31Done Privacy Policy

Effective Date: May 29, 2025

At 31Done, we value your privacy and are committed to protecting your personal information. This Privacy Policy explains how we collect, use, share, and safeguard your data when you use our habit-tracking app and website (www.31done.com). By using 31Done, you agree to the practices described below.

1. Information We Collect

We collect the following types of information to provide and improve our services:

• Personal Information: When you sign up or join our beta waiting list, we collect your email address, first name, last name, and password (encrypted). You may also provide optional information like an avatar or address (e.g., for shipping preferences).
• Usage Data: We collect data about your interactions with the app, such as challenges created, posts shared, friend connections, reactions, and notifications viewed.
• Device Information: We may collect device type, operating system, IP address, and app version to optimize performance.
• Log Data: Our servers log actions (e.g., signups, challenge updates) to monitor app health and security, stored in an audit log.

2. How We Use Your Information

We use your information to:

• Provide and personalize the 31Done app, including challenges, social features (e.g., friend lists, posts), and notifications.
• Send you emails, such as beta access notifications, account verification (via SendGrid), or app updates.
• Analyze usage to improve features, fix bugs, and enhance user experience.
• Ensure security, prevent fraud, and comply with legal obligations.

3. How We Share Your Information

We do not sell your personal information. We may share data in these cases:

• Service Providers: We use trusted third parties like SendGrid (for emails) and AWS (for hosting) to operate the app. They access only necessary data under strict agreements.
• Social Features: Your posts, challenge progress, or reactions may be visible to friends or public users based on your visibility settings (public, friends-only, private).
• Legal Requirements: We may disclose data if required by law, such as to comply with a subpoena or protect our rights.

4. Data Security

We use industry-standard measures to protect your data, including:

• Encrypting passwords (using bcrypt) and sensitive communications (HTTPS, WSS).
• Storing data securely on AWS with access controls.
• Regularly auditing our systems for vulnerabilities.

However, no system is 100% secure, and we cannot guarantee absolute security.

5. Your Choices and Rights

You have control over your data:

• Access and Update: View or edit your profile (e.g., email, name) in the app’s Settings.
• Delete: Request account deletion by emailing support@31done.com. We’ll soft-delete your data (mark as deleted) and purge it after 30 days, except where required by law.
• Opt-Out: Unsubscribe from non-essential emails (e.g., marketing) via the unsubscribe link.
• GDPR/CCPA Rights: If you’re in the EU, UK, or California, you may request data access, correction, or deletion. Contact us at support@31done.com.

6. Data Retention

We retain your data as long as your account is active or as needed to provide services. Soft-deleted data (e.g., challenges, posts) is purged after 30 days. Audit logs and backups may be retained longer for legal or operational purposes.

7. Children’s Privacy

31Done is not intended for users under 13. We do not knowingly collect data from children under 13. If you believe we have such data, contact us at support@31done.com.

8. Third-Party Links

Our app may link to external sites (e.g., X). We’re not responsible for their privacy practices. Review their policies before sharing data.

9. Changes to This Policy

We may update this Privacy Policy as our app evolves. Changes will be posted here with a new effective date. Significant changes will be communicated via email or in-app notification.

10. Contact Us

For questions or concerns about this Privacy Policy, contact us at:

Email: support@31done.com
Website: www.31done.com