Introduction
Habie ("the App") is a wellness journaling app that weaves your daily sleep, body signals, emotions, and thoughts into a single timeline — helping you build a richer understanding of yourself.
At the heart of Habie is a simple belief: the things you'd never post are the things that matter most. Your most personal data — your body's record, your feelings, your journal — exists only for you. We will never use it for advertising. We will never sell it to anyone.
This Privacy Policy explains, clearly and honestly, what information Habie collects, how we use it, and how we protect it.
What's new in v1.0 (English)
- First English-language version of the Habie Privacy Policy.
- Fully aligned with Japanese version 3.1 (April 13, 2026).
- Reworded for English-native readability while preserving all legal and operational substance.
1Who We Are
| Service Name | Habie |
|---|---|
| Operator | Habie (sole proprietorship; Japanese corporation in setup) |
| Contact | support@habieapp.com or in-app Settings → Feedback |
| Website | https://habieapp.com |
A Japanese limited liability company (合同会社) is currently being established. We will update this policy when the entity is registered.
2What Data We Collect
2-1. HealthKit and Apple Watch Data
We only access the following data after you explicitly grant HealthKit permission.
| Data Type | What It Includes | Why We Use It |
|---|---|---|
| Sleep | Duration, stages (Deep / REM / Core), efficiency | To calculate your Sleep Score |
| Heart Rate Variability (HRV) | RMSSD values measured by Apple Watch | To calculate your Energy Score |
| Resting Heart Rate | Morning resting heart rate | To calculate your Energy Score |
| Workouts | Type, duration, calories, heart rate zones | Energy Score and timeline display |
| Steps | Daily step count | Energy Score and timeline |
| Body Weight (optional) | Weight data registered in HealthKit | Reserved for future features (currently read-only) |
| Blood Oxygen / SpO2 (optional) | Apple Watch measurements | Sleep Score support (compatible models only) |
Important: Raw values from HealthKit (such as the raw RMSSD value of your HRV) are converted into 0–100 scores by Habie's algorithms on your device. The raw numbers themselves are never sent outside your device.
We will never use HealthKit data for:
- Advertising or marketing
- Sharing with data brokers
- Storage on any cloud other than what is described in this policy (in particular, no storage on iCloud)
2-2. Data You Enter
| Data Type | What It Includes |
|---|---|
| Diary and text memos | Free-form journal entries, Micro Journals, memos |
| Photos | Photos you add to your timeline (optional) |
| Emotion tags | Tags selected during Night Reflection |
| Checklists | Habits and tasks you create |
| Night Reflection | Evening reflection narratives and emotion scores |
| Morning Insight | Morning mood and comments (including AI-generated narratives) |
2-3. Calendar Data (EventKit)
Habie asks for permission to access the standard Apple Calendar app.
- What we read: Event titles and times only.
- What we do not read: Event body text, attendee information, attachments, meeting URLs.
- Why: To personalize your Morning Insight and Night Reflection (e.g., "you have a meeting with X today").
2-4. Account and Authentication Data
| Data Type | Details |
|---|---|
| Apple ID (Sign in with Apple) | Authentication identifier |
| Google Account (Sign in with Google) | Same as above |
| User ID (internal Supabase) | A UUID used to link your data within the app |
| Settings | Timezone, notification settings, AI consent state |
2-5. Anonymous Product Analytics
To improve the app, catch bugs early, and understand how features are used, Habie collects anonymized usage statistics.
What we collect:
| Data Type | What It Includes |
|---|---|
| Anonymous install ID | A random UUID generated on first launch (contains no personally identifiable information) |
| Event types | Event names like screen views, button taps, feature completions (e.g., morning_insight_viewed, night_reflection_completed) |
| Event metadata | Non-sensitive metadata associated with events (e.g., character count of a journal entry — never the content itself) |
| Session info | App launch and close times, session duration |
| Environment info | iOS version, app version, device type (no device-level identification) |
What we never send through analytics:
- Diary or memo content
- Specific emotion tag selections
- Raw HealthKit values (HRV, heart rate, sleep duration, etc.)
