Last updated: 25 April 2026Vane is operated by Finley Alschweig, Germany ("we", "us"). This policy explains what data the app collects, how it is used, and your rights under the EU General Data Protection Regulation (GDPR).We aim to collect as little as possible. There are no user accounts, no email signup, no ads, and no third-party tracking for advertising.1. Habit data stays on your deviceYour habits, entries, reminders, and notes are stored only in a local database on your device. We do not have access to them and they are never sent to us or any third party. If you uninstall the app this data is permanently lost — use Import/Export to back it up yourself.2. Anonymous product analytics (PostHog)We collect anonymous usage events to understand how the app is used and where to improve it. Events include things like "habit created", "paywall shown", or "purchase succeeded". They never include the names of your habits, free text you have typed, or personally identifying information.A random anonymous identifier is generated on first launch and stored on your device. It cannot be used to identify you and is reset if you reinstall the app. Events are processed by PostHog Inc. on EU servers (eu.i.posthog.com).Legal basis: Article 6(1)(f) GDPR — our legitimate interest in improving the app.3. Crash and error reports (Sentry)When the app crashes or hits an unexpected error, a report is sent to Sentry containing the error stack trace and basic device information (model, OS version, app version). It does not contain your habit data or personally identifying information.Legal basis: Article 6(1)(f) GDPR — our legitimate interest in keeping the app stable.4. Subscription processing (RevenueCat & Apple)If you purchase a Pro subscription, the transaction is processed by Apple. We do not see or store your payment information.To verify your subscription status the app uses RevenueCat, which receives an anonymous purchase identifier and your subscription state (active or expired). We do not send your name, email, or Apple ID to RevenueCat.Legal basis: Article 6(1)(b) GDPR — performance of the contract.5. Data we do not collect• Names, email addresses, phone numbers, postal addresses
• Location data
• Contacts, calendar, photos, microphone
• Advertising identifiers
• Health data
• Cross-app or cross-website tracking6. Data retention• Local habit data: until you uninstall the app or clear it manually.
• Analytics events: 7 years (PostHog default), aggregated and anonymous.
• Crash reports: 90 days.
• Subscription records: as long as required by Apple and applicable tax law.7. Your rights under GDPRYou have the right to access the data we hold about you, request its deletion, object to processing based on legitimate interests, and lodge a complaint with your local data protection authority.Because we do not store identifying information, fulfilling access or deletion requests is limited to the anonymous identifier on your device. To exercise these rights, write to us at [email protected].8. ChildrenThe app is not directed at children under 13. We do not knowingly collect data from children.9. Changes to this policyWe may update this policy from time to time. The effective date above will reflect the latest version. Material changes will be highlighted in-app.10. ContactFinley Alschweig
Germany
[email protected]