Privacy Policy
Last updated: July 18, 2026
Short version: Fleurette Habit has no account, no Fleurette server, no analytics, no advertising, and no third-party SDK. Your habit data starts in a protected local store. If you explicitly enable Habit+ iCloud Sync, Core Data mirrors the app records to your own private iCloud database. Optional Apple Health reads happen on-device; raw Health values are never saved, synced, exported, sent to Apple Watch, or written to logs. Fleurette Habit targets Apple’s “Data Not Collected” privacy label.
1. Scope
This Privacy Policy explains how Fleurette Habit for iPhone and Apple Watch (the “App”) handles information. It also explains the limited website services you may choose to use after following a link from the App. Fleurette is an independent software studio based in the United States.
2. Habit data stored on your device
Your habit names, “my why” text, notes, schedules, reminders, check-ins, streak history, settings, and achievements are stored locally on your device. The local Core Data store uses Apple Data Protection with complete file protection. The app-group files consumed by widgets and Watch transfer only the bounded data needed to render those surfaces and are protected with an appropriate Data Protection class.
We cannot view or retrieve your local habit database. There is no Fleurette account and no developer-operated server receiving it.
3. Optional private iCloud sync
Habit+ members may explicitly turn on iCloud Sync. It is off by default and requires both a real Habit+ subscription and an available iCloud account. When enabled, Apple’s Core Data and CloudKit frameworks mirror your app records to your private CloudKit database. That private copy is associated with your Apple ID and is not exposed to a Fleurette dashboard or developer database.
- Turning sync off keeps the local copy and does not delete either copy.
- If Habit+ lapses or iCloud is signed out, sync pauses without deleting your habits.
- Reset Everything attempts to purge Fleurette Habit’s private CloudKit zone before replacing the local store. If the purge cannot be confirmed, the reset stops so a later sync cannot resurrect supposedly deleted data.
4. Optional Apple Health reads
Habit+ can connect a compatible measurable habit to steps, dietary water, mindful minutes, or Apple exercise minutes. Every metric is requested separately, and the feature is off until you choose a metric and habit. Fleurette Habit requests read access only; it does not write data to Apple Health.
Health totals are processed in memory on your device. If a daily total reaches the habit target, the app stores only an ordinary habit completion at the configured target. It does not store the Health total, partial progress, samples, source, or authorization result. Health values never enter CloudKit, exports, widgets, Watch transfers, diagnostics, or logs.
Apple deliberately protects read privacy: the App cannot distinguish declined read access from a metric with no matching data. Manual check-ins and every non-Health feature continue to work if you decline or revoke access. You can review access in the Health app under your profile’s Privacy / Apps area.
5. Widgets and Apple Watch
Widgets receive a small derived snapshot through your local app group. Apple Watch receives a bounded habit snapshot and sends validated check-in actions back to the phone. These payloads may include the habit labels and progress necessary for the surface you selected, but they never contain raw Health samples, notes, “my why” text, PIN material, or your full Core Data store.
6. Notifications, App Lock, export, and deletion
- Notifications: reminders and trial notices are scheduled locally through Apple’s notification framework. Fleurette operates no push-notification server.
- App Lock: the PIN verifier is salted and stored in the device-only Keychain. Your plain PIN is not stored.
- Export: CSV or JSON files are created only when you request them and are handed to the system share or Files interface. You control where the exported file goes.
- Delete: you can delete individual records or use Reset Everything. Deleting the App removes its local container, subject to Apple’s device and backup behavior; use Reset Everything first if you previously enabled private iCloud sync.
7. Purchases
Habit+ purchases and subscription status are handled by Apple through StoreKit and your Apple ID. We receive only the verified entitlement state needed to unlock features in the App; we do not receive your payment-card details. Apple’s handling of purchases is governed by Apple’s privacy policy.
8. Website and voluntary contact
The Habit pages contain no forms, analytics, trackers, or advertising. If you choose the family newsletter on the home page, MailerLite processes the email address you submit for that purpose. If you contact us, your email provider and, when you use the family contact form, Web3Forms process the information you send so we can reply. Those voluntary services are separate from the App and are not connected to your habit database.
9. Children’s privacy
The App is intended for a general audience and is not directed to children under 13. We do not knowingly collect personal information from children through the App. If you believe a child sent personal information through a website contact channel, email us so we can address it.
10. Your choices and rights
You can edit, export, or delete App data at any time; decline iCloud and Health; revoke Health access; turn notifications off; and cancel Habit+ through Apple ID Settings. We do not sell or share personal information for behavioral advertising. Because the App data remains on your devices and private Apple services, most access and deletion requests are performed directly in the App. For a voluntarily submitted website email or message, contact us to request access or deletion.
11. Security and retention
We minimize data instead of building a developer cloud. The local store uses complete file protection; app-group snapshots are bounded; Watch envelopes are validated and generation-checked; logs exclude habit content; and repositories surface sanitized errors. A file you export is outside the App’s container, so protect it according to where you save or share it. Voluntary website messages and newsletter subscriptions are retained by their processors as needed to provide those services or until you request deletion or unsubscribe.
12. Changes and contact
We may update this policy when the App or law changes. We will revise the date above and provide appropriate notice for material changes. Questions or requests? Email support@fleurette.app. 🌷