Privacy Policy

---

TL;DR - Your Privacy Matters

We respect your privacy. Here's what you need to know:

✅ We will NEVER sell your data. Your information is yours, not ours to monetize.

✅ You control your information. Delete your account anytime for immediate permanent deletion of all personal data. Only financial transaction records are anonymized and retained for 7 years (tax law requirement).

✅ Transparent practices. We only collect what's necessary to make Wizify® work for you.

✅ Secure by design. Your sensitive data is encrypted and stored in your device's secure keychain.

---

Introduction

Wizify LLC ("we," "us," or "our") operates the Wizify mobile application (the "App"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our App. Please read this policy carefully.

By using Wizify, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our App.

---

1. Information We Collect

1.1 Information You Provide

• Account Information: When you create an account, we collect your email address, display name, and authentication credentials through Apple Sign In.
• Profile Information: Optional profile details such as profile photos and preferences.
• User-Generated Content: Habits you create, notes, and other content you choose to add within the App.

1.2 Health and Fitness Data (Apple Health)

With your explicit permission, Wizify integrates with Apple Health to access:

• Activity Data: Daily activity summaries including move, exercise, and stand metrics
• Workout Information: Workout sessions, duration, calories burned, and activity types
• Health Records: Specific health metrics you authorize us to access for habit tracking purposes

Important:

• You control what health data we can access through iOS Settings → Privacy & Security → Health → Wizify
• We only use Apple Health data to track your habits and provide insights
• We never share or sell your Apple Health data to third parties (advertisers, data brokers, etc.)
• Apple Health data is stored locally on your device and synced through Apple's secure infrastructure

Social Features and Health Data Sharing:

• If you enable social features and allow others to follow you, your health and activity metrics may be visible to your followers
• This can include: workouts, activity rings (move/exercise/stand), steps, distance, and any other health data you've authorized Wizify to access
• You control what data Wizify can access through iOS Settings → Health → Wizify
• You control which metrics are visible using the Hidden Metrics setting in App Settings → Privacy Settings to selectively hide individual metrics from your public profile, top metrics, and leaderboard rankings
• You also control who can see your data through privacy settings (private profile requires follower approval)
• Hidden metrics are still tracked privately for your personal use — only their public visibility is affected

1.3 Automatically Collected Information

• Device Information: Device type, operating system version, unique device identifiers
• Usage Data: App features used, session duration, interaction patterns
• Log Data: Error logs, crash reports, and performance metrics
• Push Notification Tokens: Device tokens for Firebase Cloud Messaging (FCM) to send you reminders and updates (if you opt in)

1.4 Analytics and Performance Data

We use third-party services to understand how you use our App:

• PostHog: Product analytics to improve features and user experience
• Sentry: Error monitoring and performance tracking to fix bugs and crashes
• Firebase Analytics Core: Basic app event data to support push notification delivery and diagnostics (no advertising identifiers collected)

---

2. How We Use Your Information

We use the collected information for the following purposes:

2.1 Core Functionality

• Provide habit tracking and progress monitoring
• Sync your data across your devices
• Process and display Apple Health data for habit insights
• Share your habit progress and Apple Health metrics with followers for motivation and friendly competition (optional social feature - you control who can follow you through privacy settings)
• Send push notifications for habit reminders (with your permission)

2.2 Service Improvement

• Analyze usage patterns to improve the App
• Identify and fix technical issues
• Test new features and functionality
• Understand user preferences and behavior

2.3 Account Management

• Create and maintain your account
• Manage subscriptions and payments through RevenueCat and Apple's App Store
• Authenticate your identity and prevent fraud
• Provide customer support

2.4 Communications

• Send you service-related notifications
• Respond to your inquiries and support requests
• Notify you of important updates or changes

2.5 Marketing Communications

• With your consent, we may send you occasional emails about new features, product updates, or promotional content
• You can opt out at any time by following the unsubscribe link in those emails

