Privacy Policy

1. Information We Collect

When you use Zenith, we may collect the following information:

• Account: email address, name, Google or Apple ID (when signing in via social login), avatar.
• App content: tasks, habits, goals, expense records, notes, and other data you create within the app.
• Device: FCM device token for push notifications, platform type (iOS / Android).
• Technical data: server request logs (timestamp, operation type) for error diagnostics.

2. How We Use Your Data

The data we collect is used solely to:

• Provide app functionality and sync your data across devices.
• Authenticate and protect your account.
• Send push notifications: reminders about tasks, habits, goals, and finances.
• Improve app stability and performance.

We do not use your data for advertising purposes and do not share it with third parties for marketing.

3. Data Storage

Your data is stored on secured servers. Database access is restricted and password-protected. All data transmitted between the app and the server is encrypted via HTTPS.

Data is retained for as long as your account exists. When you delete your account, all associated data is permanently removed from our servers.

4. Sign In with Google and Apple

Zenith supports Sign in with Google and Sign in with Apple. When using these methods, we only receive basic profile information (email, name, unique identifier) required to create your account. We do not have access to your passwords or any other data from these services.

Data processing when signing in with Google is governed by the Google Privacy Policy. Data processing when signing in with Apple is governed by the Apple Privacy Policy.

5. Push Notifications

We use Firebase Cloud Messaging (FCM) by Google to deliver push notifications. An FCM token — a unique device identifier used to route notifications — is stored on your device. This token does not contain any personal information.

You can disable push notifications at any time in your device settings.

6. Sharing Data with Third Parties

We do not sell or share your personal data with third parties, except in the following cases:

• Firebase (Google): used for authentication and push notifications.
• Legal requirement: when required by applicable law or a court order.

7. Your Rights

You have the right to:

• Access your personal data stored in the app.
• Correct inaccurate data via your profile settings.
• Delete your account and all associated data.
• Withdraw permission for push notifications.

To exercise any of these rights, please contact us at the address listed in the Contact section.

8. Security

We take reasonable technical measures to protect your data: HTTPS encryption for data in transit, bcrypt hashing for passwords, and JWT-based authentication with expiry.

However, no method of internet transmission is completely secure. We cannot guarantee absolute protection, but we do our best to minimize risks.

9. Children

Zenith is not intended for children under the age of 13. We do not knowingly collect data from individuals under this age. If you believe a child has registered in the app, please contact us to have their data removed.

10. Changes to This Policy

We may update this Privacy Policy from time to time. When significant changes are made, we will notify you via a push notification or upon your next login to the app. Continued use of the app after an update constitutes your acceptance of the revised policy.