Privacy Policy

Last updated: 11 July 2026 · Effective for Atomic You v0.5 and later.

Most privacy policies are written so they can never be wrong. This one tries to be clear about what we actually do.

The short version. The contents of your habits — intentions, completion logs, reflections, mood tags, and unshared habit names — live only on your device. The small amount of account-linked data on our servers is structural (sign-in, schedule windows, buddy link, and streak counts). If you explicitly share a habit, that habit's name, category, completion status, and streak are stored for your buddy. AI requests are processed by our Firebase backend and Anthropic, and release builds use privacy-minimized Mixpanel analytics and Firebase Crashlytics. These analytics and crash records are not linked to your Firebase account. You can delete your account-linked data at any time.

Who we are

Atomic You ("the app") is operated by Prateek (the developer behind it), reachable at hello@atomicyou.org. The app is preparing for open beta on Android.

What stays only on your device

The following is stored locally on your phone in the app's private storage. It is not transmitted to our servers unless a specific exception is called out below:

If you uninstall the app, this data is removed with it. If you want a backup, you can opt in to Google Drive backup (described below).

What we share with our servers

A small amount of information is sent to our servers (Google Firebase) so the app can function — sign-in, the buddy feature, streak research metrics, and a per-user rate limit on AI calls. We have intentionally kept this list short.

Sign-in

Sign-in uses Google Sign-In via Firebase Authentication. We receive your name, email, and profile photo URL from Google so the app can remember you across reinstalls and so the buddy feature can pair you with someone you know. Your email is held by Firebase Authentication and is not stored in our database alongside any habit data.

Schedule signals

To restore your routing state across reinstalls and to support buddy pairing, we store on your user record:

Buddy pairing

If you invite a buddy or accept a buddy invite, our database stores the pairing (your user IDs, the pairing status, the date) and any nudges you exchange. Your buddy can see your name, profile photo, today's completion count (e.g. "3 of 4"), and your current streak number.

Sharing specific habits with your buddy is opt-in per habit. If you toggle "share with buddy" on a habit, the habit's name, dimension (body/mind/rest/relationships), and current streak are written to a shared section of our database that only your buddy can read. Habits you do not share remain on your device only. Implementation intentions, reflections, schedules, and steps are never shared, even for shared habits.

Streak metrics

For each habit, an anonymized record is stored in our database for research on whether the compassionate-streak design retains users better than rigid streaks. The record contains: a habit ID, the dimension category (body/mind/rest/relationships), current streak, best-ever streak, lifetime completion count, completion rate over the last 30 days, average duration in minutes, and whether the habit was generated by the AI scheduler or added manually. No habit names or contents are included.

AI usage counter

A daily counter of AI plan-generation calls is stored on your user record (e.g. "2 calls today") so we can rate-limit abuse. It contains no inputs, outputs, or content — only counts and dates.

What is not stored in our Firebase database

Google Drive backup (optional)

You can choose to back up your habit data to your own Google Drive. If you enable backup, your habit data leaves your device only as an encrypted backup blob. Before being uploaded, the backup is encrypted on your device using AES-256-CBC with a key derived from your account ID, and stored in Google Drive's appDataFolder — a private, app-only folder you can review and revoke access to from your Google account. Google Drive itself stores only an opaque encrypted blob; the contents are not visible to Google or to other apps.

Note on threat model: because the encryption key is derived from your account ID, an attacker who obtained both your encrypted backup and your Firebase account identifier could decrypt the backup. We are working on stronger key isolation (a random key held in your phone's secure keystore) and will update this policy when shipped.

AI plan generation

When you finish onboarding, your identity selections, schedule windows, and open-text answers are sent over HTTPS to a backend service we operate (a Firebase Cloud Function). That service forwards the request to Anthropic's Claude API to generate your habit plan. The same flow runs when you tap "Try something different" on a habit.

Our backend logs only the call count for rate-limiting; it does not store the request or response contents. Anthropic, the AI provider, processes the request to generate the response and does not use it to train its models when accessed via the API. Anthropic may retain inputs and outputs for up to 30 days for trust-and-safety monitoring, per their API policy.

Notifications

The app uses local notifications for habit reminders and for one warm comeback reminder after three inactive days. Firebase Cloud Messaging delivers buddy nudges. Notification preferences are stored on your device. You can disable notifications at any time from your phone's settings or from within the app.

Analytics and crash reporting

Release builds use Mixpanel to understand whether onboarding, generated plans, skips, streaks, comeback flows, and buddy features are working. Events contain coarse properties such as habit dimension, day of week, streak length, generation source, elapsed time, and aggregate counts. We do not send your Firebase user ID, email, display name, habit names, identity statements, open-text answers, invite codes, or other user-authored content to Mixpanel.

Mixpanel assigns a random device-scoped identifier so events from the same app installation can be grouped. We do not connect that identifier to your Google or Firebase account. Automatic event collection and IP-based geolocation are disabled. Mixpanel may also receive ordinary technical metadata such as app version, operating system, and device type.

Release builds also use Firebase Crashlytics. If the app crashes, Crashlytics may receive a stack trace, app version, operating-system and device metadata, an app installation identifier, and technical state needed to diagnose the failure. We do not intentionally attach habit content, onboarding answers, email addresses, or Firebase user IDs to crash reports. Crashlytics is disabled in developer debug builds.

App integrity and abuse prevention

Firebase App Check helps us reject requests that do not come from a genuine copy of Atomic You. On Android release builds it uses Google Play Integrity; on Apple platforms it uses App Attest with DeviceCheck fallback. Google may process app and device-integrity signals to issue an attestation token. We use the token only to protect Firebase services and do not use it for advertising or behavioral profiling.

Service providers

We use Google Firebase for authentication, database, functions, messaging, app integrity, and crash reporting; Google Drive for optional user-controlled backup; Anthropic for AI habit-plan generation; Mixpanel for privacy-minimized product analytics; and Cloudflare to host this website. These providers process data only for the purposes described above and under their own terms and privacy commitments.

Children

Atomic You is intended for users aged 18 and over. We do not knowingly collect data from children. If you believe a child has used the app, please contact us and we will remove the associated account and data.

Your rights

Wherever you live, the following applies — but if you are in the EU, UK, or California, these are also your statutory rights under GDPR / UK GDPR / CCPA:

To exercise any of these, email hello@atomicyou.org. We will respond within 30 days.

How long we keep things

Account-linked Firebase data is kept while your account is active. When you delete your account, data tied to your Firebase user ID is removed automatically; we target full removal within seven days. AI request and response content is not stored in our database; Anthropic may retain it for up to 30 days under its API policy. Mixpanel device-scoped events and Crashlytics diagnostics follow the retention settings and policies of those services and are not automatically linked to Firebase account deletion. We periodically review and remove data that is no longer needed.

Where data is processed

Firebase services run on Google's global infrastructure; project resources may process data in India and the United States depending on the Firebase service. Anthropic and Mixpanel may process data in the United States. Your optional Drive backup is stored under your Google account. Where required, service providers use contractual safeguards for international transfers.

Changes to this policy

If we make material changes to this policy, we'll notify you in the app and update the "Last updated" date at the top. Continued use after a change means you accept the new version.

Contact

Questions, concerns, or data requests: hello@atomicyou.org.