HabitLab

Privacy Policy

How we collect, use, and protect your personal information.

Last updated: [Insert Date]

1. Introduction

HabitLab (“we”, “us”, “our”) operates the HabitLab platform. We are committed to protecting your privacy and handling your personal data transparently and securely.

2. Information We Collect

2.1 Account Information

  • Name
  • Email address
  • Password (encrypted)

2.2 Payment Information

Payments are processed securely via Stripe. We do not store full payment card details. Stripe may collect:

  • Card details
  • Billing address
  • Transaction history

2.3 Health & Habit Data

We collect user-input data such as:

  • Habits, goals, routines
  • Fitness activity and tracking
  • Progress metrics and performance insights

⚠️ While this is not classified as medical advice, it may be considered sensitive personal data depending on jurisdiction.

2.4 Technical & Usage Data

  • IP address
  • Device/browser info
  • Usage patterns within the app

3. How We Use Your Data

We use your data to:

  • Deliver and operate HabitLab services
  • Personalise your experience and insights
  • Process subscriptions and payments
  • Improve platform performance
  • Ensure security and fraud prevention

4. Legal Basis (GDPR)

We rely on:

  • Contractual necessity (account + subscription)
  • Legitimate interests (improving product)
  • Consent (cookies, optional features)
  • Legal obligations

5. Sensitive Data Handling (Health Data)

  • Health and habit data is user-provided only
  • Used solely for personalisation and analytics within your account
  • Not shared externally or sold
  • Stored securely with restricted access

6. Data Sharing

We only share data with:

  • Stripe (payment processing)
  • Hosting and infrastructure providers (secure cloud services)

We do not sell or rent personal data.

7. Data Storage & Security

  • Encryption in transit (HTTPS)
  • Secure storage environments
  • Strict access controls
  • Segregated environments (DEV/UAT/PROD)

8. Data Retention

We retain data:

  • While your account is active
  • As required for legal/financial compliance

You may request deletion at any time.

9. Your Rights

You have the right to:

  • Access your data
  • Correct inaccuracies
  • Request deletion
  • Withdraw consent
  • Request data export

(Australian users: aligned with APPs)

10. Cookies

See our Cookies Policy for details.

11. Changes

We may update this policy periodically.

12. Contact

Email: [Insert Email]
Address: [Insert Business Address]