Privacy Policy for "Future You" Mobile App

2. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, we process your personal data based on the following legal grounds:

• Contract Performance: Processing necessary to provide you with the App and its features, as outlined in our Terms of Service.
• Legitimate Interests: Processing necessary for our legitimate interests, such as improving the App, ensuring security, and preventing fraud, provided these interests are not overridden by your rights.
• Consent: Where you have given explicit consent for specific processing activities, such as receiving marketing communications.
• Legal Obligations: Processing necessary to comply with applicable laws and regulations.

3. How We Use Your Information

We use the information we collect for the following purposes:

• Provide and Maintain the App: To create and manage your account, enable social features, and deliver the services you request.
• Personalize Your Experience: To customize content, recommendations, and features based on your preferences and usage.
• Communicate with You: To send service-related announcements, respond to inquiries, and provide customer support.
• Improve the App: To analyze usage patterns, troubleshoot issues, and develop new features.
• Ensure Security: To detect, prevent, and address fraud, abuse, and security issues.
• Comply with Legal Obligations: To fulfill our legal requirements and respond to lawful requests from authorities.

4. Third-Party Service Providers

We use trusted third-party service providers to help us operate and improve the App. These providers have access to your personal data only to perform specific tasks on our behalf and are obligated to protect your information.

Each provider maintains their own privacy policy and security measures. We encourage you to review their privacy practices.

5. Sharing Your Information

We share your information only in the following circumstances:

• With Other Users: Information you choose to share publicly (such as posts and profile information) will be visible to other users of the App.
• With Service Providers: As described in Section 4, we share data with third-party providers who assist in operating the App.
• For Legal Reasons: We may disclose your information if required by law, court order, or government request, or to protect our rights, property, or safety.
• Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred to the successor entity.

WE DO NOT SELL, RENT, OR TRADE YOUR PERSONAL INFORMATION TO THIRD PARTIES FOR THEIR MARKETING PURPOSES.

We have not sold personal information in the preceding twelve (12) months and do not intend to do so.

6. Local Storage and Session Management

As a mobile application, Future You uses local device storage rather than browser cookies. We store only essential data on your device:

• Authentication Tokens: Securely stored using your device's secure storage (iOS Keychain / Android Keystore) to keep you signed in.
• App Preferences: Your settings and preferences to personalize your experience.
• Cached Content: Temporary data to improve app performance and reduce loading times.
• Analytics Preferences: Your choice regarding analytics data collection.

We do not use:

• Advertising or marketing trackers
• Third-party tracking pixels
• Cross-app tracking technologies

You can clear locally stored data by logging out of the App or clearing the App's data in your device settings.

6.1 Analytics Services

We use PostHog for product analytics and session replay to understand how users interact with the App and to improve our services. PostHog may collect:

• Anonymous usage patterns and navigation flows
• Session recordings (with sensitive content automatically masked)
• Device and app technical information
• Feature usage and interaction data

This data is processed based on our legitimate interests (GDPR Article 6(1)(f)) to improve the App. You can opt out of analytics collection in your app settings (Settings → Data & Privacy → App Insights). In rare cases, we may temporarily enable analytics to help diagnose and fix errors/crashes you're experiencing.

7. Data Security

We implement appropriate technical and organizational measures to protect your personal information, including:

• Encryption of data in transit (TLS/SSL) and at rest
• Secure authentication mechanisms
• Regular security assessments and updates
• Access controls limiting who can view your data
• Secure cloud infrastructure with reputable providers

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee its absolute security.

YOU ARE RESPONSIBLE FOR MAINTAINING THE CONFIDENTIALITY OF YOUR ACCOUNT CREDENTIALS AND FOR ANY ACTIVITY THAT OCCURS UNDER YOUR ACCOUNT.

8. Data Breach Notification

In the event of a data breach that affects your personal information, we will:

• Notify you within 72 hours of becoming aware of the breach, in accordance with GDPR requirements and applicable law.
• Provide details about the nature of the breach, the types of data affected, and the potential consequences.
• Describe the measures we are taking to address the breach and mitigate any harm.
• Offer guidance on steps you can take to protect yourself.

We will notify you via the email address associated with your account and, where appropriate, through in-app notifications.

9. Data Retention

We retain your personal data for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.

Retention Periods

• Account Data: Retained for the duration of your account's active status, plus a reasonable period afterward to comply with legal obligations.
• User Content: Retained until you delete it or your account is terminated.
• Backup Data: May be retained in encrypted backups for up to 30 days after deletion from live systems.

When data retention periods expire, we securely delete or anonymize your data in accordance with our data handling procedures.

You can request deletion of your data at any time. See our Account Deletion Instructions for more details.

10. Your Privacy Rights

Depending on your location, you may have certain rights regarding your personal data. We honor all applicable privacy rights regardless of your location.

Rights Available to All Users

• Access: Request information about the personal data we hold about you.
• Correction: Request correction of inaccurate or incomplete data.
• Deletion: Request deletion of your personal data (use our Account Deletion feature).
• Data Portability: Request a copy of your data in a structured, commonly used format.
• Withdraw Consent: Where processing is based on consent, you may withdraw it at any time.

To exercise these rights, contact us at futureyou.goals.app@gmail.com. We will respond to your request within 30 days.

11. Additional Rights for EU/EEA Users (GDPR)

If you are located in the European Union, European Economic Area, or United Kingdom, you have additional rights under the General Data Protection Regulation (GDPR):

• Right to Restriction: Request restriction of processing of your personal data in certain circumstances.
• Right to Object: Object to processing of your personal data based on legitimate interests.
• Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority in the EU member state of your habitual residence, place of work, or place of the alleged infringement.

International Data Transfers

Your data may be transferred to and processed in countries outside the EEA, including Australia and the United States, where our service providers are located. When we transfer your data outside the EEA, we ensure appropriate safeguards are in place, such as:

• Standard Contractual Clauses approved by the European Commission
• Transfers to countries with adequate data protection laws
• Binding corporate rules where applicable

Data Protection Officer

As a small business, we are not required to appoint a Data Protection Officer. However, you may contact us with any privacy concerns at futureyou.goals.app@gmail.com.

12. Additional Rights for California Users (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

Categories of Personal Information Collected

• Identifiers: Name, email address, username.
• Personal Information (Cal. Civ. Code § 1798.80): Name, email address.
• Internet Activity: Your direct interactions such as likes, comments, shares, and follows.
• Inferences: Preferences and interests derived from your usage.

Your CCPA Rights

• Right to Know: Request disclosure of the personal information we collect, use, and share.
• Right to Delete: Request deletion of your personal information, subject to certain exceptions.
• Right to Correct: Request correction of inaccurate personal information.
• Right to Opt-Out of Sale: We do not sell personal information, so this right does not apply.
• Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.

"DO NOT SELL OR SHARE MY PERSONAL INFORMATION": We do not sell or share your personal information for cross-context behavioral advertising. We have not sold or shared personal information in the preceding twelve (12) months.

13. Australian Privacy Act Compliance

Future You is operated from Brisbane, Queensland, Australia. We comply with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

• We collect personal information only by lawful and fair means.
• We take reasonable steps to ensure the accuracy of personal information.
• We protect personal information from misuse, interference, and loss.
• We provide access to personal information upon request.
• We allow individuals to request correction of their personal information.

If you have a complaint about how we handle your personal information, you may contact the Office of the Australian Information Commissioner (OAIC):

• Website: www.oaic.gov.au
• Phone: 1300 363 992

14. Children's Privacy

Future You is not intended for users under 16 years of age. We do not knowingly collect personal information from children under 16.

If you are under 16, please do not use the App or provide any personal information. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at futureyou.goals.app@gmail.com.

If we learn that we have collected personal information from a child under 16 without verifiable parental consent, we will take steps to delete that information promptly.

15. International Data Transfers

Future You is operated from Australia and our services are provided globally. By using the App from outside Australia, you acknowledge and agree that:

• Your personal data will be transferred to, stored, and processed in Australia, where our primary servers are located.
• Your data may also be processed in other countries where our service providers operate (see Section 4).
• Data protection laws in these countries may differ from those in your country of residence.
• You consent to such transfers as necessary to provide you with the App's services.

We take appropriate safeguards to ensure your data is protected in accordance with this Privacy Policy, regardless of where it is processed.

16. Automated Decision-Making and Personalization

Feed Personalization

Future You uses automated systems to personalize your experience, including:

• Customizing your feed based on your interests, likes, and interactions
• Suggesting goals and content that may be relevant to you
• Ordering content to show you what we believe you'll find most valuable

This personalization is designed to enhance your experience and does not have legal or similarly significant effects on you. You can influence these recommendations through your interactions within the App.

No Automated Decisions with Significant Effects

We do not use automated decision-making for matters that would significantly affect you, such as:

• Account suspension or termination
• Restricting access to features
• Content removal decisions

All decisions regarding account status and content moderation are reviewed by humans.

17. Limitation of Liability

While we implement reasonable security measures to protect your personal information, we cannot guarantee absolute security. To the maximum extent permitted by applicable law:

WE SHALL NOT BE LIABLE FOR ANY UNAUTHORIZED ACCESS TO, ALTERATION OF, OR DISCLOSURE OF YOUR PERSONAL INFORMATION, OR FOR ANY DATA BREACH, EXCEPT WHERE CAUSED BY OUR GROSS NEGLIGENCE OR WILLFUL MISCONDUCT.

Some jurisdictions do not allow the exclusion or limitation of liability for certain damages. In such jurisdictions, our liability is limited to the greatest extent permitted by law.

This limitation of liability is in addition to, and does not limit, any limitation of liability set forth in our Terms of Service.

18. Third-Party Links

The App may contain links to third-party websites, services, or applications that are not operated by us. This Privacy Policy does not apply to those third-party services.

We have no control over, and assume no responsibility for, the content, privacy policies, or practices of any third-party services. We encourage you to review the privacy policy of every site or service you visit.

19. Updates to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make changes, we will:

• Update the "Last Updated" date at the top of this page.
• For material changes, we may provide additional notice through the App.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

20. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Operated by: Viktoriia Azarova

Email: futureyou.goals.app@gmail.com

Location: Brisbane, Queensland, Australia

We will respond to all legitimate requests within 30 days. In some cases, we may require additional time, in which case we will notify you of the extension and the reasons for it.