hambit

Hambit Privacy Policy

Version 1.0 — Effective [LAUNCH DATE]

Hambit is an educational intervention app. When you open a distracting app you have chosen to block, Hambit shows you a spaced-repetition quiz question. Answer correctly and the app opens. Every distraction becomes a study session.

This policy explains what data Hambit collects, why it collects it, where it lives, who can see it, and how you can delete it. We have tried to write it plainly because we believe you should be able to read your privacy policy without a law degree.

What we collect

Hambit collects the following data:

Email address. Collected when you create an account. Used for magic-link sign-in and to associate your Pro subscription with your identity across devices. Required if you subscribe to Pro; not required to use the free tier.
Authentication provider identifier. If you sign in with Apple or Google, Hambit receives a unique identifier from that provider (an opaque string — not your Apple ID email or Google account name). Used to identify your account session.
Supabase user UUID. A pseudonymous identifier generated when your account is created. Internal to Hambit's infrastructure; never exposed to you directly or to third parties outside of Supabase's own systems.
RevenueCat customer ID. A pseudonymous identifier generated when you first interact with a subscription product. Used by RevenueCat to track your subscription state across platforms.
Subscription tier and status. Whether your account is on the free tier, a monthly subscription, an annual subscription, or a lifetime purchase — and the subscription's expiry date if applicable. Stored on Supabase so Pro access can be verified on any device you sign into.
Timestamps. Account creation date, last sign-in date, subscription start and renewal dates. Standard account-management metadata.

That is everything. The list above is exhaustive.

What we do not collect

Hambit does not collect and does not transmit:

Screen Time data of any kind.
The names or bundle identifiers of apps you have chosen to block. Your blocked-app selections are stored on your device only (iOS: App Group UserDefaults; Android: SharedPreferences) and never leave it.
Quiz results, streak counts, spaced-repetition state, or reading-passage history. These stay on your device.
Your location.
Your contacts.
Device identifiers (IDFA, Android Advertising ID, IMEI, serial number).
Microphone, camera, or health data.
Anything from your clipboard.
Anything from other apps via accessibility events beyond what is needed to detect a foreground-app transition and compare it against your local block list. On Android, Hambit's AccessibilityService reads only the package name of the app transitioning to the foreground — it does not read text, form inputs, or any content inside other apps.

Where data lives

Data	System	Region	Notes
Email, Supabase UUID, subscription tier	Supabase	EU (Ireland or Frankfurt — see supabase.com/privacy for current region detail)	Supabase is the data processor. Row-Level Security policies restrict access to authenticated users only.
RevenueCat customer ID, subscription receipts	RevenueCat	United States	RevenueCat Inc. is a US-based processor. Transfers from the EU are covered by RevenueCat's Standard Contractual Clauses (SCCs). See revenueCat.com/privacy.
Analytics events (opt-in only)	TelemetryDeck	Germany	Anonymized. No user identifiers. No Screen Time data. TelemetryDeck is operated under German and EU data law.
All app-level behavioral data	Your device only	—	Never transmitted.

Who we share data with

Hambit shares data with three named processors only:

Supabase Inc — hosts our authentication and account database. Acts as a data processor under our instructions. Does not use your data for its own purposes.
RevenueCat Inc — manages subscription state and App Store / Google Play receipt validation. Acts as a data processor under our instructions. Does not use your data for its own purposes.
TelemetryDeck GmbH — receives anonymized analytics events, opt-in only. No personal data is transmitted to TelemetryDeck.

Payments are processed by Apple (App Store) or Google (Play Store). Hambit never receives your card or bank details.

We do not sell your data. We do not share your data with advertisers. We do not share your data with data brokers. We do not use your data to train AI models.

Your rights

You have the following rights over your data:

Access. You can request a copy of the data Hambit holds about you by emailing [email protected]. We will respond within 30 days with an export of your account record.

Deletion. You can delete your account at any time. In the app: Settings → Account → Delete my account. If you no longer have the app installed, use the web form at hambit.app/delete-account. Deletion is immediate — your email address, account record, and all associated data are permanently removed from Supabase and RevenueCat within 30 seconds of confirmation. There is no soft-delete period. See the deletion section below for full details.

Correction. If the email address on your account is wrong, you can update it in Settings → Account or contact us at [email protected].

Portability. You can request your data in a machine-readable format (JSON) by emailing [email protected].

Revocation of analytics consent. If you opted into analytics during onboarding, you can revoke that consent at any time in Settings → Privacy → Analytics.

GDPR rights (EU residents). EU residents have the rights described in Articles 15–22 of the GDPR: access, rectification, erasure, restriction of processing, data portability, and the right to object. To exercise any of these, email [email protected]. Response time: 30 days or less.

Deleting your account

Account deletion removes:

Your email address and authentication provider identifier from Supabase.
Your Supabase UUID and all associated database rows (cascade delete).
Your RevenueCat customer ID and subscription history from RevenueCat's system.
Your active session tokens on all devices.

After deletion, your in-app data (block list, quiz stats, streaks) is cleared from your device. You receive a confirmation email at the address on your account.

One note on subscription billing: Hambit's deletion removes your data from our backend. Your App Store or Google Play subscription is managed by Apple or Google and must be cancelled separately from your device's subscription settings. Hambit cannot cancel it on your behalf.

Data retention

We retain your data for as long as your account exists. When you delete your account, all data is removed immediately. We do not retain deleted account data for fraud prevention, legal hold, or any other purpose. We do not have fraud signals worth keeping.

If you are a free-tier user who has never created an account, Hambit holds no data about you on any server.

International data transfers

RevenueCat is based in the United States. Transfers of personal data from the EU to RevenueCat are governed by Standard Contractual Clauses (SCCs) in accordance with GDPR Article 46(2)(c). RevenueCat's DPA and SCCs are available at revenueCat.com/dpa.

Supabase hosts data in the EU (Ireland or Frankfurt, EU-west region). No transfer outside the EU is required for Supabase-processed data.

Children

Hambit is for users 13 and older (16 and older in EU member states where the national GDPR age of digital consent is 16). We do not knowingly collect data from children under these thresholds. If you believe a child has created an account, contact [email protected] and we will delete the account immediately.

Security

All data in transit is encrypted via TLS.
Supabase Row-Level Security (RLS) policies ensure that users can only read and write their own records.
Hambit does not store credit card data, bank details, or payment tokens on our servers — payment processing is handled entirely by Apple, Google, or the relevant platform.
Our Supabase project does not expose its service role key to the client. Authentication uses Supabase's anon key with RLS enforcement.

Changes to this policy

If we make a material change to this policy — meaning a change that affects what data we collect, how we use it, or who we share it with — we will notify users via an in-app notice at least 14 days before the change takes effect. We will also update the effective date at the top of this document.

Non-material changes (typos, formatting, clarifications that do not change meaning) will be updated without notice, but the effective date will reflect the update.

Contact

Questions, requests, or concerns about this policy:

Email: [email protected]
Response time: 30 days or less.

For GDPR Article 77 complaints, EU residents may also lodge a complaint with their national supervisory authority. France's authority is the CNIL (cnil.fr).

Effective date: [LAUNCH DATE]. This document is hosted at hambit.app/privacy.