Habitude

Privacy Policy

Last updated: June 11, 2026

1. Who we are

Habitude is operated by HabitTracker. HabitTracker is the data controller for personal data processed in connection with the Service.

2. What personal data we collect

  • Account data: email address, display name, hashed password (or OAuth identifier if you sign in with Google).
  • Product data: habits you create, completion records, notes, badges, and preferences.
  • Support messages: any messages you send us.
  • Usage and telemetry: device type, browser, approximate location derived from IP, pages visited, errors.
  • Device identifiers and IP address for security and abuse prevention.

3. Why we use your data and our legal basis

  • Provide the Service (account creation, storing your habits, syncing across devices) — performance of our contract with you.
  • Customer support — performance of contract and our legitimate interest in helping you.
  • Security and fraud prevention — our legitimate interest and legal obligations.
  • Product improvement (aggregated usage analytics) — our legitimate interest.
  • Service communications (transactional emails about your account) — performance of contract.

Payment-related data (card details, billing address) is collected and processed directly by Paddle as the Merchant of Record and is not stored by us.

4. Who we share data with

  • Service providers / subprocessors for hosting, database, authentication, error monitoring, and analytics.
  • Paddle.com — our Merchant of Record — for sale of the product, subscription management, payments, tax compliance, and invoicing.
  • Professional advisers (e.g. legal, accounting) where strictly necessary.
  • Authorities where required by law or to protect rights and safety.

We do not sell your personal data.

5. International transfers

Our service providers may process data outside your country, including in the United States and the European Economic Area. Where data is transferred outside the UK/EEA, we rely on appropriate safeguards such as Standard Contractual Clauses or adequacy decisions.

6. How long we keep data

We keep account and habit data for as long as your account is active. If you delete your account, we delete or anonymise personal data within a reasonable period, except where we are required to retain it for legal, tax, or fraud-prevention purposes.

7. Your rights

Depending on where you live, you may have the right to access, correct, delete, restrict, or port your personal data, to object to processing, and to withdraw consent. In the UK/EEA you also have the right to lodge a complaint with your supervisory authority. We respond to verified requests within one month.

8. Security

We use appropriate technical and organisational measures to protect your data, including encryption in transit, access controls, row-level security on our database, and regular security reviews. No system is perfectly secure, but we work continuously to reduce risk.

9. Cookies

We use essential cookies and similar technologies to keep you signed in and to keep the Service working. We may use limited analytics cookies to understand usage. You can manage cookie preferences in your browser settings.

10. Contact

For privacy questions or to exercise your rights, contact HabitTracker through the in-app support channel. For payment-related privacy questions, contact Paddle at paddle.net.