Diggt Habit - Privacy Policy

Last updated: 2025-12-29

1. Information We Collect

We collect the following information to provide and improve our services:

Account Information (Stored Locally):

  • Email address
  • Name
  • Phone number (optional)
  • Profile image (if uploaded)
  • Email verification status
  • Subscription type and status
  • Trial information (start date, expiration)
  • Last active timestamp
  • Account creation and update timestamps

Habit Data (Stored Locally):

  • Habit titles and descriptions
  • Habit colors and icons
  • Habit frequency settings
  • Target completion counts
  • Reminder times
  • Habit status (active/inactive)
  • Habit type (positive/negative)
  • Daily completion records with timestamps
  • Completion notes
  • Streak information (current, longest, total completions)
  • Habit goals and progress

Task Data (Stored Locally):

  • Task titles and descriptions
  • Task priorities
  • Task completion status
  • Task subtasks
  • Task creation and completion timestamps

Analytics Data - Backend (Sent to AWS S3):

Always Tracked (Required):

  • Anonymous user ID (hash-based, cannot identify you)
  • Login events (timestamp, platform: iOS/Android)
  • Account creation events (timestamp, platform)

Opt-In Analytics (You can disable in Privacy Settings):

  • Habit creation events (anonymous user ID, habit type, time of day, timestamp)
  • Habit completion events (anonymous user ID, habit type, time of day, timestamp)

Analytics Data - Local (Stored on Device Only):

  • Screen views (which screens you visit, timestamps)
  • App usage events (app opens, feature usage, timestamps)
  • User properties (subscription status, active habits count, etc.)
  • Local analytics user ID

Device Information:

  • Platform (iOS/Android)
  • Device operating system version
  • App version

Payment Information:

  • Subscription purchase confirmations (processed by Apple/Google)
  • We do NOT store credit card information
  • Payment processing handled entirely by Apple/Google

2. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our services
  • Process transactions and send related information
  • Send technical notices, updates, and support messages
  • Respond to your comments and questions
  • Provide customer service
  • Monitor and analyze trends and usage
  • Verify email addresses to ensure account security and prevent fraud
  • Send one-time password (OTP) emails for email verification purposes
  • Send emails to your registered email address for account-related communications, including but not limited to:
    • Email verification and account security
    • Important service updates and notifications
    • Support and customer service communications
    • Transaction confirmations and subscription-related information
    • Weekly performance summaries (if enabled in settings)

Weekly Performance Emails:

  • If you opt-in to weekly emails, you will receive a weekly summary every Monday
  • Weekly emails include your habit completion statistics, active days, and performance insights
  • Weekly emails are only sent to verified email addresses
  • You can unsubscribe from weekly emails anytime in Privacy Settings or via the unsubscribe link in each email
  • Weekly email preferences are stored locally on your device and synced to our backend

3. Information Sharing

We do not sell, trade, or otherwise transfer your personal information to third parties without your consent, except:

  • To comply with legal obligations
  • To protect our rights and safety
  • With service providers who assist us in operating our app (under strict confidentiality agreements)
  • In connection with a business transfer or acquisition

4. Data Storage and Security

Local Storage (Your Device):

  • All account, habit, and task data is stored locally on your device using SQLite database
  • Local analytics data is stored in device preferences
  • Data is encrypted at rest by your device's operating system
  • You have full control over local data - you can export or delete it anytime

Backend Storage (AWS S3):

  • Anonymous analytics events are sent to AWS S3 for aggregated statistics
  • User profile data (email, name, subscription information) is synced to AWS S3 for account management and analytics purposes
  • All data is encrypted in transit (HTTPS) and at rest
  • Data is stored with date-based organization for analysis
  • Access is restricted to authorized backend services only
  • You can request deletion of your backend data at any time (see section 8 for details)

Email Verification (AWS SES):

  • Email addresses are verified using one-time passwords (OTPs) sent via AWS Simple Email Service (SES)
  • OTPs are temporary and expire after 10 minutes
  • OTPs are stored locally on your device and deleted after use or expiration
  • Email addresses are only used for account verification and communication
  • We do not share email addresses with third parties

Weekly Email Service (AWS SES):

  • Weekly performance emails are sent via AWS Simple Email Service (SES)
  • Weekly emails are opt-in and can be disabled anytime
  • Email content includes aggregated analytics from your anonymous user ID
  • No personal habit details are included in weekly emails
  • Unsubscribe links are included in every weekly email

Security Measures:

  • All API requests use HMAC signature authentication
  • Anonymous user IDs are hash-based and cannot be reversed
  • No personal identifiers are transmitted in analytics events
  • Email verification ensures legitimate email addresses and prevents fraud
  • Regular security audits and updates