---

3. Third-Party Services

Wizify integrates with the following third-party services:

3.1 Apple Services

• Sign in with Apple: Authentication (no email access if you choose to hide it)
• Apple Health: Health and fitness data (stored locally, controlled by iOS permissions)
• App Store & StoreKit: In-app purchases and subscriptions
• Push Notifications: Delivery of notifications through Firebase Cloud Messaging, which routes through Apple Push Notification Service (APNs)

3.2 Payment Processing

• RevenueCat (Privacy Policy): Subscription management and payment processing

  • Collects: Purchase history, subscription status, transaction IDs, user ID, email (if provided), display name
  • Purpose: Process in-app purchases, manage subscriptions, restore purchases across devices, prevent fraud
  • Integration: Works with Apple's App Store to handle subscription billing
  • Security: Your payment information (credit card, Apple Pay) is handled directly by Apple; we never receive or store your payment credentials

• Apple App Store (Privacy Policy): Payment processing

  • Handles all payment transactions
  • Stores your payment methods securely
  • Processes subscription charges
  • We do not have access to your credit card or payment details

3.3 Analytics and Monitoring

• Sentry (Privacy Policy): Error tracking and performance monitoring

  • Collects: Error logs, device info, user IDs, performance metrics
  • Purpose: Fix bugs and improve app stability

• PostHog (Privacy Policy): Product analytics and feature flags

  • Collects: Usage patterns, feature interactions, anonymized user data
  • Purpose: Understand how users interact with features

• Firebase Cloud Messaging (Privacy Policy): Push notification delivery

  • Collects: FCM device tokens, notification delivery metadata
  • Purpose: Deliver push notifications reliably via Google's infrastructure
  • Note: Notification content is end-to-end between our servers and your device via APNs

• Firebase Analytics Core (Privacy Policy): Lightweight app analytics

  • Collects: App instance identifiers, basic event data
  • Purpose: Support push notification diagnostics and delivery tracking
  • Note: Does NOT collect advertising identifiers (IDFA) or enable ad targeting

3.4 Backend Services

• Wizify Backend API: Our secure servers for data synchronization
  • Collects: Account data, habits, user-generated content, session tokens
  • Purpose: Sync data across devices, provide core functionality
  • Location: United States
  • Security: Session-based authentication, encrypted data transmission

Data Processing: All third-party services process data under strict agreements to protect your privacy and comply with applicable laws including GDPR and CCPA.

---

4. Data Storage and Security

4.1 Local Storage (Primary)

• Local SQLite Database: All your app data is stored locally on your device in a SQLite database
  • Habits and habit completion history
  • User settings and preferences
  • Health and fitness data (from Apple Health integration)
  • Social connections and activity
  • Inventory items (coins, habitium, powerups)
  • Purchase history
• Secure Keychain: Authentication tokens and sensitive credentials are stored in iOS Keychain with hardware encryption
• Offline-first: The app works fully offline; your data is always accessible on your device

4.2 Cloud Sync (Automatic Backup & Multi-Device)

• Automatic Backend Sync: All app data is automatically synchronized to our secure backend servers
  • Purpose: Our backend servers process your data to provide the following functionality:
    • Multi-device sync: Keep your data current across all your devices (iPhone, iPad, etc.)
    • Backup and restore: Safely backup your data and restore on new devices
    • Habit processing: Calculate habit metrics, streaks, achievements, and daily results
    • Experience and levels: Calculate experience points (XP) and process level-ups
    • Social features: Enable sharing of progress and health metrics with your followers
    • Subscriptions: Manage in-app purchases and subscription status
    • Notifications: Generate notifications for achievements and habit reminders
    • Analytics: Track performance metrics and app usage patterns
  • Frequency: Syncs happen automatically when data changes and you're online
  • Your data stays current across all your devices (iPhone, iPad, etc.)
• Encrypted Transmission: All data is transmitted using HTTPS/TLS encryption
• No iCloud: We do not use Apple iCloud for data storage

