personal information to third parties. We do not "share" your data for cross-context behavioral advertising purposes as defined under CCPA. PostHog and RevenueCat do not set cross-site identifiers for advertising purposes when processing data from our app.

All third-party SDKs include Apple-required privacy manifests and signatures.

5.3 Legal Requirements

We may disclose information if required by law, regulation, or legal process.

6. Data Security

6.1 Local Data Security

Your habit data remains on your device and is protected by:

• iOS device security features
• App sandbox protection
• Local device encryption (when enabled)

6.2 Analytics Data Security

Analytics data is transmitted using:

• Encrypted connections (HTTPS/TLS)
• Industry-standard security practices
• Regular security updates

All analytics and support data are encrypted at rest using AES-256.

7. Your Rights and Choices

7.1 Local Data Control

You have complete control over your locally stored data:

• Delete the app to remove all local data
• Reset app data through app settings ("Delete All Data" in settings)
• Export or backup data (if feature available)

7.2 Analytics Control

You can control analytics collection through the following methods:

In-App Settings:

• Navigate to Settings → Share Usage Data
• Toggle the switch to enable or disable analytics collection
• When disabled, no new analytics events will be sent to PostHog
• Existing analytics data will remain in PostHog unless you request deletion

Additional Options:

• Use iOS "Limit Ad Tracking" settings for additional privacy
• Contact us at arseniy.dev@icloud.com to request deletion of existing analytics data from PostHog
• Delete the app to stop all future data collection

7.3 Data Subject Rights

Universal Opt-Out Rights

Opt-Out of Targeted Advertising/Profiling:

• We honor Global Privacy Control (GPC) signals from your browser
• Toggle analytics off in Settings → Share Usage Data
• We do not engage in targeted advertising or profiling

7.4 Data Subject Rights (GDPR/CCPA/Other State Laws)

For EU/UK Users (GDPR):

You have the right to:

• Access your personal data held by PostHog
• Rectify inaccurate personal data
• Erase your personal data ("right to be forgotten")
• Restrict processing of your personal data
• Data portability (receive your data in a portable format)
• Object to processing based on legitimate interests
• Withdraw consent at any time
• Not be subject to automated decision-making (we do not make automated decisions that produce legal effects)
• Lodge a complaint with your local Data Protection Authority or the Georgian National Data Protection Service

For UK Users (Data Use and Access Act 2025, effective June 19, 2025):

• You may first complain directly to us at arseniy.dev@icloud.com
• We will respond to your complaint within 30 days
• You retain the right to complain to the UK Information Commissioner's Office (ICO)

For California Users (CPRA/CCPA):

You have the right to:

• Know what personal information is collected about you
• Delete personal information held about you
• Correct inaccurate personal information
• Opt-out of the "sale" or "sharing" of personal information (we don't sell or share data)
• Limit use of sensitive personal information (we don't collect sensitive PI)
• Non-discrimination for exercising your privacy rights

Notice at Collection: When you first launch the app, we display a notice summarizing data collection practices with a link to this full policy.

For Users in Other US States (Virginia, Colorado, Connecticut, Utah, Iowa, New Jersey, Tennessee, Texas, Delaware, Oregon, Montana, Minnesota):

You have similar rights including:

• Access your personal data
• Delete your personal data
• Correct inaccurate data
• Data portability (where applicable)
• Opt-out of targeted advertising/profiling (we don't engage in these practices)

To exercise these rights:

1. Contact us at arseniy.dev@icloud.com
2. We will coordinate with PostHog to fulfill your request
3. You may also contact PostHog directly through their privacy request process

Response time: We will respond to your request within 30 days (GDPR) or 45 days (CCPA/CPRA).