5. Health Data

If you choose to sync with Apple Health (iOS) or Health Connect/Google Fit (Android):

Health Connect (Android) - Permission Explanation:

READ_STEPS Permission (Essential):

  • Purpose: Automatically sync daily step counts to your "Daily Steps" habit
  • Usage: Updates habit completion status based on step goals, tracks step streaks
  • User Benefit: No manual entry required, accurate step tracking from device or fitness tracker
  • Data: Step counts only, processed locally, never shared
  • Why Essential: Core habit tracking functionality - steps are a fundamental metric for daily activity habits
  • Note: This is the only Health Connect permission requested by the app, as it is essential for the core feature of automatic step tracking. Other health data (heart rate, calories, distance, workouts) can be tracked manually within the app.

General Health Connect Information:

  • All health data is processed locally on your device
  • We do not share health data with third parties
  • You can revoke Health Connect permissions at any time through your device settings or the Health Connect app
  • Health Connect data is stored locally on your device and is not transmitted to our servers

Apple Health (iOS):

  • We only read health data you explicitly authorize
  • Health data is processed locally on your device when possible
  • We do not share health data with third parties
  • You can revoke health data access at any time through your device settings

6. Subscription and Payment Data

Subscription and payment processing is handled by Apple (iOS) or Google (Android):

  • We do not store credit card information
  • Payment data is processed securely through Apple/Google
  • We only receive confirmation of successful transactions
  • Subscription management is handled through your App Store/Google Play account

7. Data Retention

We retain your information for as long as necessary to provide our services and as required by law:

  • Account data: Until you delete your account
  • Habit tracking data: Until you delete your account
  • Analytics data: Up to 2 years
  • Legal compliance: As required by applicable laws

8. Your Rights

You have the right to:

  • Access your personal information
  • Correct inaccurate data
  • Delete your account and data
  • Export your data
  • Opt out of certain data processing
  • Withdraw consent for health data sharing

How to Request Data Deletion - Diggt Habit

You can delete your account and all associated data directly from within the Diggt Habit app at any time.

Steps to Delete Your Data:

  1. Open the Diggt Habit app on your device
  2. Navigate to Settings (tap your profile icon in the top right corner)
  3. Go to Privacy Settings
  4. Scroll down to the "Delete Account" section
  5. Tap "Delete Account"
  6. Review what will be deleted and confirm your understanding
  7. Enter your confirmation and tap "Delete My Account"

What Data Will Be Deleted:

When you delete your account, the following data will be permanently deleted from your device:

  • Account Information: Your name, email address, phone number, profile image, and all account settings
  • Habit Data: All habits, habit entries, streaks, goals, and progress tracking data
  • Task Data: All tasks, subtasks, and task completion records
  • Local Analytics: All app usage data stored on your device
  • Notification Preferences: All reminder and notification settings
  • App Preferences: Theme settings, privacy settings, and all customizations

What Data May Be Retained:

The following data may be retained for legal or operational purposes:

  • Anonymous Analytics Data: Aggregated, anonymized analytics events stored in our backend (AWS S3) may be retained for up to 2 years for statistical analysis. This data cannot identify you personally as it uses anonymous user IDs.
  • User Profile Data in Backend: If your user profile was synced to our backend (AWS S3), it may remain stored there. To request deletion of backend data, please contact us at [email protected] with your account email address.
  • Legal Compliance: We may retain certain data as required by applicable laws, regulations, or legal proceedings.

Additional Retention Period:

  • Backend Analytics: Anonymous analytics events are retained for up to 2 years for aggregated statistical analysis
  • Backend User Profiles: User profile data in backend storage is retained until you request deletion or until your account is inactive for 3 years
  • Legal Requirements: Data required for legal compliance may be retained as mandated by applicable laws

Request Backend Data Deletion:

If you need to request deletion of data stored in our backend systems (AWS S3), please contact us at:

  • Email: [email protected]
  • Subject: "Data Deletion Request - Diggt Habit"
  • Please include your account email address in your request

We will process your request within 30 days and confirm when your data has been deleted.

⚠️ Important:

Account deletion is permanent and cannot be undone. Once deleted, you will lose access to all your habits, progress, and data. Make sure you want to proceed before confirming deletion.

9. Children's Privacy

Our service is not intended for children under 13. We do not knowingly collect personal information from children under 13. If we learn that we have collected personal information from a child under 13, we will delete that information immediately.

10. International Users

If you are accessing our services from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States where our servers are located.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. You are advised to review this Privacy Policy periodically for any changes.

12. Contact Us

If you have any questions about this Privacy Policy, please contact us at:

← Back to Home