Privacy Policy
Last updated: 30 June 2026
Contents
- Introduction
- Privacy at a Glance
- Information We Collect
- What We Do Not Collect
- How We Use Your Information
- Legal Bases for Processing (GDPR / UK GDPR)
- Camera, Photos & AI Validation
- Third-Party Service Providers
- Data Storage & International Transfers
- Data Retention
- Your Rights & Choices
- Push Notifications
- Children's Privacy
- Security
- Data Breaches
- Changes to This Policy
- Contact Us
1. Introduction
This Privacy Policy explains how Oath ("Oath", "we", "us", or "our") collects, uses, stores, shares, and protects your personal data when you use the Oath mobile application for iOS (the "App") and our website at oath-app.com (the "Site", and together with the App, the "Service"). It also describes your rights and how to exercise them.
For the purposes of the UK General Data Protection Regulation (UK GDPR), the EU General Data Protection Regulation (EU GDPR), and other applicable data protection laws, Oath is the data controller of the personal data described in this Policy.
By downloading, installing, or using the App, you acknowledge that you have read and understood this Policy. If you do not agree with it, please do not use the Service. This Policy should be read together with our Terms of Service.
Questions or requests? Contact us any time at hello@oath-app.com.
2. Privacy at a Glance
We believe in collecting as little as possible. In short:
- We collect the minimum needed to run the App — your account, the habits and to-dos you create, your streaks and completions, and your subscription status.
- Photo proof is processed, not stored. When you submit a photo for AI verification, it is sent securely for analysis and is not saved to our servers afterwards. There is no photo gallery, cloud photo album, or profile-picture storage in the App.
- We do not sell your data, and we do not share it for advertising.
- We do not run third-party analytics, ad tracking, or behavioural profiling. We do not collect your location, contacts, health data, or advertising identifiers.
- You can delete everything at any time from inside the App, which permanently erases your account and all associated data.
The sections below give the full detail.
3. Information We Collect
We collect only the categories of data set out in the table below.
| Category | What it includes | Why we collect it |
|---|---|---|
| Account data | When you sign in with Apple Sign In, Apple provides us with a unique identifier, your email address, and your name (you may choose to hide your real email using Apple's Hide My Email private relay). We store your email to identify your account and your name as a display name (which you can edit or leave blank). We never receive or store a password — authentication is handled entirely by Apple. | Creating and securing your account |
| App content | The habits and to-dos you create (title, optional description, emoji, schedule, time-of-day, time window, priority, validation type, reminder time, weekly target, daily reps, habit type), your completion records, streak counts, rep progress, and any freeform notes you write. | Providing the core functionality of the App and syncing it across your sessions |
| Photo proof (transient) | A live photo you capture in-app for a habit or to-do that uses photo validation. The image is transmitted for AI analysis and is not stored on our servers afterwards — we keep only the resulting verdict (pass/fail). See Section 7. | AI verification that you completed the task |
| Subscription data | Your Oath+ subscription status (active, trial, expired), plan type (monthly or yearly), renewal/expiry dates, and transaction identifiers, provided to us by RevenueCat and Apple. We never receive or store your payment card details. | Managing your Oath+ subscription, which is required to use the App |
| Notification preferences & device token | Your choices for in-app notifications (daily reminders and streak-milestone alerts) and, if you enable notifications, a device push token issued by Apple. | Sending only the reminders you have opted into |
| Device identifier (abuse prevention) | A random identifier generated and stored locally on your device, sent with AI-validation requests. It is not linked to your real-world identity and is used solely to help prevent abuse of the AI service. | Protecting the integrity of the AI validation service |
| Limited technical data | Standard technical information necessarily processed to deliver an internet service (such as IP address and request metadata handled by our infrastructure providers in the course of transmitting data and securing the Service). We do not use this to profile or track you. | Operating, securing, and debugging the Service |
4. What We Do Not Collect
We want to be explicit about what we do not do:
- We do not collect your precise location, GPS data, or background location.
- We do not access your contacts, calendar, microphone, or health/fitness data.
- We do not import photos from your photo library — proof is captured live with the camera only.
- We do not store proof photos, build a photo album, or keep profile pictures.
- We do not use the Advertising Identifier (IDFA), serve advertisements, or build advertising profiles, and we do not ask for App Tracking Transparency permission because we do not track you across other apps or websites.
