Privacy Policy

Types of Data Collected:

1. Personal Information User Provide

• Registration Information: We collect and store on our servers certain information you provide when creating, registering and signing in through Apple, or maintaining an account, including your email address, username, and display name. We use this information to establish and administer your account, authenticate account access, maintain account security, and provide account-related notices or support where necessary.
• User-Generated Content (Photos and Images): When you use features that allow habit verification, you may choose to upload or capture photos within the App. These images are sent to our secure servers (AWS S3 via presigned URLs) for AI-based image analysis to confirm the activities, such as smiling, going outdoors, or drinking water. In addition, photos may be captured during timed habit sessions and stored locally on your device as personal memory records. We do not access your photos without your explicit action, and images are not used for tracking, advertising unless you provide separate explicit consent.
• Messages and Reactions: When you use the in-app messaging feature, we collect and store the text messages, emoji reactions, and Moment replies you send and receive. Messages are transmitted to and stored on our servers to enable delivery, conversation history, and push notification delivery. Message content is not used for advertising or shared with third parties.
• Social and Friend Data: When you use social features, we collect information about your friend connections, friend requests, block lists, and content reports you submit. This data is stored on our servers to maintain your social graph and enforce safety controls such as blocking and reporting.
• Leaderboard Data: When you participate in the leaderboard, we collect and display aggregated habit completion statistics, display names, and avatars. This data is stored on our servers and may be visible to other users.
• Push Notification Tokens: When you enable push notifications, we collect your device token (APNs) to deliver notifications including habit reminders, friend requests, messages, reactions, and other app-related updates. Device tokens are stored on our servers and are not shared with third parties beyond the notification delivery service.

2. Information Collected Automatically

• Wi-Fi and Network: We automatically monitor network connectivity status through the use of NWPathMonitor to detect, manage online and offline states, and to facilitate the diagnosis of connectivity issues, maintain service stability of our Service.
• IDFA (ATT): The application accesses the advertising identifier (IDFA) only after obtaining user authorization in accordance with App Tracking Transparency (ATT) authorization. Where such authorization is granted, the identifier may be shared with Adjust and Facebook SDKs, solely for attribution purposes. Where authorization is denied, the identifier is not collected and related tracking functionalities are disabled. This information is stored on servers.
• Crashes: We collect information when the app unexpectedly stops working in order to identify errors, fix bugs, and improve the reliability of our Service.
• Cookies: Our services utilize cookies to collect information to enhance user experience, understand user engagement and improve our services.

3. Data Obtained from Third Parties

• Firebase Analytics: We use Firebase Analytics to receive aggregated usage information about how users interact with the App, such as feature usage, session duration, and subscription events. Firebase Analytics is processed solely for analytical purposes and this information helps us understand app performance, improve functionality, and enhance user experience.
• FirebaseRemoteConfig: App settings and feature behavior are dynamically adjusted and controlled via Firebase Remote Config without requiring an app update. This allows us to improve stability, enable or disable features, and optimize performance based on device type, app version, or usage conditions.
• Firebase Crashlytics: We use Firebase Crashlytics to transmit crash reports and non-fatal error data for the purpose of monitoring application stability and identifying issues for improvement. This information is stored on servers.
• Adjust SDK: The application integrates the Adjust SDK to support attribution tracking, campaign measurement, revenue tracking, and deferred deep linking. The advertising identifier (IDFA) is accessed only after user consent ATT. This information is stored on the server.
• Facebook SDK (FBSDKCoreKit): The application integrates the Facebook SDK (FBSDKCoreKit) for attribution and deep link handling purposes. Automatic event logging and advertiser identifier collection are disabled by default and are only activated at runtime upon obtaining user authorization with ATT. This information is stored on servers.
• Other Sources: Data about you may also be collected from publicly available sources to further enhance our services and customer understanding.

1. Granting Consent:

By registering or creating a profile on our platform, you explicitly agree to our processing of your personal data as detailed in this Privacy Policy.

