Privacy Policy

Last updated: June 2, 2026

AstroHabit ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the AstroHabit mobile application ("App"). Please read this policy carefully. If you disagree with its terms, please discontinue use of the App.

1. Information We Collect

Account Information: When you register, we collect your email address, display name, and authentication credentials (managed by Firebase Authentication).

Profile Data: Age, gender, height, weight, target weight, and focus window preferences you optionally provide to personalise your experience.

Health & Fitness Data: Sleep hours, mood, energy level, water intake, weight logs, and step count data synced from Apple HealthKit — only when you explicitly grant permission.

Task & Productivity Data: Tasks, missions, goals, and calendar entries you create within the App.

Financial Data: Budget entries, income, expenses, account balances, and spending categories you log within the App. This data is stored solely in your personal Firebase account and is never shared with third parties or used for advertising.

Food & Nutrition Data: Food photos you submit for AI analysis and manually entered food entries. Images are sent to Google Gemini for real-time analysis and are not stored on our servers.

Workout Data: Workout plans generated via AI and exercise logs you record.

Subscription Information: Subscription tier and purchase history managed by RevenueCat and Apple App Store. We do not store your payment card details.

Usage & Diagnostic Data: App crash reports, error logs, and anonymised usage analytics collected via Firebase Crashlytics and Firebase Analytics to improve app stability.

Device Data: Device type, operating system version, and timezone used to deliver accurate notifications and timezone-aware features.

2. How We Use Your Information

To provide, personalise, and improve the App's features
To sync your data across sessions and devices via Firebase
To process AI requests (food analysis, workout generation) via Google Gemini API
To manage your subscription and verify entitlements via RevenueCat
To send local push notifications for tasks, missions, and health reminders
To diagnose crashes and technical issues via Firebase Crashlytics
To comply with applicable laws and legal obligations

We do not sell, rent, or trade your personal data to third parties. We do not use your data for advertising targeting.

3. AI Features & Data Processing

Food Trace (AI Nutritional Analysis) When you use the Food Trace feature, images you take are transmitted securely to Google's Gemini API for real-time nutritional analysis. Images are processed in transit and are not stored on our servers or Google's servers beyond the duration of the API request. AI-generated nutritional estimates are approximations only and should not be used as a substitute for professional dietary advice.

Workout plans generated by AI are based on general fitness principles and are not tailored medical or professional fitness advice.

4. Health Data (Apple HealthKit)

AstroHabit may request access to Apple HealthKit to read step count and other health metrics. We use this data solely to display your health statistics within the App. We do not:

Share HealthKit data with third parties for advertising or marketing
Use HealthKit data for any purpose beyond displaying it to you in the App
Store HealthKit data on external servers beyond your personal Firebase account

You may revoke HealthKit access at any time via iPhone Settings → Privacy & Security → Health.

5. Financial Data Disclaimer

For Personal Tracking Only AstroHabit is a personal budgeting tool for tracking purposes only. It is not a financial institution, financial advisor, or regulated financial service. Financial data you enter (income, expenses, balances) is stored only in your personal Firebase account and is never transmitted to financial institutions or used for any purpose other than displaying your personal records back to you. Do not rely on AstroHabit for financial or investment decisions. Consult a qualified financial professional for financial advice.

6. Third-Party Services

The App integrates with the following third-party services, each governed by their own privacy policies:

Firebase (Google) — Authentication, Realtime Database, Crashlytics, Analytics: firebase.google.com/support/privacy
RevenueCat — Subscription management: revenuecat.com/privacy
Google Gemini API — AI food analysis and workout generation: policies.google.com/privacy
Apple HealthKit — Health data sync (iOS only): apple.com/legal/privacy
Apple App Store — App distribution and in-app purchases: apple.com/legal/privacy

7. Data Storage & Security

Your data is stored in Firebase Realtime Database, hosted by Google on secure, encrypted servers. All data is scoped exclusively to your individual account and protected by Firebase security rules that prevent other users from accessing your data.

Data is transmitted using HTTPS/TLS encryption. We implement reasonable technical and organisational measures to protect your data, however no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security.

8. Data Retention & Deletion

Your data is retained for as long as your account remains active. If you delete your account via Profile → Settings → Delete Account, all your personal data stored in Firebase is permanently and irreversibly deleted within 30 days.

Subscription records held by RevenueCat and Apple may be retained according to their respective data retention policies for legal and financial compliance purposes.

Anonymised crash reports in Firebase Crashlytics may be retained for up to 90 days for stability analysis.

9. Children's Privacy

AstroHabit is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, please contact us at support@astrohabit.com and we will promptly delete such information.

10. Your Rights

Depending on your jurisdiction, you may have the right to:

Access — Request a copy of your personal data
Correction — Request correction of inaccurate data
Deletion — Request deletion of your account and data
Portability — Request your data in a portable format (Basic plan)
Withdraw consent — Revoke permissions (Health, Notifications) via iPhone Settings

To exercise any of these rights, contact us at support@astrohabit.com.

11. Malaysia Personal Data Protection Act (PDPA)

AstroHabit is operated from Malaysia and complies with the Personal Data Protection Act 2010 (PDPA). By using the App, you consent to the processing of your personal data as described in this policy. You have the right to access and correct your personal data by contacting us directly.

12. Changes to This Policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top of this page will reflect the most recent revision. Continued use of the App after changes constitutes acceptance of the revised policy. For material changes, we will notify you via in-app notification or email where possible.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy, please contact us at:

support@astrohabit.com