- We do not embed third-party analytics, crash-reporting, or behavioural-tracking SDKs.
- We do not sell, rent, or trade your personal data, and we have not done so in the preceding 12 months.
5. How We Use Your Information
We use the information we collect to:
- Create, authenticate, and secure your account via Apple Sign In.
- Store and sync your habits, to-dos, completions, streaks, rep progress, and notes so they are available across your sessions and devices.
- Process photo proof through AI validation and return a pass/fail result (see Section 7).
- Manage your Oath+ subscription, free trial, and entitlement.
- Send the reminders and milestone notifications you have enabled.
- Enforce fair-use limits on the AI validation service and otherwise protect the Service against fraud, abuse, and security threats.
- Respond to your support requests and communicate with you about the Service.
- Comply with our legal obligations and enforce our Terms of Service.
We do not use your personal data for automated decision-making that produces legal or similarly significant effects on you, other than the AI proof verification described in Section 7, for which a manual alternative is always available.
6. Legal Bases for Processing (GDPR / UK GDPR)
If you are in the United Kingdom, European Economic Area, or another region with similar laws, we rely on the following legal bases:
- Performance of a contract — processing your account data, app content, subscription data, and photo-validation requests is necessary to provide the Service you have asked for under our Terms.
- Legitimate interests — we process limited technical data and an on-device identifier to secure the Service, prevent abuse of the AI feature, and keep the App working reliably, where this is not overridden by your rights.
- Consent — we ask for your consent through the operating system before accessing your camera and before sending push notifications. You can withdraw consent at any time in your device settings.
- Legal obligation — we process data where necessary to comply with applicable law.
7. Camera, Photos & AI Validation
Photo proof is the core of Oath, so we explain it in full.
Live camera only
- For habits or to-dos set to "photo" validation, the App asks for permission to use your camera to take a live photo at the moment of completion.
- The App does not import images from your photo library for validation — proof must be captured live.
- You can revoke camera access at any time in your device's Settings. Manual ("self-attestation") validation remains available as an alternative.
How a photo is processed
- The photo is compressed on your device and sent over an encrypted (HTTPS) connection to our secure backend function, together with the title and any description of the habit or to-do being validated.
- Our backend forwards the image and that text to OpenAI's API, which returns a structured result: pass/fail, a confidence score, and a brief reason.
- The photo is not stored in any database or cloud storage by us, and it is not added to a gallery or shared with anyone. We retain only the verdict.
- Under OpenAI's API terms, data submitted via the API is not used to train their models. See OpenAI's Privacy Policy and API data usage policies.
Automated decision-making & your right to a human alternative
The AI verification makes an automated pass/fail assessment of your photo. This is probabilistic and may occasionally be wrong. You always have a non-automated route: you can use manual validation to mark a task complete yourself, and you may contact us at hello@oath-app.com to request human review of a result you believe is incorrect.
8. Third-Party Service Providers
We share data only with the trusted providers below, each acting as our processor or an independent controller under its own privacy policy. We do not sell your data to anyone.
| Provider | Role | Data involved |
|---|---|---|
| Supabase | Database, authentication, and serverless backend functions that store and sync your account and app content. | Account data, app content, subscription status, notification preferences and token, rate-limit counters. |
| OpenAI | AI analysis of photo proof. | The submitted photo plus the task title/description, at the moment of validation. Not used to train models; not retained by us. |
| RevenueCat | Manages and validates in-app subscriptions in partnership with Apple. | Subscription status, transaction identifiers, and your account identifier. No card data. |
| Apple | App Store distribution, Sign in with Apple, in-app purchase/billing, and the Apple Push Notification service (APNs). | Authentication identifiers, the name/email you choose to share, payment processing (handled entirely by Apple), and push delivery. |
We require every third party that receives personal data from us to protect it to a standard at least equal to that described in this Policy and to use it only to provide services to us. We do not authorise any of them to use your data for their own advertising or to sell it.
The App also checks Apple's public App Store lookup endpoint on launch to see whether a newer version is available; this sends only the App's identifier and no personal data.
9. Data Storage & International Transfers
- Cloud: your account and app content are stored on infrastructure operated by Supabase. Data is encrypted in transit (TLS/HTTPS) and at rest. Database access is restricted by row-level security so that you can only access your own data.
- On your device: your habits, to-dos, completions, and preferences are also cached locally on your device so the App works offline, and synced to the cloud when you are back online.
