HabitBlock

← Back to Home

Privacy Policy

Effective Date: October 14, 2025

Last Updated: October 14, 2025

1. Introduction

Welcome to HabitBlock (“we,” “our,” or “us”). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website, Early Access waitlist, and the HabitBlock application (collectively, the “Service”). By using the Service, you agree to this Privacy Policy. If you do not agree, please discontinue use of the Service.

2. Information We Collect

2.1 Personal Information

Information you provide directly to us, including:

  • Email address (for account creation, authentication, and communications)
  • Display name (optional)
  • Payment information (processed by a third-party payment processor)
  • Account preferences and settings
  • Communication preferences (e.g., reminders, reports, alerts)

2.2 Application Data

To deliver core features, we store:

  • Habits, objectives, and related metadata you create
  • Progress tracking records and completion history
  • Reflection notes and entries
  • Calendar and scheduling information you provide
  • Subscription status and applicable plan features

2.3 Technical Information

Automatically collected technical and usage data, such as:

  • Device and browser information (e.g., type, version, operating system)
  • IP address and general location (city/country level)
  • Usage analytics and performance metrics
  • Session identifiers and authentication tokens
  • Error logs and diagnostics
  • Security telemetry for abuse prevention

2.4 Early Access & Research Data (Waitlist)

If you join our “Reserve Early Access” campaign, we collect and store:

  • Your name (optional) and email (required)
  • Plan interest (e.g., Pro/Plus) and the page URL you signed up from
  • Marketing attribution data such as referral information and campaign tags present in the URL
  • Analytics client identifier (if available and consented via our cookie banner)
  • User agent and IP address (for security and anti-spam)
  • Captcha verification result (anti-abuse token)
  • Optional research inputs: “What caught your eye?” (feature chips) and “How will you use HabitBlock?” (short note)

Optional answers help us understand use-cases and prioritize the roadmap. They are not required to join the waitlist. We may aggregate or anonymize responses for product analysis. We do not sell your data.

3. How We Use Your Information

  • Service Provision: To provide, maintain, and improve HabitBlock features
  • Account Management: To create and manage your account
  • Authentication & Security: To verify identity, protect accounts, and prevent abuse
  • Payment Processing: To manage subscriptions and billing via a payment processor
  • Communication: To send service-related notifications and updates
  • Analytics: To understand usage and improve the Service
  • Legal Compliance: To comply with applicable laws and regulations
  • Support: To respond to inquiries and resolve issues

3.1 Early Access (Waitlist) Uses

  • Send Early Access invitations and onboarding emails
  • Assess feature interest (e.g., selected chips) and common use-cases
  • Measure high-level marketing effectiveness using non-sensitive referral and campaign tags (e.g., UTM parameters)
  • Prevent spam and automated abuse via captcha and security checks

4. Information Sharing and Disclosure

We do not sell or rent your personal information. We share data only in these cases:

4.1 Service Providers

We use carefully selected third parties bound by contracts to process data on our instructions:

  • Managed database and authentication platform (stores application and waitlist data)
  • Hosting, content delivery, and security services (including bot and abuse protection)
  • Payment processor (subscriptions and billing)
  • Email delivery service (transactional and onboarding messages)
  • Form relay/notification service (optional, for spam filtering and notifications)
  • Analytics and error monitoring tools (used with consent or legitimate interest, as applicable)

4.2 Legal Requirements

We may disclose information when required by law or to respond to valid legal requests.

4.3 Business Transfers

In a merger, acquisition, or asset sale, information may be transferred to the new entity subject to this Policy.

5. Data Security

We implement technical and organizational measures to protect your data, including:

  • Encryption in transit and at rest where applicable
  • Multi-factor and secure authentication options
  • Access controls and monitoring
  • Regular security updates and assessments
  • Use of PCI-DSS compliant payment processors for billing
  • Role-based access restrictions for personnel

6. Data Retention

  • Account and application data: retained while your account is active
  • Payment records: retained for tax/legal compliance (typically up to 7 years)
  • Analytics data: aggregated or anonymized after 24 months where feasible
  • Deleted account data: removed from active systems within ~30 days; backups may retain encrypted data for up to ~90 days
  • Early Access (waitlist) data: retained until invites conclude or you request deletion

7. Your Rights and Choices

7.1 Account Management

  • Update profile information and preferences
  • Change password and security settings
  • Manage subscription and billing preferences

7.2 Data Rights (e.g., GDPR/CCPA)

  • Access: Request a copy of your data
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Request deletion of your personal data
  • Portability: Export your data in a machine-readable format
  • Restriction: Limit how we process your data
  • Objection: Object to certain processing

7.3 Exercising Your Rights

Contact us at [email protected]. We may need to verify your identity before fulfilling your request.

8. International Data Transfers

Your information may be processed and stored outside your country. We use appropriate safeguards for international transfers, such as standard contractual clauses or equivalent mechanisms where applicable.

9. Children’s Privacy

The Service is not intended for children under 13. We do not knowingly collect personal information from children under 13 (or under 16 in the EEA). If we learn we’ve collected such data, we will delete it.

10. Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Maintain login sessions and remember preferences
  • Analyze usage patterns and improve the Service
  • Support security and fraud prevention

You can control cookies through your browser or our cookie banner. Disabling certain cookies may affect functionality.

10.1 Analytics

With your consent (where required), we may collect limited analytics data to understand engagement and improve features. You can withdraw or modify consent via our cookie banner.

10.2 Captcha / Bot Protection

We use a captcha solution to protect forms from automated abuse. The service may process limited technical signals (e.g., IP address, user agent, and interaction data) solely for security purposes.

11. Changes to This Privacy Policy

We may update this Policy periodically. We will post updates on this page and adjust the “Last Updated” date. For material changes, we may provide additional notice (e.g., email). Your continued use of the Service after changes indicates acceptance.

12. Contact Us

Questions about this Privacy Policy?

Email: [email protected]