- Photo image data or photo IDs
- Specific calendar event content
- Names, email addresses, Apple IDs, or any personally identifiable information
- GPS or precise location data
Your choice:
- During onboarding, we explicitly tell you what's being collected.
- Analytics is enabled by default, but you can turn it off anytime under Settings → Privacy → Help Improve Habie.
- Turning it off does not affect any app functionality.
2-6. Attribution (UTM Parameters)
TestFlight invitation links and referral links may include UTM parameters (e.g., utm_source=twitter) to identify how users find us.
- Why: To understand where new users come from (for product improvement and marketing analysis).
- What we collect: UTM parameters only (
utm_source,utm_medium,utm_campaign,utm_content,utm_term). - What we do not collect: Advertising identifiers (IDFA), per-user behavioral tracking.
UTM data is linked to the anonymous install ID described in §2-5. We do not collect IDFA or any other advertising tracking identifier.
2-7. Crash and Error Data
- Crash reports (error type and location)
- App version information
- No advertising tracking identifier (IDFA) is collected.
3Where Data Is Stored
All data is stored on Supabase (PostgreSQL).
| Table | Contents |
|---|---|
profiles | User profile, timezone, settings, deletion request timestamp (deleted_at) |
sleep_logs | Sleep data and Sleep Score |
energy_scores | Energy Score and HRV-derived sub-scores |
diary_entries | Diary text |
memos | Memos |
micro_journals | Micro Journals (short emotion logs) |
morning_insights | Morning Insight narratives |
night_reflections | Night Reflection narratives and emotion tags |
workout_logs | Workout records |
calendar_events | Calendar events (title and time only) |
photo_entries | Photo metadata (file path and timestamp) |
checklist_items | Checklists and habits |
user_settings | AI consent state, analytics consent state, app settings |
user_installs | Anonymous install ID and UTM data (related to §2-5 / §2-6) |
events | Anonymous analytics events (related to §2-5, linked to install ID) |
Security:
- Row Level Security (RLS) is applied to every table — only you can access your own data.
- All connections to the database use TLS (SSL) encryption.
- HealthKit raw data is processed on-device only. Only computed scores are stored on Supabase.
- No personal health data is stored on iCloud (in compliance with Apple Guideline 5.1.3(ii)).
4AI Processing (Third-Party AI Services)
Habie uses external AI services to generate narratives and weekly summaries.
4-1. AI Services We Use
| Service | Provider | What It Powers |
|---|---|---|
| OpenAI API (GPT-4o mini) | OpenAI, L.P. (USA) | Morning Insight and Night Reflection narrative generation |
| OpenAI API (text-embedding-3-small) | OpenAI, L.P. (USA) | Vector embeddings for semantic search of diary and memos |
| Anthropic API (Claude) | Anthropic, PBC (USA) | Weekly aggregated usage summary for product improvement (§4-5) |
4-2. Data Sent to AI (Morning Insight / Night Reflection)
Sent to OpenAI for Morning Insight:
- Sleep Score (the computed score)
- Energy Score (computed score and tier)
- Previous day's diary and memo text (what you wrote)
- Calendar event titles and times
- Emotion tags and Night Reflection summary
Sent to OpenAI for Night Reflection:
- Energy Score (computed)
- HRV trend direction (score and trend only — never raw RMSSD values)
- Calendar event titles and times
- The day's diary and memo text
Sent to OpenAI for embeddings (semantic search):
- Diary, memo, and Micro Journal text (used to create searchable vector representations)
4-3. How OpenAI Handles Your Data
- Under OpenAI's API policy, data sent through the API is not used to train AI models.
- OpenAI retains submitted data for up to 30 days for safety review purposes.
- For more details, see the OpenAI Privacy Policy.
