Privacy Policy

Last updated: April 19, 2026

Short version: Disciplio is built to be privacy-first. You can use the app anonymously. We do not sell your data. We do not use tracking or advertising SDKs. Any data you create (habits, streaks, scores) is stored locally on your device and, if you participate in the global leaderboard, synchronized to our secure Supabase database.

1. Who We Are

This Privacy Policy describes how Disciplio ("the App", "we", "us") processes personal data. The App is operated by an individual developer based in the Czech Republic. For any privacy-related questions, you can reach us at support@habiters.com.

2. Data We Process

2.1 Data stored only on your device

The majority of your data never leaves your iPhone. This includes:

Your daily habits, routines, and check-ins
Your streak history and calendar
Your XP, level, and rank progression
App settings, preferences, and Focus Limits configuration

This data is stored in iOS UserDefaults and is not transmitted to our servers unless you opt into leaderboard participation.

2.2 Data stored on our servers (Supabase)

If you participate in the global leaderboard, the following data is synchronized to our secure backend provided by Supabase:

A randomly generated user identifier (not your real name)
Your chosen display name (if you set one)
Your avatar image (if you upload one)
Your current score, streak count, and rank

We do not collect your email address, phone number, real name, precise location, contacts, photos, or health data.

2.3 Apple Screen Time / Family Controls

If you enable Focus Limits, the App uses Apple's Family Controls framework to block selected applications on your device. The selection of blocked apps is stored only on your device through Apple's private APIs. We never see which apps you have chosen to block — this information never leaves your iPhone.

3. How We Use Your Data

We use the limited data we process strictly to:

Display your position in the global leaderboard
Render your avatar and display name for other users on the leaderboard
Synchronize your progress across reinstalls if you sign in
Maintain app reliability and prevent abuse

4. Legal Basis (GDPR)

Under Regulation (EU) 2016/679 (GDPR), our processing of your personal data is based on:

Your consent (Art. 6(1)(a)) — when you voluntarily join the leaderboard or upload an avatar
Performance of a contract (Art. 6(1)(b)) — to provide the core functionality of the App
Legitimate interest (Art. 6(1)(f)) — to prevent abuse and ensure the service operates correctly

5. Data Sharing

We do not sell your data. We do not share your data with advertisers or data brokers. We use the following third-party service to operate the App:

Supabase (Supabase, Inc., United States) — database, authentication, and avatar storage. Supabase acts as our data processor. See Supabase Privacy Policy.

Apple may also collect analytics data through standard App Store and iOS frameworks according to its own privacy policy.

6. Data Retention

Data stored on your device remains there until you delete the App or clear its data. Data on our servers is retained as long as your account is active. You can request deletion at any time by contacting support@habiters.com.

7. Your Rights

Under GDPR, you have the right to:

Access the personal data we hold about you
Request correction of inaccurate data
Request deletion of your data ("right to be forgotten")
Object to or restrict processing
Data portability
Lodge a complaint with the Czech Data Protection Authority (Úřad pro ochranu osobních údajů, uoou.cz)

To exercise any of these rights, email us at support@habiters.com.

8. Children

The App is intended for users aged 4 and above. We do not knowingly collect personal data from children under the age of 13 (or the relevant age of digital consent in your country). If you believe a child has provided us with personal data, please contact us and we will promptly delete it.

9. Security

Data transmitted between your device and our servers is encrypted using TLS. Our database is protected with row-level security policies. However, no system is 100% secure; we cannot guarantee absolute security of data transmitted over the internet.

10. International Transfers

As our backend provider (Supabase) operates servers outside the EU, your data may be transferred to and processed in countries outside the European Economic Area. Such transfers are safeguarded by appropriate mechanisms, including Standard Contractual Clauses approved by the European Commission.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated "Last updated" date. Material changes will be communicated through the App.

12. Contact

For any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us at:

support@habiters.com