Privacy Policy

1. Contact Details

If you have any questions about this Privacy Policy or your data, you can contact us at:

Email: hyggrdev@gmail.com

If you are located in the UK or EU, you also have the right to lodge a complaint with your local data protection authority.

2. Data We Collect

We collect the following categories of data:

Account data

Email address (required to create and manage your account, and, with your consent, to send you product updates or subscription information).

Usage and technical data

Depersonalized analytics and performance data such as app interactions, device type, operating system version, crash logs, and general usage statistics.

Task content and username (for AI features)

• Task names and descriptions you enter.
• The username you choose in the app.

This content is sent to our AI provider (OpenAI API) only for the purpose of generating quests and related in-app content and is not stored by us after processing.

We do not intentionally collect data from children under 13, and the App is not directed to them.

3. How We Use Your Data

We process your data for the following purposes and legal bases under GDPR:

To provide and maintain the App

• Creating and managing your user account.
• Enabling core functionality (tasks, quests, focus timers, stats).
• Legal basis: performance of a contract.

To provide AI-powered features

• Sending your task content and username to OpenAI API to generate quests and related content.
• Legal basis: performance of a contract; in some jurisdictions, your consent where required.

To improve performance and fix bugs

• Using depersonalized analytics and crash data to monitor app performance and debug issues.
• Legal basis: legitimate interests in operating and improving our services.

To communicate with you

• Sending essential service emails (account, security, critical changes).
• Sending product updates or marketing messages only with your consent, where required.
• Legal basis: performance of a contract; consent; legitimate interests (for non-marketing operational messages).

4. Data Retention

• Account and email data: kept for as long as your account is active. If you delete your account, we will delete or anonymize this data, except where we must retain certain information for legal, accounting, or security reasons.
• Usage and analytics data: retained for up to 90 days, after which it is deleted or anonymized.
• Task names, descriptions, and username sent to OpenAI API: used only to process the request and generate quests. We do not store this content in our own databases after processing. Our AI provider may retain API data for a limited period (e.g., up to 30 days) for abuse monitoring, as described in their own privacy documentation.

5. Sharing Your Data

We do not sell your personal data and we do not share it for third-party advertising.

We share data only with the following categories of service providers, under data processing agreements where required:

• Cloud hosting and infrastructure: Google Cloud (to host and operate the App backend).
• Analytics / crash reporting: Firebase (to collect depersonalized usage and crash data).
• AI service provider: OpenAI API (to generate quests and related text based on the tasks and usernames you submit).

These providers process data on our behalf and according to our instructions, solely to provide their services to us.

We may also disclose information if required by law or to protect our rights, users, or the security of the service.

6. International Data Transfers

Our service providers (including Google Cloud, Firebase, and OpenAI) may process data on servers located outside the UK or EU. Where this involves transferring personal data from the UK/EU to a third country, we rely on appropriate safeguards such as Standard Contractual Clauses or equivalent mechanisms, as permitted by applicable law.

7. Your Rights (GDPR / UK GDPR)

If you are in the UK or EU, you have the following rights regarding your personal data, subject to conditions and exceptions in the law:

• Right of access (to know what data we hold about you).
• Right to rectification (correct inaccurate data).
• Right to erasure (request deletion of your data).
• Right to restriction of processing.
• Right to data portability (receive a copy in a structured, machine-readable format).
• Right to object to certain processing (including where we rely on legitimate interests).
• Right to withdraw consent at any time, where processing is based on consent.

To exercise these rights, contact us at hyggrdev@gmail.com.

8. Your Rights Under CCPA/CPRA (California Residents)

If you are a resident of California, you may have the following rights under the California Consumer Privacy Act (CCPA/CPRA):

• Right to know what categories of personal information we collect, use, and disclose.
• Right to access specific pieces of personal information we hold about you.
• Right to request deletion of your personal information, subject to legal exceptions.
• Right to correct inaccurate personal information.
• Right to opt out of the "sale" or "sharing" of personal information (we do not sell your personal information).
• Right not to receive discriminatory treatment for exercising your rights.

You can exercise these rights by contacting us at hyggrdev@gmail.com.

9. Security

We use reasonable technical and organizational measures to protect your personal data, including encryption in transit and restricted access to production systems. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.

10. Children's Privacy

Hyggr is not directed to children under 13, and we do not knowingly collect personal data from children under 13. If you believe a child has provided us personal data, please contact us so we can delete it.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will post the updated version in the App and on our website and update the "Last updated" date. If changes are material, we may also notify you by email or in-app notice.