2. How We Utilize Your Information:

We use the personal information collected to:

• Enhance Service Delivery: Provide and maintain the quality of our services.
• Personalize Experience: Tailor content and advertisements to better match your interests and improve your overall service experience.
• Manage Your Account: Support the management of your service usage, enabling access to various functionalities as a registered user.
• Communicate: Contact you with updates, security alerts, and promotional messages through email or other forms of communication.
• Security and Fraud Prevention: To detect, prevent, and address fraud, security risks, and other malicious or illegal activity.
• Legal Compliance: To comply with applicable laws, regulations, legal processes, and governmental requests.
• Enforcing Terms: To enforce our Terms of Use and other policies.
• Support Social Features: To enable friend connections and friend suggestions, deliver messages and reactions between users, manage shared photo feeds and leaderboards, support your controls such as blocking, unfriending, reporting, deleting, hiding or showing content, and maintain the proper operation of your social and sharing features.
• Push Notifications: To deliver timely notifications including habit reminders, friend requests, incoming messages, reactions to your Moments, leaderboard updates, and other app-related communications.
• Content Safety and Moderation: To automatically review your uploaded photos for compliance with our content rules, including detection of NSFW or otherwise restricted content, and to prevent prohibited content from being circulated within the App.

3. Analytical Use and Compliance:

We analyze anonymized or aggregated data to enhance our services and ensure compliance with legal requirements, aiding in the prevention of fraud and illegal activities.

4. Advertisements and Analytics:

Third-party analytics may be used to understand service usage patterns and improve service delivery. These analytics are derived from data collected through cookies and similar technologies, which do not contain personally identifiable information.

5. Cookies:

Cookies are utilized to understand user interactions and store preferences related to your service use. You can manage these settings to adjust your privacy preferences.

6. Your Privacy Rights:

You have the right to opt out of receiving promotional communications and can manage, access, or modify your personal data, except where retained for legitimate business or legal reasons.

7. Policy Updates:

This Privacy Policy is subject to updates, which will be reflected in the revised document available on our platform. We encourage you to review this policy periodically. Continued engagement with our services after such updates constitutes your acceptance of the terms.

By using our services, you confirm that you understand and agree to the terms set out in this Privacy Policy, ensuring a secure and transparent user experience.

We do not share your data with other companies, organizations and individuals unless one of the following circumstances applies:

1. Sharing with your Consent:

• We do not share your personal information with third parties without your explicit consent. Where consent is required for sharing specific data, we will seek this consent separately.

2. Legal Compliance and Protection of Rights:

We may disclose your Personal Data if required to do so by law or in the good faith belief that such action is necessary to:

• Comply with a legal obligation, subpoena, court order, or other valid legal process.
• Protect and defend our rights or property.
• Prevent or investigate possible wrongdoing in connection with the Service.
• Protect the personal safety of users of the Service or the public.
• Protect against legal liability.

3. Service Providers and Partners:

We may share only the minimum personal information necessary with third parties to provide, improve, promote, and protect our services. These include:

• Service Providers: We may share Personal Data with third-party vendors, consultants, and other service providers who perform services on our behalf (e.g., cloud hosting, data storage, payment processing (e.g., Apple App Store In-App Purchase, Google Play Billing), customer support, analytics (e.g., Google Analytics, Firebase Analytics), marketing, and advertising (e.g., Google AdMob, Apple Search Ads). These service providers are contractually obligated to protect your data, and are granted access only to the information necessary to perform their functions. They are prohibited from using your personal information for other purposes.
• Business Partners: We may share limited data such as: Contact details and demographic information, … with our business partners with whom we collaborate to provide you the best services or promotional offers. This is only done with your explicit consent and is strictly controlled under confidentiality agreements, ensuring compliance with privacy laws and limiting use to the agreed purposes.

4. Business Transfers:

If we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of company assets, or transition of service to another provider, your Personal Data may be shared or transferred as part of such a transaction, subject to standard confidentiality arrangements.

5. Public Interactions:

If you engage in activities on public areas of our services, your information can be seen by others and may be read, collected, or used by them. You are advised to exercise caution when deciding to disclose your personal information in these areas.

Where the App offers social or feed-based features, your selected photos to upload may be made visible to other users, including sharing with approved friends. Messages you send are delivered to and visible by the intended recipients. Your display name, avatar, and habit statistics may be visible on the leaderboard to other users.

