Privacy Policy

Data We Collect

• Email address (provided during sign-in via Apple, Google, or email/password registration)
• Authentication identifiers (Firebase UID)
• Usage analytics (aggregated events such as screen views and feature usage)
• Crash diagnostics (automatic crash reports for stability improvements)
• User-generated content (goals, identity statements, obstacles, visions, and micro-actions you create)
• Subscription status (plan type, trial status, and billing period, managed by RevenueCat)

Data We Do Not Collect

• Location data
• Contacts or address book
• Direct financial or payment card information (payments are processed by Apple/Google via RevenueCat)
• Advertising identifiers (IDFA) or cross-app tracking data

How We Use Your Data

• Authentication: to verify your identity and secure your account
• App functionality: to store and display your goals, micro-actions, and progress
• Stability improvements: to identify and fix crashes and bugs
• Aggregated metrics: to understand overall usage patterns and improve the product (no individual tracking)
• AI-powered personalization: your goals, obstacles, and vision are sent to our AI provider (OpenAI) to generate tailored suggestions such as identity statements, goal refinements, and micro-action recommendations. This data is processed in real-time and is not stored by the AI provider beyond the request.

Third-Party Services

We use the following third-party services to operate Stridak:

• Google Firebase: Authentication (account sign-in via Apple, Google, and email/password), Analytics (aggregated usage), and Crashlytics (crash reporting)
• Apple: Sign in with Apple (authentication)
• OpenAI: AI-powered suggestions during onboarding (identity statements, goal refinements, obstacle analysis, micro-action recommendations). User-provided content is sent to OpenAI's API for processing; data is not stored by OpenAI beyond the request.
• RevenueCat: Subscription and payment management (processes subscription status, billing periods, and purchase events on behalf of Apple/Google app stores)
• Resend: Transactional email delivery (welcome emails and account-related notifications)

These services process data according to their own privacy policies. We encourage you to review them.

Data Retention & Deletion

We retain your personal data for as long as your account is active.

When you delete your account, all personal data (email, goals, micro-actions, identity statements) is permanently deleted within 30 days.

Anonymized and aggregated analytics data (which cannot identify you) may be retained indefinitely for product improvement.

Your Rights

Under applicable data protection laws (including LGPD and GDPR), you have the right to:

• Access your personal data
• Request correction of inaccurate data
• Request deletion of your data
• Request export of your data in a portable format

To exercise any of these rights, send an email to [email protected]. We will respond within 30 days.

Contact & Additional Information

For privacy-related questions or concerns, contact us at:

[email protected]

Stridak is not directed at children. Users must be at least 13 years old to create an account and use the app (COPPA compliance). The App Store content rating (4+) refers to content appropriateness, not data collection age requirements.

We may send transactional emails related to your account (such as welcome emails, password resets, or important service updates). We do not send marketing emails without your consent.

In the future, Stridak may introduce optional social sharing features. Any sharing will be initiated only by you and will never be automatic.

This policy is designed to comply with the Brazilian General Data Protection Law (LGPD) and the European General Data Protection Regulation (GDPR). If you believe your data protection rights have been violated, you have the right to file a complaint with the relevant supervisory authority.