Please note: Data retained by OpenAI is outside Habie's control and cannot be deleted by us. Please understand this before enabling AI features.
4-4. Consent and Control for AI Features
- Before you use any AI feature for the first time, a consent modal explicitly shows what data will be sent.
- Consent is collected separately for each feature (Morning Insight and Night Reflection are independent).
- You can withdraw consent anytime under Settings → Privacy → AI Concierge.
- Turning off AI features does not affect basic features like journaling and viewing your scores.
4-5. Weekly Summary Generation (Anthropic Claude API)
Once a week, Habie's operations team uses the Anthropic Claude API to summarize aggregated, anonymized usage statistics for product improvement.
Sent to Claude API:
- Aggregate numbers (weekly active users, feature usage rates, retention rates, etc.)
- Never individual user data, diary content, emotion tags, or anything similar.
How Anthropic handles this data:
- Under Anthropic's API policy, data sent through the API is not used to train AI models.
- Anthropic retains submitted data for up to 30 days for safety review purposes.
- For more details, see the Anthropic Privacy Policy.
5MCP Integration (External AI Assistants)
Habie functions as your Personal Context Layer — providing your state safely to external AI assistants like Claude and ChatGPT through Model Context Protocol (MCP) integration. (This is a Phase 4 feature.)
5-1. What's Shared Through MCP
Only processed and abstracted data is shared with external AI assistants.
Shared (Tier A/B):
- Computed scores (Sleep Score, Energy Score)
- Natural-language interpretations of scores (e.g., "good recovery, moderate energy")
- Emotion tags and habit logs
- Diary text (only when you explicitly allow it)
- HRV trend direction (7-day moving average direction only)
Never shared (Tier C):
- Raw HRV values (RMSSD/SDNN in milliseconds)
- Raw heart rate time series
- Raw sleep samples (HKCategorySample)
- Raw blood oxygen values
- Precise GPS location
- Device identifiers
5-2. Consent and Control for MCP
- Connecting through MCP requires your explicit approval via the OAuth 2.0 PKCE flow.
- The consent screen clearly shows which data categories will be shared.
- You can revoke any connection anytime under Settings → Connected AI Assistants.
- MCP access tokens are valid for up to 90 days. Reauthorization is required after expiration.
- Deleting your account immediately revokes all MCP access tokens.
5-3. MCP Connection Logs
We record the following information about MCP connections:
- Connected AI service name
- Granted permission scopes
- Consent timestamp and version
- Token expiration
- Aggregate MCP tool call counts (never the specific input/output content)
6How We Use Your Data
We use collected data only for the following purposes:
| Purpose | Data Used |
|---|---|
| Calculating Sleep Score and Energy Score | HealthKit-derived data |
| Generating Morning Insight and Night Reflection | Scores, diary, calendar |
| Displaying your timeline | All recorded data |
| Semantic search | Diary, memo, Micro Journal text |
| Product improvement, bug fixing, feature optimization | Anonymous analytics (§2-5), UTM data (§2-6), crash reports |
| Weekly operations report | Aggregated, anonymized statistics only (§4-5) |
| Providing context to external AI assistants | Only via MCP, only within consented scope |
We will never use your data for:
- Ad targeting
- Behavioral data mining
- Sale to data brokers
- Selling user data
- Training AI models
7Sharing With Third Parties
We share data only with:
| Recipient | Purpose | Basis |
|---|---|---|
| OpenAI, L.P. | AI narrative generation, embeddings | Your explicit consent |
| Anthropic, PBC | Weekly aggregated usage summary (no personal data) | For product improvement |
| External AI assistants (via MCP) | Processed context information | Your OAuth approval |
No other third party receives your data.
We do not share your data with anyone except in response to legally binding requests (such as court orders). If we are required to disclose data, we will notify you to the extent legally permitted.
