Privacy Policy

Last updated: 11 May 2026

1. Who We Are

HubitHab is a mobile application developed by Mikhail Kostenko, operating under the trade name SingleDev (av. Calouste Gulbenkian 1378, 4460-266 Senhora da Hora, Portugal). For any privacy-related questions, contact us at hello@hubithab.eu.

We are the data controller for the purposes of the General Data Protection Regulation (GDPR).

2. What Data We Collect and Why

HubitHab is built around automatic tracking — you do not enter habit data manually. Here is what the app accesses and why:

GitHub and LeetCode usernames. When you add a GitHub or LeetCode connection, you provide your public username. We send it to our proxy server solely to fetch your public contribution activity. We do not store your username beyond what is needed to make that request.

Apple Health data. If you add a HealthKit connection (steps, alcohol), the app reads that data directly on your device via HealthKit. This data never leaves your device and is never sent to our servers. Apple controls all access through its standard permissions dialog.

Contact messages. If you contact us via the in-app feedback form or by email, we collect your email address and the content of your message. We use it only to respond to you. Legal basis: Article 6(1)(f) GDPR (legitimate interest in responding to user inquiries). We delete correspondence once your matter is resolved.

Purchase information. If you purchase the unlimited plan, your transaction is handled by RevenueCat (see Section 4). We do not see or store your payment card details.

3. Data We Do Not Collect

We do not collect your name, location, device identifiers, or any analytics about how you use the app. We do not display ads and we do not sell your data.

4. Third-Party Services

RevenueCat, Inc. (300 Euclid Avenue, San Francisco, CA 94118, USA) processes in-app purchases on our behalf. When you make a purchase, your order information is shared with RevenueCat for the sole purpose of verifying and managing your subscription status. This transfer is based on Article 6(1)(b) GDPR (performance of a contract). We have a Data Processing Agreement in place with RevenueCat. Their privacy policy is available at revenuecat.com/privacy.

5. Data Transfers Outside the EU

RevenueCat is based in the United States. Data transferred to RevenueCat is protected by a Data Processing Agreement incorporating Standard Contractual Clauses as required by GDPR.

6. How Long We Keep Your Data

Contact messages are deleted once the matter is fully resolved. Purchase records held by RevenueCat are retained according to their own retention policy. HealthKit data is never stored by us.

7. Your Rights

Under GDPR, you have the right to access, correct, delete, or restrict the processing of your personal data, to receive it in a portable format, and to withdraw consent at any time. You also have the right to lodge a complaint with a supervisory authority — in Portugal, that is the CNPD (Comissão Nacional de Proteção de Dados).

To exercise any of these rights, contact us at hello@hubithab.eu.

8. Security

Our proxy server uses authentication to prevent unauthorized access. HealthKit data never transits our infrastructure. We apply reasonable technical measures to protect any data we do handle, though no internet transmission can be guaranteed absolutely secure.

9. Children

HubitHab is not directed at children under 16. We do not knowingly collect personal data from anyone under 16. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

10. Changes to This Policy

We may update this policy as the app evolves. Material changes will be noted at the top of this page with a revised date. Continued use of the app after changes constitutes acceptance of the updated policy.