4.3 What This Means for You

• Offline Access: Your data is always available on your device, even without internet
• Multi-Device Sync: Changes sync automatically across all your devices when online
• Data Backup: Your data is safely backed up on our servers
• Privacy: While data syncs to our servers, we never sell or share your personal information (see Section 5)

4.4 Security Measures

We implement industry-standard security measures including:

• HTTPS/TLS encryption for all data transmission
• Secure session-based authentication
• Regular security audits and updates
• Access controls and monitoring

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

---

5. Data Sharing and Disclosure

5.1 We Do NOT Sell Your Data

We will never sell, rent, or trade your personal information to third parties for marketing purposes.

5.2 Limited Sharing

We may share your information only in the following circumstances:

• Service Providers: With third-party vendors who help us operate the App (analytics, error tracking, subscription management) under strict confidentiality agreements
• Social Features: If you enable social features and allow followers, your profile information, habit data, and Apple Health metrics (that Wizify has permission to access) are shared with your followers within the app. This sharing is controlled by your privacy settings (private profile, follower approval, blocking)
• Legal Requirements: If required by law, court order, or government regulation
• Business Transfers: In connection with a merger, acquisition, or sale of assets (users will be notified)
• Protection of Rights: To protect our rights, privacy, safety, or property, and that of our users
• With Your Consent: When you explicitly authorize us to share specific information

5.3 Aggregated Data

We may share aggregated, anonymized data that cannot identify you personally for research, marketing, or analytics purposes.

---

6. Your Rights and Choices

You have the following rights regarding your personal information:

6.1 Access and Portability

• Request a copy of your data in a portable format
• View what information we have collected about you

6.2 Correction and Updates

• Update your profile information at any time within the App
• Correct inaccurate or incomplete data

6.3 Deletion

• Delete your account and associated personal data at any time through the App Settings

• When you delete your account, all personal data is immediately and permanently deleted, including:

  • User profile (email, name, username, display name)
  • Profile photo
  • All habits and habit completion history
  • Social connections (follows, blocks, referrals)
  • Analytics and metrics
  • Notifications and device tokens
  • In-app currency (coins, habitium, powerups)
  • Apple Health data associations
  • All other account-related data

• Financial Transaction Records are handled differently for legal compliance:

  • Not deleted - Required by tax law to retain for 7 years
  • Anonymized immediately - Your user account reference is removed (set to NULL)
  • Audit trail preserved - Transaction IDs and deleted user IDs are stored for verification
  • Cannot be linked back to you - After deletion, these records contain no personal identifiers

• Deletion Audit Log:

  • We create a compliance record when you delete your account
  • Contains: Deletion timestamp, SHA-256 hashed email (for verification), IP address, user agent
  • Retained for 7 years for legal compliance
  • Hash cannot be reversed to identify you

• Deletion is immediate and irreversible - There is no 30-day grace period or recovery option

• For questions about account deletion, contact us at privacy@wizifyapp.com

6.4 Social Features Privacy Controls

Wizify offers optional social features that allow you to follow friends and share progress:

What You Can Control:

• Private Profile: Require approval before anyone can follow you (enable in App Settings)
• Who Follows You: Accept/reject follow requests, unfollow, mute, or block users at any time
• Hidden Metrics: Selectively hide individual metrics from your public profile, top metrics, and leaderboard rankings (App Settings → Privacy Settings → Hidden Metrics)
• Apple Health Data Access: Control what health data Wizify can access through iOS Settings → Privacy & Security → Health

What Gets Shared with Followers:

When someone follows you (and you accept if your profile is private), they can see:

• Your profile information (username, name, photo)
• Level, XP progress, and achievement badges
• Habit streaks and completion calendar
• Active habits count
• Health and activity metrics that Wizify has permission to access, except those you've hidden via Hidden Metrics settings

Granular Privacy Controls:

• Per-metric hiding: You can selectively hide individual metrics (e.g., hide sauna sessions but show steps) from your public profile, top metrics, and leaderboard rankings
• Personal tracking unaffected: Hidden metrics are still tracked and visible in your personal dashboard
• Additional options to limit what's shared:
  • Revoke specific Apple Health permissions in iOS Settings → Health → Wizify (this removes Wizify's access to that data entirely)
  • OR disable social features entirely in App Settings
  • OR set your profile to private and don't accept follow requests

Recommended Privacy Settings:

1. Enable "Private Profile" to control who can follow you
2. Use Hidden Metrics to hide any specific metrics you don't want followers to see
3. Review Apple Health permissions and only grant access to data you're comfortable with Wizify accessing
4. Disable social features completely if you prefer total privacy
5. Use the "Block" feature to prevent specific users from following you or seeing your data

6.5 Apple Health Permissions

• Control Apple Health data access through iOS Settings → Privacy & Security → Health → Wizify
• Revoke permissions at any time without affecting other App features
• Important for Social Features: Apple Health data you grant Wizify access to may be visible to your followers if you have social features enabled, unless you hide specific metrics via Hidden Metrics settings
• Use Hidden Metrics (App Settings → Privacy Settings) to hide individual metrics, or limit Apple Health permissions to restrict what data Wizify can access entirely

6.6 Push Notifications

• Opt out of push notifications through iOS Settings → Notifications → Wizify
• Manage notification preferences within the App

6.7 Analytics Opt-Out

• Some analytics collection occurs automatically; contact us to request analytics opt-out

6.8 Do Not Sell My Personal Information (CCPA)

We do not sell personal information. If you are a California resident, you have additional rights under CCPA (see Section 10).

---

7. Data Retention

7.1 Active Accounts

We retain your data as long as your account is active and you continue using the App.

7.2 Deleted Accounts

When you delete your account through the App Settings:

• Personal Data (immediately and permanently deleted):

  • User account record
  • Email address, name, username, display name
  • Profile photos and contact information
  • All habits and habit completion history
  • Social connections (follows, blocks, referrals)
  • Analytics and metrics
  • Notifications and device tokens
  • In-app currency (coins, habitium, powerups)
  • Apple Health data associations
  • All other personal identifiers and account data

• Financial Transaction Records (anonymized and retained for legal compliance):

  • Retention Period: 7 years (required by tax law)
  • What is retained:
    • Transaction IDs (Apple/RevenueCat transaction identifiers)
    • Purchase dates and amounts
    • Product IDs and subscription details
    • Deleted user ID (for audit trail, not personal identification)
  • What is removed:
    • Foreign key reference to your user account (set to NULL)
    • All personal identifiers
    • Any link back to your identity
  • Purpose: Tax compliance, financial auditing, fraud prevention

• Deletion Audit Log (retained for compliance):

  • Retention Period: 7 years
  • What is stored:
    • Deletion timestamp
    • SHA-256 hashed email (one-way hash, cannot be reversed)
    • IP address of deletion request
    • User agent string
    • Deleted user ID
  • Purpose: Compliance verification, legal protection

7.3 What "Anonymized" Means

• All personal identifiers are permanently removed
• User account reference is set to NULL (no link back to you)
• Data cannot be traced back to you or re-identified
• Meets GDPR and CCPA standards for de-identification
• Records are stored only with transaction IDs and deleted user IDs for audit purposes

7.4 Legal Holds

Data subject to legal obligations, litigation holds, or law enforcement requests will be retained as required by law, regardless of account status.

7.5 No Backup Recovery

• Deletion is immediate and permanent
• There is no grace period or recovery option
• We do not retain deleted data in backups for restoration purposes

---

8. Children's Privacy

8.1 Age Restrictions and COPPA Compliance

Wizify is a general audience app not intended or directed to children under the age of 13.