Some of our providers (for example OpenAI) process data in the United States, and your data may be transferred outside the UK/EEA. Where we transfer personal data internationally, we rely on appropriate safeguards such as the UK International Data Transfer Agreement, the EU Standard Contractual Clauses, or an equivalent lawful transfer mechanism.
10. Data Retention
| Data | Retention |
|---|---|
| Account & profile data | Kept while your account is active; permanently deleted on account deletion. |
| Habits, to-dos, completions, rep progress, notes | Kept while your account is active; permanently deleted on account deletion. |
| Photo proof submitted for AI validation | Not retained by us after the verdict is returned. We keep only the pass/fail result. |
| AI validation counters | Non-identifying daily counters (used to enforce fair-use limits) keyed to an opaque identifier; not linked to your habit content. |
| Subscription records | Retained by RevenueCat and Apple per their policies for the period required for billing, tax, and legal compliance. |
| Notification token & preferences | Kept while your account is active; deleted on account deletion. |
11. Your Rights & Choices
UK / EEA residents (UK GDPR / EU GDPR)
- Access — request a copy of the personal data we hold about you.
- Rectification — correct inaccurate or incomplete data; you can edit your display name directly in the App.
- Erasure — delete your data. You can erase everything yourself in the App (see below).
- Portability — receive your data in a portable, machine-readable format.
- Restriction & objection — restrict or object to certain processing, including processing based on legitimate interests.
- Automated decisions — request human review of an AI validation result (see Section 7).
- Withdraw consent — withdraw camera or notification permissions at any time in your device settings.
- Complain — lodge a complaint with the UK Information Commissioner's Office (ico.org.uk) or your local EEA supervisory authority. We'd appreciate the chance to resolve it first.
California residents (CCPA / CPRA)
- Know / access the categories and specific pieces of personal information we have collected.
- Delete your personal information, subject to legal exceptions.
- Correct inaccurate personal information.
- Opt out of "sale" or "sharing" — not needed: we do not sell or share your personal information as those terms are defined under California law.
- Non-discrimination — we will not discriminate against you for exercising your rights.
How to exercise your rights & delete your account
You can permanently delete your account at any time in the App: Settings → Delete Account (a two-step confirmation). Deletion removes your authentication record and, by cascade, your profile, all habits, to-dos, completions, rep progress, notes, notification token, and preferences from our active systems. Deletion is permanent and cannot be undone.
For any other request, email hello@oath-app.com. We may need to verify your identity, and we will respond within the timeframe required by law (generally one month under UK/EU GDPR and 45 days under CCPA).
12. Push Notifications
With your permission, the App may send push notifications, which may include daily habit reminders and streak-milestone celebrations (for example at 3, 7, 14, 30, 60, 100, and 365 days). To deliver them we store your notification preferences and, when enabled, a device push token, and we use Apple's Push Notification service. You can turn notifications off at any time in your device's Settings, or adjust individual preferences in the App. Disabling notifications does not affect any other feature.
13. Children's Privacy
Oath is not directed to children under 13 (or under 16 in parts of the EEA where that higher age applies), and we do not knowingly collect personal data from them. If you believe a child has provided us with personal data, contact us at hello@oath-app.com and we will delete it promptly.
14. Security
We use technical and organisational measures appropriate to the risk, including:
- Encryption in transit (TLS/HTTPS) and encryption at rest.
- Row-level security so users can access only their own data.
- Authentication delegated to Apple Sign In (no passwords stored by us).
- A subscription entitlement that can only be set server-side, so it cannot be forged by a modified client.
- Rate limiting and input safeguards on the AI validation service.
No method of transmission or storage is completely secure, and we cannot guarantee absolute security. If you discover a vulnerability, please report it responsibly to hello@oath-app.com.
15. Data Breaches
If a personal data breach is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority and, where required by law, affected users without undue delay and in line with applicable timeframes.
16. Changes to This Policy
We may update this Policy from time to time. When we make material changes, we will update the "Last updated" date above and, where appropriate, notify you in the App or by email. Your continued use of the Service after changes take effect constitutes acceptance of the updated Policy.
17. Contact Us
For any privacy question, request, or complaint, contact us at:
- Email: hello@oath-app.com
We aim to acknowledge enquiries within 5 business days and to fulfil verified data-rights requests within the timeframe required by applicable law.