Golander Privacy Policy
Effective Date: January 6, 2026
Last Updated: January 6, 2026
Golander ("we," "us," or "our") is a habit-tracking app designed to help you build better routines and break unwanted patterns. We take your privacy seriously. This Privacy Policy explains what information we collect, how we use it, and the choices you have.
By using Golander, you agree to the practices described in this policy. If you don't agree, please don't use our app.
1. Data We Collect
We collect only the information necessary to provide and improve Golander. Here's what we gather:
Information You Provide
| Data Type | Purpose | Required? |
|---|---|---|
| Name | Personalize your experience and display in-app | Yes |
| Email address | Account creation, login, and important notifications | Yes |
| Password | Account security (stored as a secure hash, never in plain text) | Yes |
| Profile photo | Personalize your profile | No |
| Habit logs | Track your progress and calculate streaks | Yes (to use core features) |
| Notes | Personal reflections you add to goals | No |
Information from Shared Features
If you choose to invite friends or share progress:
- Names and emails of people you invite (used only to send invitations)
- Shared goal progress (visible only to people you explicitly invite)
Information Collected Automatically
| Data Type | Purpose |
|---|---|
| Device type and OS version | Ensure app compatibility |
| App version | Debugging and support |
| General usage patterns | Understand which features are helpful |
| Crash reports | Fix bugs and improve stability |
We do NOT collect: precise location, contacts (beyond invitations you initiate), health data from other apps, or browsing history.
2. How We Use Your Data
We use your information to:
- Provide the service — Store your habits, track completions, calculate streaks
- Personalize your experience — Greet you by name, remember your preferences
- Send essential communications — Password resets, security alerts, major policy changes
- Improve the app — Analyze aggregate usage patterns to make Golander better
- Provide support — Help you when something goes wrong
What We Don't Do
- We don't sell your data. Ever. To anyone.
- We don't use your data for advertising. No ad networks, no behavioral targeting.
- We don't share your habit data with employers, insurers, or data brokers.
- We don't train AI models on your personal data.
3. Sharing and Visibility
Your Data Is Private by Default
When you create a habit or goal, only you can see it. Period.
Opt-In Sharing Only
You can choose to share specific goals with friends or family by inviting them. When you do:
- They see only the goals you explicitly share
- They can see your completion status for those goals
- They cannot see your private goals, notes, or other account details
- You can revoke access at any time
Third-Party Services We Use
| Service | Purpose | Data Shared |
|---|---|---|
| Supabase | Database and authentication | Account data, encrypted |
| Analytics | Anonymous usage analytics | Anonymized events only |
| Expo | Push notifications | Device tokens only |
When We May Disclose Data
We may share your information only if:
- You ask us to (e.g., exporting your data)
- Required by law (valid subpoena, court order, or legal process)
- Necessary to protect safety (imminent harm to you or others)
- Part of a business transfer (merger or acquisition — you'd be notified first)
4. Your Rights & Choices
You have control over your data. Here's what you can do:
| Right | How to Exercise It |
|---|---|
| Access your data | View your profile, habits, and history in the app |
| Export your data | Request a copy via Settings → Privacy → Export My Data |
| Delete your data | Request deletion via Settings → Privacy → Delete My Account |
| Correct your data | Edit your profile and habits directly in the app |
| Withdraw consent | Disable optional features or delete your account |
California Residents (CCPA/CPRA)
If you're a California resident, you have additional rights:
- Right to Know: Request details about data we've collected in the past 12 months
- Right to Delete: Request deletion of your personal information
- Right to Opt-Out of Sale: We don't sell your data, so this doesn't apply
- Right to Non-Discrimination: We won't treat you differently for exercising your rights
- Right to Correct: Request correction of inaccurate personal information
To exercise these rights, email us at privacy@golander.app or use the in-app privacy settings. We'll respond within 45 days.
Analytics Opt-Out
To opt out of analytics:
- Open Golander and go to Settings
- Scroll to Privacy
- Toggle off Usage Analytics
5. Data Security
We protect your data using industry-standard practices:
- Encryption in transit: All data sent between your device and our servers uses TLS 1.3
- Encryption at rest: Your data is encrypted on our servers
- Password hashing: We never store your password in plain text (we use bcrypt)
- Access controls: Only authorized team members can access user data
- Regular security reviews: We periodically audit our systems for vulnerabilities
Your Role: Keep your password secure. Don't share your account credentials. If you think your account has been compromised, contact us immediately at security@golander.app.
6. Data Retention
| Data Type | Retention Period |
|---|---|
| Active account data | As long as your account exists |
| Deleted account data | Removed within 30 days of deletion request |
| Analytics data | Anonymized and aggregated; kept indefinitely |
| Backup copies | Deleted within 90 days of account deletion |
7. Children's Privacy
Golander is not intended for users under 16 years of age.
We do not knowingly collect personal information from children under 16. If we learn that we've collected personal information from a child under 16 without parental consent, we will delete that information promptly.
8. Data Storage Location
Your data is stored on servers located in the United States. If you're accessing Golander from outside the U.S., your information will be transferred to and processed in the U.S.
9. Policy Updates
We may update this Privacy Policy from time to time. When we do:
- Minor changes: We'll update the "Last Updated" date at the top
- Material changes: We'll notify you via email or in-app notification before changes take effect
10. Contact Us
Questions about this Privacy Policy? We're here to help.
Golander
Newark, NJ, United States
Email: privacy@golander.app
For security issues: security@golander.app
Response time: Within 5 business days
Summary (TL;DR)
- We collect only what we need to run Golander
- Your habits are private by default
- We never sell your data
- You can view, export, or delete your data anytime
- You can opt out of analytics in Settings → Privacy
- We use strong encryption and security practices
- You must be 16+ to use Golander
- Questions? Email privacy@golander.app