Hvile

Privacy Policy

Last Updated: 24 May 2026

Hvile is a wellness app built on a simple principle: your inner life is yours. This Privacy Policy explains, in plain language, what data the Hvile iOS app and hvile.me website collect, why we collect it, who else processes it on our behalf, and the rights you have over it.

Who We Are (Data Controller)

The Hvile app and website are operated by Doc Creative Ltd, a company registered in England & Wales. For the purposes of the UK GDPR and EU GDPR, Doc Creative Ltd is the data controller for the personal data described in this policy.

  • Doc Creative Ltd
  • Company number: 16461958
  • Registered office: 61 Bridge Street, Kington, HR5 3DJ, United Kingdom
  • Privacy contact: hello@hvile.me

If you live in the European Economic Area or the United Kingdom, this policy is written to meet the requirements of the GDPR. If you live in California, the section titled 'California Residents' explains your additional rights under the CCPA / CPRA.

The Short Version

  • Your rituals, mood entries, journal content and HealthKit data stay on your device and sync only to your own private iCloud — we cannot read them.
  • We collect a randomly generated anonymous ID (UUID) and lightweight usage events to understand how the app is used and to operate subscriptions.
  • We never ask for your email address to create an account. You only share an email if you contact support or report a bug.
  • We do not sell your data, run advertising on Hvile, or use your data to train AI models.
  • You can turn off analytics in Profile → Help & Support → Share analytics, and you can request deletion of any data we hold by emailing hello@hvile.me.

1. Information We Collect

We have organised this section by where the data lives, because that is what matters most for your privacy. Most of your data never leaves your device.

Apple HealthKit Data (on device only)

With your explicit permission, Hvile reads specific wellness metrics (Steps, Water, Sleep Analysis) from the Apple Health app to show you personalised wellness insights and visual progress.

  • HealthKit data is processed locally on your device and is never transmitted to Doc Creative Ltd or to any third party.
  • We do not share, sell, mine, or use HealthKit data for advertising or analytics.
  • We do not use HealthKit data for any purpose other than displaying it back to you inside Hvile, in line with Apple's HealthKit terms.

Rituals, Mood & Journal Content (your private iCloud)

Your rituals, streaks, mood logs, daily entries and any text you write in Hvile are stored locally in Core Data and synchronised across your Apple devices using Apple CloudKit (NSPersistentCloudKitContainer).

  • This data is stored in your own private iCloud database and is encrypted by Apple.
  • Doc Creative Ltd has no access to your private CloudKit data and cannot read the contents of your rituals, mood entries or journal.

Anonymous Account Identifier

Hvile does not require you to create an account or provide an email address to use the app. Instead, the first time you open the app we generate a random anonymous identifier (UUID) that lets us operate features like subscription entitlements and synchronise your streak across your own Apple devices.

  • Anonymous user ID: a randomly generated UUID stored in your iCloud Key-Value Store, so it persists across reinstalls on the same Apple ID.
  • Profile name and profile photo (optional): if you set them, they are stored in UserDefaults on your device and never transmitted to our servers.

Usage Analytics

We use analytics to understand which features are useful and where the app breaks. Analytics events are linked to your anonymous UUID, not to your real identity.

Two analytics processors receive a copy of each event:

  • PostHog: captures product events, application lifecycle events and screen views, plus user properties (preferred language, region, current streak and Hvile score).
  • Supabase: stores the same events in our own analytics_events table, and stores a lightweight profile (language, region, last active timestamp, current streak, Hvile score) in user_profiles, identified by the anonymous UUID.
  • We do not collect device advertising identifiers (IDFA) and we do not track you across other apps or websites (App Tracking Transparency is not used because we do not track).
  • You can turn analytics off at any time in Profile → Help & Support → Share analytics. This calls PostHog's opt-out and stops new events being sent.

