Privacy Policy for AquaCheers

1. Introduction

This Privacy Policy explains how AquaCheers ("we," "our," or "us") collects, uses, and protects your information when you use our mobile application (the "App"). AquaCheers is a wellness application designed to promote healthy hydration habits and provide tools for responsible alcohol consumption monitoring. By using AquaCheers, you agree to the practices described here.

2. Information We Collect

2.1 Personal Information You Provide

• Account Information: Email address, username, and password for account creation and authentication.
• Profile Information: Age, display name, profile icon, and preferences.
• Usage Data You Enter: Hydration amounts and (optionally) drink counts for responsible consumption tracking.

2.2 Information Collected Automatically

• Device Information: Device type, operating system, and app version.
• Diagnostics: Basic error logs necessary to operate the App.
• Device Sensors (Accelerometer): Used only for on‑device visual effects and animations. We do not store or transmit raw sensor data to our servers.

3. How We Use Your Information

3.1 Primary Purposes

• Provide Services: Track hydration and enable optional social features for wellness accountability.
• Account Management: Create, authenticate, and maintain your account.
• Personalization: Customize your experience and goals.
• Age Controls: Restrict alcohol‑related features for users under 21.
• Responsible Use: Provide safety alerts, consumption monitoring, and harm reduction tools.

3.2 Improvements and Support

• App Improvements: Maintain quality and reliability (e.g., fix crashes, reduce bugs).
• Customer Support: Respond to your requests or questions.
• Legal Compliance: Comply with applicable laws and enforce terms.

4. Data Sharing and Disclosure

4.1 We Do NOT Sell or Share for Advertising

• No third‑party advertisers.
• No data brokers.
• No external marketing companies.

4.2 Service Providers (Processors)

• Supabase (Database & Authentication): We use Supabase to securely store your data and manage authentication. Supabase processes data on our behalf in order to provide the App's core functionality.
• Expo (Development Platform): Used for app development and delivery. Expo does not receive your personal hydration or account data from us.

5. Security

• Encryption: Data is encrypted in transit (TLS) and at rest.
• Access Controls: Strict access controls and authentication safeguards.
• Industry Practices: We rely on Supabase's security‑hardened infrastructure and follow industry‑standard security practices.

6. Data Retention

• Account & Profile: Retained while your account remains active.
• Hydration/Usage Data: Retained to provide your history and core features; removed upon account deletion.
• Deletion Requests: We delete your account and associated data when you request deletion (typically immediately, and in all cases within 30 days).

7. Your Rights and Choices

7.1 Access and Control

• View & Update: Access your profile and update preferences in the App.
• Portability: You can request an export of your data via email.

7.2 In‑App Account Deletion

• Delete in App: You can delete your account and associated data directly within the App (Settings → Profile → Delete Account). Deletion is permanent and cannot be undone.
• Alternative: If you cannot access the App, email us at support@powderpeakllc.com using the email associated with your account.

8. Age Restrictions and Parental Controls

• Minimum Age: Users must be 13 or older to create an account.
• Under 21: Alcohol‑related features are restricted for users under 21.
• COPPA: We do not knowingly collect data from children under 13.

9. Notifications and Sensors

• Notifications: We do not send push notifications. The App may display in‑app reminders (e.g., haptic or on‑screen prompts) that do not transmit personal data.
• Accelerometer: Used solely to power on‑device animations; we do not store this sensor data.

10. International Data Transfers

• Location: Data may be processed in the United States or other locations where our providers operate.
• Safeguards: When applicable, we rely on appropriate safeguards (e.g., standard contractual clauses) and provider security commitments.

11. Legal Basis (GDPR)

• Contract: Processing necessary to provide the App and services you request.
• Legitimate Interests: Security, maintenance, and improvements.
• Consent: Where required (e.g., optional features), you may withdraw consent at any time.
• Legal Obligation: Compliance with applicable laws.

12. California Privacy Rights (CCPA)

• Right to Know & Access, Correction, Deletion: You may request these by contacting us.
• Opt‑Out of Sale/Sharing: We do not sell or share personal information for cross‑context behavioral advertising.
• Non‑Discrimination: We will not discriminate for exercising your privacy rights.

13. Changes to This Policy

• Updates: We may update this policy to reflect changes in our practices.
• Notice: Material changes will be communicated in‑app or via email, and the "Last Updated" date will be revised.

14. Contact