Complaint Routes:

• EU/EEA: Your local Data Protection Authority
• UK: Information Commissioner's Office (ico.org.uk)
• Canada: Office of the Privacy Commissioner of Canada (priv.gc.ca)
• Australia: Office of the Australian Information Commissioner (oaic.gov.au) - we commit to responding within 30 days
• California: California Privacy Protection Agency (cppa.ca.gov)

8. Data Retention

8.1 Local Data

Local data remains on your device until you:

• Delete the app
• Reset app data through settings
• Manually delete specific entries

8.2 Analytics Data

Data Categories and Retention Periods:

PostHog Analytics: Auto-deleted after 365 days

Other services:

• RevenueCat: Subscription data retained for billing compliance (typically 7 years)
• Support emails: Deleted after resolution (1-2 years)
• EmailJS: Temporary processing only

Data deletion: Deleting the app does not delete your analytics data from PostHog. To request deletion of your analytics data from PostHog, contact us at arseniy.dev@icloud.com.

9. Children's Privacy

The App is intended for users 13 years of age and older. We do not knowingly collect personal information from children under 13.

If we discover we have collected information from a child under 13, we will:

• Delete the information immediately from our systems
• Request deletion from PostHog analytics
• Maintain logs of age verification for COPPA compliance

UK Age-Appropriate Design: For UK users likely to be under 18, analytics collection defaults to OFF. We maintain a Data Protection Impact Assessment (DPIA) documenting our age-appropriate design measures.

10. International Data Transfers

As we use third-party services that may process data internationally, your data may be transferred to and processed in countries other than your own.

Transfer Mechanisms:

• PostHog: EU-US Data Privacy Framework and Standard Contractual Clauses (SCCs)
• RevenueCat: Standard Contractual Clauses (SCCs)
• EmailJS: Standard Contractual Clauses (SCCs)

Canadian Users: Your data may be stored and processed outside Canada. We ensure appropriate contractual protections are in place with our service providers.

Australian Users: Your data may be transferred overseas. We take reasonable steps to ensure overseas recipients comply with Australian Privacy Principles.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

• Posting the updated policy in the App
• Updating the "Effective Date" at the top of this policy

12. Complete Data Collection Summary

Data We Collect:

Personal Information:

• Onboarding selections (struggle types, pain levels, life goals)
• Email address (for support only)

Usage Analytics:

• App usage patterns and session data
• Feature interactions and page views
• Habit completion patterns and statistics
• IDs of selected predefined options (reasons, feelings, etc.)
• Counts of custom items created (but not their text content)
• Text lengths only (not content) for habit names, planning details, skip notes, and reflections
• Support message length in analytics (support emails are forwarded to our inbox; we process the full text solely to assist you)
• Limited device information (operating system name/version, app locale, and timezone only)

Technical Data Collected by PostHog:

• Limited device information (operating system name/version only - all device identifiers, models, and manufacturers are explicitly removed)
• Usage data (page URLs, referrer information, session data)
• IP addresses collected by PostHog for technical and security purposes (not used for individual tracking)

Data We DO NOT Collect:

• Habit names: We only collect the length of habit names, not the actual text
• Personal planning content: The actual text of your "when," "where," and "what helps" entries
• Skip notes content: Your actual written reasons for skipping habits
• Reflection content: The actual text of your personal reflections and thoughts
• Custom item content: The actual text of custom reasons/feelings you create
• Personal contact information: Names, phone numbers, physical addresses (unless you provide via support)
• Unique device identifiers: No IDFA, advertising IDs, device fingerprinting, or any device-specific identifiers (PostHog's $device_id and device model tracking are explicitly disabled)
• Location data: No GPS coordinates or direct geographic data collection (IP addresses collected by PostHog may reveal approximate location)
• Health data: No integration with HealthKit or health metrics
• Screenshots or screen recordings
• Contacts or social connections
• Financial information: No credit card or payment details

Data Usage

All collected data is used exclusively for:

• Understanding user behavior patterns to improve the app
• Identifying and fixing technical issues
• Optimizing onboarding and user experience
• Making data-driven product decisions
• Providing customer support

13. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at:

This Privacy Policy was last updated on August 1, 2025