Push Notifications

Most reminders in Hvile (affirmations, water reminders, ritual reminders, streak protection) are scheduled locally by your device and never touch our servers. We also use Firebase Cloud Messaging (FCM) to deliver occasional broadcast announcements.

  • Your device's FCM registration token is generated by Apple and Google and used to deliver remote notifications.
  • Your device is automatically subscribed to two FCM topics: all_users (so we can send service-wide announcements) and lang_<your language code> (so we can send notifications in your preferred language). No personal information is sent in this subscription.

Subscriptions

When you purchase a Hvile subscription, the purchase is handled by Apple's App Store. We use RevenueCat to verify your entitlement and tell the app whether your subscription is active. RevenueCat sees the anonymous UUID and the App Store transaction metadata that Apple shares with it — never your payment card or full name.

Contact Form & Bug Reports

If you use the in-app Contact form or Report a Bug form, the information you provide is sent to our support inbox via Resend, a transactional email provider.

  • Contact form: your name, the email address you choose to share, a subject, and your message.
  • Bug report: a title, a description and, if you attach one, a screenshot you select yourself.

The hvile.me Website (Cookies & Tracking)

The Hvile marketing website does not run third-party analytics, advertising trackers, session-replay tools, or cross-site tracking of any kind.

Cookies set by the website are limited to strictly functional cookies that are necessary for the site to work — specifically a 'NEXT_LOCALE' cookie set by our internationalisation library to remember the language you have chosen. Under the ePrivacy Directive these cookies do not require your consent.

Our hosting provider (Vercel) processes minimal server-side request logs (IP address, user-agent, requested path, timestamp) for the operation and security of the site. These logs are kept for a short rolling window, are not joined to your identity, and are not used to build a profile of you.

2. How We Use Your Information & Legal Bases

Under GDPR Article 6 we must tell you the lawful basis for each kind of processing. The table below summarises this:

  • Operating the app and synchronising your content across your Apple devices.

    Performance of a contract (Art. 6(1)(b)).

  • Managing your subscription via RevenueCat and Apple.

    Performance of a contract (Art. 6(1)(b)).

  • Sending you transactional emails when you contact us or report a bug.

    Performance of a contract (Art. 6(1)(b)) and our legitimate interest in supporting users (Art. 6(1)(f)).

  • Product analytics (PostHog and Supabase) to improve Hvile.

    Our legitimate interest in improving and securing the service (Art. 6(1)(f)). You can object at any time using the in-app analytics toggle.

  • Sending occasional broadcast push notifications via Firebase Cloud Messaging.

    Consent (Art. 6(1)(a)) — granted when you allow notifications in iOS, and revocable in iOS Settings → Notifications.

  • Detecting and preventing abuse, fraud and security incidents.

    Our legitimate interest in protecting Hvile and its users (Art. 6(1)(f)).

3. Sub-processors We Use

Hvile is operated by a small team. We rely on the following processors to run the service. Each one only receives the minimum data required to perform their function:

  • Apple Inc. — App Store distribution, CloudKit sync, push notification delivery (APNs), HealthKit framework. Governed by Apple's privacy terms.
  • Supabase Inc. — backend database hosting (analytics events, lightweight profile). EU region.
  • PostHog Inc. — product analytics. EU region (eu.i.posthog.com).
  • Google LLC (Firebase Cloud Messaging) — remote push delivery.
  • RevenueCat, Inc. — subscription entitlement management.
  • Resend, Inc. — transactional email delivery for the in-app Contact and Bug Report forms.
  • Vercel Inc. — hosting for the hvile.me website.

4. International Data Transfers

Some of our sub-processors are based in, or transfer data to, the United States (RevenueCat, Resend, parts of Google Firebase, parts of Vercel). Where data is transferred outside the EEA or the UK, we rely on the European Commission's Standard Contractual Clauses (SCCs) and the UK International Data Transfer Addendum, together with the additional safeguards offered by those providers under the EU–U.S. Data Privacy Framework where applicable.

5. How Long We Keep Your Data

We keep personal data only as long as we need it for the purpose it was collected for:

  • On-device data (HealthKit, rituals, mood, journal): kept until you delete the app, reset the device, or delete it from iCloud — we have no copy.
  • Private iCloud data: managed by you via your Apple ID. You can delete it any time via iOS Settings → [your name] → iCloud → Manage Account Storage.
  • Analytics events and profile rows in Supabase: kept for up to 24 months from collection, then deleted or aggregated into anonymous statistics.
  • PostHog events: kept according to PostHog's default retention (currently 7 years) unless you opt out earlier, in which case no further events are recorded.
  • Firebase Cloud Messaging tokens: retained while the app is installed and unsubscribed automatically when you uninstall.
  • Support emails (Contact / Bug Report): kept in our support inbox for up to 24 months for traceability, then deleted unless required for an ongoing matter.

6. How We Protect Your Data

We apply commercially reasonable technical and organisational measures to protect personal data, including: TLS encryption in transit for every network request; row-level security (RLS) on our Supabase tables so the public API key cannot read other users' rows; private CloudKit databases encrypted by Apple; restricted-access dashboards for our sub-processors; and the principle of least privilege for internal access. No system is perfectly secure, but we work hard to keep yours safe.

If we become aware of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours and, where required by law, notify affected users without undue delay.

7. Your Rights

Under the UK GDPR and the EU GDPR you have the following rights in relation to your personal data:

  • Right of access — request a copy of the personal data we hold about you.
  • Right to rectification — ask us to correct inaccurate or incomplete data.
  • Right to erasure ('right to be forgotten') — ask us to delete your data.
  • Right to restrict processing — ask us to pause processing in certain situations.
  • Right to data portability — receive your data in a structured, machine-readable format.
  • Right to object — object to processing based on our legitimate interests, including product analytics.
  • Right to withdraw consent — where we rely on consent (e.g. push notifications), you can withdraw it at any time.
  • Right not to be subject to solely automated decision-making — Hvile does not make any automated decisions that produce legal or similarly significant effects about you.

To exercise any of these rights, email hello@hvile.me with the subject 'Privacy request'. We will respond within one month and may ask for information to verify your identity (for example, the anonymous UUID shown inside the app under Profile → Settings, if available).

You also have the right to lodge a complaint with your local data protection supervisory authority. In the UK this is the Information Commissioner's Office (ico.org.uk). In Norway it is Datatilsynet, in Finland Tietosuojavaltuutettu, in Sweden Integritetsskyddsmyndigheten (IMY).

8. Children's Privacy

Hvile is suitable for general audiences and is rated 9+ on the App Store. Under the UK GDPR and EU GDPR, children below the 'age of digital consent' in their country (13 in the UK, Norway, Sweden and Finland; 16 in some other EU member states) need the consent of a parent or guardian to use a service that processes their personal data.

If you are a parent or guardian and you believe your child has used Hvile without your consent, please email hello@hvile.me and we will delete any associated data.

9. California Residents (CCPA / CPRA)

If you are a California resident, you have the right to: (a) know what personal information we collect about you, (b) request deletion of that information, (c) correct inaccurate personal information, and (d) opt out of any 'sale' or 'sharing' of personal information.

Doc Creative Ltd does not sell or share personal information as those terms are defined under the CCPA / CPRA. To exercise any California-specific right, email hello@hvile.me with the subject 'CCPA request'.

10. Changes to This Policy

We may update this Privacy Policy from time to time. The 'Last Updated' date at the top reflects the most recent version. If we make material changes — for example, adding a new sub-processor that receives personal data — we will notify you in the app and update the date here before the change takes effect.

11. Contact Us

For any question about this Privacy Policy or how we handle your data, please contact us at hello@hvile.me or write to Doc Creative Ltd, 61 Bridge Street, Kington, HR5 3DJ, United Kingdom.