8Data Retention
| Data Type | Retention Period | How It's Deleted |
|---|---|---|
| All user data (diary, scores, photos, etc.) | Permanently deleted 30 days after account deletion request | Access is blocked immediately on the app side. If you sign in with the same account within 30 days, you'll be offered the option to restore. |
| Calendar events (synced data) | Same as above | Same as above |
| Anonymous analytics (§2-5) | Up to 13 months (for seasonal analysis) | New transmissions stop after opt-out |
| UTM data (§2-6) | Same period as install ID | Same as above |
| Data sent to OpenAI / Anthropic | Up to 30 days, on each provider's side | Outside Habie's control (governed by each provider's policy) |
| MCP tokens | Until expiration (max 90 days) | Revocable from settings anytime; immediately revoked on account deletion |
| Crash reports | 90 days | Auto-deleted |
About account deletion and external AI retention:
After you delete your account, your data is permanently removed from Habie's servers within 30 days. However, as noted in §4-3 and §4-5, OpenAI and Anthropic each retain transmitted data for up to 30 days under their own policies — these are outside Habie's control. In total, complete deletion of all traces of your data may take up to approximately 60 days.
9Your Rights
Habie guarantees you full control over your own data.
| Right | How to Exercise It |
|---|---|
| Export your data | Settings → Data Management → Export (ZIP format) |
| Delete your account completely | Settings → Account → Delete Account (recoverable within 30 days by signing back in) |
| Withdraw AI feature consent | Settings → Privacy → AI Concierge |
| Opt out of anonymous analytics | Settings → Privacy → Help Improve Habie |
| Disconnect MCP | Settings → Connected AI Assistants |
| Photo privacy | Long-press to delete / Settings → Photo Privacy |
| Stop calendar sync | Settings → Calendar Integration → Off |
Account deletion flow:
- Tapping "Delete Account" immediately blocks app-side access (soft delete).
- Your data is held on Habie servers for 30 days.
- If you sign in with the same account (Apple ID / Google) within 30 days, you can choose to restore your data or start fresh.
- After 30 days, all data is automatically and permanently deleted (no recovery possible).
- For questions or special requests, please reach out to support@habieapp.com.
10Children's Privacy
Habie is not intended for users under the age of 13. If we learn that someone under 13 is using Habie, we will promptly delete the account.
11Changes to This Policy
If we change this policy, we will notify you in-app or by email. For material changes (such as adding new data categories or changing third-party recipients), we will request your consent again.
12Apple Compliance
Habie is designed in compliance with the Apple App Store Review Guidelines and related rules.
- HealthKit data is never used for advertising or marketing (Guideline 5.1.3(i))
- HealthKit data is never stored on iCloud (Guideline 5.1.3(ii))
- Explicit consent is collected before sending data to third-party AI (Guideline 5.1.2(i), enforced November 2025)
- Sign in with Apple is implemented (Guideline 4.8)
- Account deletion is provided (Guideline 5.1.1(v), with a 30-day recovery window)
- All Privacy Nutrition Labels are declared (App Store Connect requirement)
- A transparent UI is provided for analytics collection (§2-5, with opt-out)
13International Users and Local Laws
This policy is governed primarily by Japanese law (see §14 of the Terms of Service). However, Habie respects local privacy laws where users reside.
- Users in the EU/EEA, UK, and Switzerland: Where GDPR applies, you may have rights of access, correction, deletion, portability, and objection. Most of these are already supported through the in-app controls in §9. For additional requests, contact support@habieapp.com.
- Users in California (USA): Where the CCPA/CPRA applies, you may have rights to know, delete, and opt out of "sale" of personal information. Habie does not sell personal information.
- Other regions: Local consumer protection and privacy laws may apply to your use of Habie.
We are working toward fuller compliance with regional regulations as Habie expands. If you have a specific concern about your jurisdiction, please contact us.
14Contact
For questions or requests regarding this policy, please reach out:
- Email: support@habieapp.com
- In-app: Settings → Feedback