Privacy Policy

Effective date: October 28, 2025

This Privacy Policy explains how we collect, use, and protect your information when you use the 30 Day Challenge app (the "App"). By using the App, you agree to the practices described here.

1) Information We Collect

  • Account information: email, name, identifiers from sign-in providers (Google, Apple). Managed by Supabase Auth.
  • Profile and onboarding: full name, age, avatar URL, onboarding completion status.
  • Activity tracking data: entries you log across categories such as gym, weight, reading, self-care, habits, social activities, notes, durations, feedback/mood, and related metadata.
  • AI Coach chat data: chat sessions and messages (user/assistant), usage counters, basic session metadata.
  • Community content: posts, comments, likes you publish.
  • Notifications preferences: whether you granted permissions; local schedules for reminders (times only).
  • Device data: basic device/platform information required to run the App (e.g., OS, device model) and local storage for session persistence.

We do not collect precise location, contacts, or your photo library contents by default. If a feature requests optional access (e.g., pick an image), you can deny it.

2) How We Use Your Information

  • Provide and maintain the App, including authentication, your profile, and syncing your data via Supabase.
  • Power the AI Coach: we send your chat messages and summarized activity context to our server-side function, which calls OpenAI to generate responses. We store the conversation in Supabase to show history and improve continuity.
  • Generate daily insights and statistics from your own activity data.
  • Community features: publish your posts/comments/likes to other users.
  • Send local reminders on your device (no server-side push at this time).
  • Ensure security, prevent abuse (e.g., rate limiting chat requests), and debug issues.

3) Legal Bases (where applicable)

  • Performance of a contract: to provide core App features you request.
  • Legitimate interests: to secure the App and prevent abuse.
  • Consent: where required for notifications or specific optional features.

4) Data Storage and Providers

  • Supabase (hosting, database, authentication): stores account data, profiles, activities, community content, and AI chat history. Access is restricted to your account via row-level security.
  • OpenAI (AI responses): your chat messages and a summarized view of your recent activity are sent from a Supabase Edge Function to OpenAI's API to generate responses. API keys are kept server-side and are not exposed in the client.
  • Google / Apple (sign-in): used for authentication only.

We do not sell your personal information.

5) Data Retention

We retain your data for as long as your account is active or as needed to provide the App. You may request deletion at any time.

6) Security

We use Supabase authentication, row-level security, and industry-standard practices to protect your data in transit and at rest.

No method of transmission or storage is 100% secure. We work to continually improve our safeguards.

7) Your Rights

Depending on your location, you may have rights to access, correct, delete, export, or restrict the use of your data. Contact us to exercise these rights. You can also:

  • Manage notification permissions via your device settings.
  • Delete activity entries from within the App.
  • Request account deletion (see Contact section).

8) Children's Privacy

The App is not intended for children under 13, or under the age required by local law. We do not knowingly collect personal data from children. If we learn we have, we will delete it.

9) International Transfers

Your information may be processed and stored in countries other than your own. By using the App, you consent to such transfers, subject to appropriate protections.

10) Changes to This Policy

We may update this Policy from time to time. Material changes will be communicated in-app or by other appropriate means. The "Effective date" above tells you when this Policy was last updated.

11) Contact

If you have questions, requests, or wish to delete your account/data, contact us at: privacy@day30challenge.com

Additional details

  • AI chat daily limits are enforced to prevent abuse and control costs.
  • Local device notifications are scheduled on your device and can be revoked in system settings.
← Back to Home