You may change these settings, remove your own content and messages, unfriend or block users, or restrict interactions with other users through available controls within the App. Please note that once a message or photo has been delivered to another user, we cannot guarantee its removal from their device.

6. Cookies:

We use cookies to understand and save your preferences for future visits and compile aggregate data about site traffic and site interactions. This helps us offer better site experiences and tools in the future. You may manage your cookie preferences through your browser settings.

The main Permissions used by Enermind are described below.

Permission 1: NSCameraUsageDescription

This permission allows the app to access your camera so you can capture and take photos to import images for daily healthy habits verification, such as drinking water, stretching, or going outside through AI-powered image recognition. The application only uses the camera when you choose to capture an image and does not record or access the camera without your action.

Permission 2: Notifications (UNUserNotificationCenter + APNs)

This permission is requested to send both local and remote push notifications. Local notifications provide habit reminders and scheduled alerts based on your personalized settings. Remote push notifications (via Apple Push Notification service) deliver real-time updates including friend requests, incoming messages, reactions to your Moments, leaderboard updates, and other social interactions. When you allow this permission, your device token is registered with our servers to enable push notification delivery. You can manage or disable notifications at any time through your device settings.

Permission 3: NSUserTrackingUsageDescription (App Tracking Transparency)

We require your permission to use App Tracking Transparency (ATT) in order to access information about your activity across third-party applications and websites. This allows us to improve your experience with the application, to measure the effectiveness of our features, and to optimize performance. This information is used solely for these purposes, you can choose to manage, change or withdraw this permission at any time through your device settings.

Permission 4: com.apple.developer.family-controls (Entitlement)

We request access to Screen Time features to allow you monitor and manage usage of selected applications. With your explicit consent, the application may apply usage restrictions and track activity duration for the apps you choose, such as TikTok, Instagram, YouTube Short, using Apple-provided APIs (including FamilyControls, DeviceActivity, and ManagedSettings). Your selected applications are processed and stored locally on your device as opaque tokens. This information is not transmitted to, or shared with our servers.

Permission 5: NSHealthShareUsageDescription (HealthKit)

We request read-only access to your step count data through Apple HealthKit. This data is used solely to verify completion of walking and running habits within the app, allowing you to earn Brain Energy by reaching step goals. Step count data is processed entirely on your device and is not transmitted to, stored on, or shared with our servers or any third parties. We do not write any data to HealthKit. You can revoke this access at any time through the Health app on your iPhone.

Permission 6: NSMotionUsageDescription (Core Motion)

We request access to motion and fitness data through Apple's Core Motion framework (CMPedometer) to provide real-time step counting during active walking and running sessions. This data is used exclusively for live step tracking within the app and is not stored beyond the active session. Motion data is processed entirely on your device and is not transmitted to our servers or shared with any third parties. You can revoke this access at any time through Settings > Privacy & Security > Motion & Fitness.

These permissions are essential for the app to function properly and are strictly used in accordance with Apple App Store's regulations to ensure a secure, efficient, and user-respecting operation. The app prioritizes user rights and privacy, implementing these permissions to enhance user experience without compromising privacy and security.

1. International Data Transfers:

Your personal information may be transferred to and processed in countries outside of your country of residence, including where our servers are located or where our service providers operate. These countries may have data protection laws that are different from those in your jurisdiction.

We take appropriate measures to ensure that your personal information remains protected according to the security standards outlined in this Privacy Policy, regardless of where it is processed. This includes implementing strong contractual arrangements (such as Standard Contractual Clauses) and security measures to protect your data during international transfers.

2. Safeguarding Measures:

We implement strong contractual arrangements and security measures to protect your data when it is transferred internationally. This includes using encryption, secure data transfer protocols, and ensuring that all data handlers comply with our data protection and privacy standards.

3. Data Security Practices:

To protect your personal information from unauthorized access, loss, or misuse, we employ a variety of security technologies and procedures. These include encryption, firewalls, and access controls that restrict who can access your data and how it is used. Our security measures are designed to provide a level of protection that matches or exceeds industry standards.