We comply with the Children's Online Privacy Protection Act (COPPA) and do not knowingly collect, use, or disclose personal information from children under 13 years of age without verifiable parental consent.

8.2 No Intentional Collection from Children

• We do not knowingly collect personal information from anyone under 13
• We do not knowingly allow children under 13 to create accounts
• We do not direct any of our content specifically to children under 13
• We do not knowingly use personal information from children under 13 for targeted advertising

8.3 Parental Rights and Notification

If you are a parent or legal guardian and believe your child under 13 has created an account or provided us with personal information:

Please contact us immediately at privacy@wizifyapp.com

Upon notification, we will:

1. Verify the claim
2. Immediately delete the child's account and all associated data
3. Remove all personal information from our systems
4. Confirm deletion to the parent/guardian

8.4 What Parents Should Provide

When contacting us about a child's account, please include:

• Child's name or username (if known)
• Child's email address (if used for sign-up)
• Parent/guardian's contact information
• Proof of parental relationship (may be required for verification)

8.5 Parental Consent

If we learn that we have collected personal information from a child under 13 without verifiable parental consent, we will delete that information as quickly as possible.

---

9. International Users

9.1 Data Transfers

Your information may be transferred to and maintained on servers located in the United States. By using Wizify, you consent to the transfer of your information to the United States.

9.2 GDPR Rights (European Users)

If you are in the European Economic Area (EEA), you have additional rights under GDPR:

• Right to Access: Obtain confirmation of data processing and access your data
• Right to Rectification: Correct inaccurate personal data
• Right to Erasure: Request deletion of your data ("right to be forgotten")
• Right to Restriction: Limit how we use your data
• Right to Data Portability: Receive your data in a structured, machine-readable format
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent at any time
• Right to Complain: Lodge a complaint with your local data protection authority

Legal Basis for Processing: We process your data based on:

• Contract performance (providing App services)
• Consent (Apple Health data, push notifications, analytics)
• Legitimate interests (app improvement, fraud prevention)
• Legal obligations (compliance with laws)

9.3 International Transfers Safeguards

We use standard contractual clauses approved by the European Commission for data transfers outside the EEA.

---

10. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA):

10.1 Categories of Personal Information We Collect

• Identifiers (email, user ID, device ID)
• Commercial information (subscription status, purchase history)
• Internet activity (usage data, interactions)
• Health information (Apple Health data, with consent)
• Geolocation data (if enabled)

10.2 Your California Rights

• Right to Know: Request details about personal information collected, used, disclosed, or sold
• Right to Delete: Request deletion of your personal information
• Right to Opt-Out: We do not sell personal information; no opt-out required
• Right to Non-Discrimination: We will not discriminate against you for exercising your rights
• Right to Correct: Request correction of inaccurate personal information
• Right to Limit: Request limits on use of sensitive personal information

10.3 How to Exercise Your Rights

Email us at privacy@wizifyapp.com or use the in-app settings. We will verify your identity and respond within 45 days.

---

11. Cookies and Tracking Technologies

Wizify is a native iOS app and does not use cookies. However, we may use:

• Local Storage: To cache data locally on your device
• Session Tokens: To maintain your authentication state
• Analytics SDKs: To collect usage data (PostHog, Sentry, Firebase Analytics Core)

You can control some tracking through iOS Settings → Privacy & Security → Tracking.

---

12. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. We will notify you of significant changes by:

• Posting the new policy in the App
• Updating the "Last Updated" date
• Sending an in-app notification or email (for material changes)

Your continued use of Wizify after changes indicates acceptance of the updated policy.

---

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Wizify LLC

• Email: privacy@wizifyapp.com
• Support: support@wizifyapp.com
• Website: https://www.wizifyapp.com

Data Protection Officer (for GDPR inquiries): privacy@wizifyapp.com

---

14. Your Consent

By using Wizify, you consent to this Privacy Policy and agree to its terms.

---

Thank you for trusting Wizify with your personal development journey. Your privacy is our priority.