Privacy Policy

📋 Overview

This Privacy Policy describes how Tracking Tools ("we," "us," or "our") collects, uses, and protects information when you use our habit tracking service at simplehabittracker.com.

We are committed to transparency. We've written this policy in plain language because we believe you deserve to understand exactly what happens with your information. If anything is unclear, please contact us.

By using Tracking Tools, you agree to the collection and use of information in accordance with this policy.

📥 Data We Collect

Account information (if you register):

• Email address (required for account creation and communication)
• Display name (optional)
• Password (stored in hashed, encrypted form — we never see your plaintext password)

Habit tracking data:

• Habit names and descriptions you create
• Daily completion records (which habits you checked, when)
• Streak history and statistics
• Templates you've used or created

Technical data (automatically collected):

• Browser type and version
• Device type (mobile, desktop, tablet)
• Time zone (for accurate day-based tracking)
• IP address (anonymized after 24 hours)
• Pages visited and features used (aggregated, anonymous)

What we do NOT collect:

• No payment card details (handled by our payment processor, Stripe)
• No location data beyond time zone
• No camera, microphone, or contacts access
• No social media account data

⚙️ How We Use Your Data

We use the data we collect for the following purposes only:

• Providing the service: Storing your habits, syncing across devices, calculating streaks
• Account management: Sending password reset emails, account notifications
• Service improvement: Anonymous, aggregated usage analytics to understand which features are most valuable
• Customer support: Responding to your questions and resolving issues
• Security: Detecting and preventing unauthorized access or abuse
• Legal compliance: Meeting our obligations under applicable law

We do not use your data for advertising targeting, behavioral profiling, or sale to third parties.

🤝 Data Sharing

We do not sell, rent, or trade your personal information. We share data only in these limited circumstances:

• Service providers: We use Stripe (payments), AWS (hosting), and Postmark (transactional email). Each is bound by strict data processing agreements.
• Habit buddy feature: If you choose to share your tracker with a habit buddy, only the data you explicitly select is shared — with the specific person you invite.
• Legal requirements: We may disclose data if required by law or to protect the rights and safety of our users.
• Business transfers: If we are acquired, user data would transfer to the new owner under the same privacy commitments.

🔐 Security

We implement industry-standard security measures to protect your data:

• All data transmitted using TLS 1.3 encryption (HTTPS)
• Passwords hashed using bcrypt with individual salts
• Habit data encrypted at rest using AES-256
• Regular security audits and penetration testing
• Two-factor authentication available for all accounts
• Strict employee access controls — only 2 engineers can access production data, with logging of all access

No system is 100% secure. If you discover a security vulnerability, please report it to hello@strengthconditioningprogram.com.

⚖️ Your Rights

Under GDPR (for EU users), CCPA (for California users), and our own commitment to privacy-first design, you have the right to:

• Access: Request a complete copy of all data we hold about you
• Correction: Update any inaccurate personal information
• Deletion: Request permanent deletion of your account and all associated data
• Portability: Export your habit data in a machine-readable format (CSV)
• Objection: Object to any processing of your data
• Withdrawal: Withdraw consent at any time for any processing based on consent

To exercise these rights, email hello@strengthconditioningprogram.com with your request. We respond within 48 hours and fulfill requests within 30 days.

🍪 Cookies

We use minimal cookies — only what's necessary for the service to work:

• Session cookie: Keeps you logged in during a browser session
• Preference cookie: Remembers your display preferences (dark mode, etc.)
• CSRF token: Security cookie to prevent cross-site request forgery

We do not use advertising cookies, tracking cookies, or third-party analytics cookies. No cookie consent banner is needed because we only use strictly necessary cookies.

🗓️ Data Retention

We retain your data for as long as your account is active. If you delete your account:

• Your habit data is permanently deleted within 30 days
• Backup copies are purged within 90 days
• Financial records are retained for 7 years (legal requirement)
• Anonymized, aggregated usage statistics may be retained indefinitely

👦 Children's Privacy

Tracking Tools is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us immediately and we will delete it.

📝 Policy Changes

We may update this Privacy Policy from time to time. We will notify you of significant changes by:

• Emailing registered users at least 14 days before the change takes effect
• Displaying a notice on our website
• Updating the "Last updated" date at the top of this page

Your continued use of Tracking Tools after changes take effect constitutes acceptance of the updated policy.

✉️ Contact

For privacy-related questions, requests, or concerns:

• Email: hello@strengthconditioningprogram.com
• Address: 4-2-8 Shibakoen, Minato City, Tokyo 105-0011, Japan
• Response time: Within 48 business hours