4. Handling Data Risks:

While we endeavor to secure your data, the transmission of information over the internet can never be guaranteed to be completely secure. We encourage you to take precautions to protect your personal information when using digital services, including monitoring your account settings and access privileges.

5. Data Security

We implement appropriate technical and organizational security measures designed to protect the security of any personal information we process, including encrypting data at rest and in transit, access controls, and secure development practices. However, please note that no method of transmission over the Internet or method of electronic storage is completely secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.

6. Data Retention And Deletion

We retain your Personal Data only for as long as necessary for the purposes stated in this Privacy Policy, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements).

• Account Information: We generally retain your account information for as long as your account remains active.
• User-Generated Content and Usage Data: We retain user-generated content and usage data for as long as necessary to provide the services you use or for legitimate business purposes, unless you request earlier deletion.
• Messages:Chat messages and reactions are retained for as long as both participants maintain active accounts. When you delete a message, it is removed from our servers, but copies may persist on the recipient's device. When your account is deleted, your messages are removed from our servers.
• Social Data: Friend connections, block lists, and report history are retained for as long as your account remains active. Leaderboard data is retained on a rolling weekly basis and historical records may be retained for analytical purposes.
• Other Data: Other types of data are retained for periods necessary to fulfill the purposes for which they were collected.

When your account is deleted or upon receiving a valid data deletion request, we will securely delete or anonymize your Personal Data according to our internal procedures and applicable law, subject to any legal obligations or legitimate business needs (e.g., fraud prevention, dispute resolution) requiring us to retain certain information. Please note that residual copies may take some time to be fully removed from backup systems.

7. Correcting and Updating Your Information:

You have the right to request access to, correction of, or deletion of your personal information. If your personal data changes, or if you no longer wish to use our service, you may correct, update, or remove the information by making a direct request to us.

1. Your Rights to Access and Control Personal Data:

You have the right to access, review, and manage your personal data stored by us. Under applicable laws, you can request information about the data we hold on you, as well as request updates, corrections, or deletions of any inaccuracies.

2. How to Manage Your Information:

You can exercise your data protection rights through several options:
Update and Correct: Directly modify your personal details via your account settings.
Privacy Controls: Adjust settings to manage the use of your data, including opting out of targeted advertising and managing communication preferences.

3. Limitations on Access:

In certain circumstances, as permitted or required by law, your ability to access or control your personal data may be limited. The scope of access may also vary by the specific services and products you utilize.

4. Processing Requests:

We endeavor to promptly fulfill requests to access or modify personal information. You can initiate these requests through the contact options available on our platform.

5. Additional Support:

If certain personal data cannot be accessed or controlled via our standard tools or if you have specific inquiries regarding your data rights, please reach out to us directly for assistance.

6. Transparency and Accountability:

We regularly review and report on the requests we receive to access or control personal data, ensuring transparency and accountability in our data handling practices.

1. Data Collection and Consent:

Our Service is not intended for use by children under the age of 13 (or a higher age threshold if required by applicable law in your jurisdiction). We do not knowingly collect personally identifiable information from children under this age without verifiable parental consent. If we become aware that we have collected Personal Data from a child without verification of parental consent, we will take steps to remove that information from our servers promptly. If you are a parent or guardian and you are aware that your child has provided us with Personal Data, please contact us.

2. Parental Rights:

Parents or guardians have the right to review, manage, and delete their child's information. We provide tools and support to facilitate these actions.

3. Revoking Consent:

At any time, parents or guardians can revoke their consent and request the deletion of their child's information from our systems.

4. Reporting Issues:

For issues regarding the protection of minors' data, please contact us immediately.

We may revise our Privacy Policy from time to time to reflect changes in our practices or service offerings. When updates are made, we will notify you by sending an email and/or displaying a prominent notice on our service. Additionally, we will update the ‘Last updated’ date at the top of the Privacy Policy, which can be viewed on this page.

For significant changes, we may also send a push notification directly through the service.

We encourage you to review our Privacy Policy periodically to stay informed of how we are protecting the personal information we collect. Continued use of the service after any updates signifies your agreement to the revised policy.

If you have any questions about our Privacy Policy or wish to make a request regarding certain personal information, you are encouraged to contact us. The contact information is: