← Back home

Privacy Notice

Last updated: 5/19/2026

1. Who we are

Healthy Lifestyle Challenge ("we", "us") is the data controller for the personal data we collect through this service.

2. Data we collect

  • Account data: email address, display name, and (if you choose) your avatar.
  • Authentication data: hashed password or OAuth provider identifier (e.g. Google).
  • Profile and progress data: chosen focus tracks, daily commitment, reminder time, completed missions, XP, streaks, and badges.
  • Support data: messages you send us.
  • Technical data: IP address, device, and browser information collected automatically to keep the service running and secure.

3. Why we use your data

  • To create and maintain your account (contract performance).
  • To deliver missions, track streaks, and personalize your experience.
  • To prevent fraud and abuse (legitimate interest).
  • To respond to support requests.
  • To improve the product through aggregated, non-identifying analytics.
  • To send essential service emails (e.g. password reset, receipts).

4. Who we share data with

  • Payments (Merchant of Record): Paddle.com processes purchases, subscriptions, taxes, refunds, and invoices on our behalf. Their privacy policy is at paddle.com/legal/privacy.
  • Hosting and infrastructure: our hosting, database, and authentication providers process data on our behalf under appropriate contracts.
  • Professional advisers (legal, accounting) where strictly necessary.
  • Authorities where required by law.

We do not sell your personal data.

5. International transfers

Some of our service providers may process data outside your country. Where required, we rely on appropriate safeguards such as Standard Contractual Clauses or adequacy decisions.

6. Retention

We keep your account data while your account is active and for a reasonable period afterward to handle disputes and comply with legal obligations. Purchase records are retained for the period required by tax and accounting law.

7. Your rights

Depending on where you live, you may have rights to access, correct, delete, restrict, object to, or port your personal data. You can also withdraw consent where processing is based on consent. To exercise these rights, contact us via the address on our website. You may also complain to your local data protection authority.

8. Security

We use appropriate technical and organizational measures to protect your data, including encryption in transit, access controls, and regular review of permissions. No system is perfectly secure — please use a strong, unique password.

9. Cookies

We use cookies and similar storage strictly necessary to keep you signed in and to run the service. We do not currently use marketing cookies.

10. Changes

We may update this notice from time to time. Material changes will be highlighted on this page.

11. Contact

For privacy questions, contact us via the address on our website.