Privacy Policy

Effective date: April 9, 2026

HowAreWe ("we", "our", "the app") is a social wellness network that allows users to anonymously report how they feel and see collective health statistics. Your privacy is important to us.

1. Data We Collect

• Device UUID — a randomly generated identifier stored locally on your device. It is not linked to your name, email, phone number, or any personal account.
• Symptom reports — the type of symptom you select. Supported symptoms: headache, insomnia, blood pressure, fatigue, anxiety, joint pain, dizziness, irritability, depression, sleepiness. Each report may include an intensity rating (1–5) and, for blood-pressure reports, the systolic and diastolic values you enter manually.
• Optional profile — if you complete onboarding, we store your gender, age group, and preferred language.
• Daily mood — a 1–5 rating you may submit once per day.
• Pill reminders and intakes — if you use the medication-reminder feature, we store the names and schedules of your reminders and the timestamps when you mark a dose as taken or skipped.
• City and country — determined by your device's GPS or entered manually. Used to show local statistics.
• Approximate coordinates — latitude and longitude rounded to 2 decimal places (~1.1 km accuracy). Precise location is never stored.
• Timestamp — when a report was submitted.
• Push notification token (FCM token) — if you allow notifications, the Firebase Cloud Messaging token issued to your device, used solely to deliver alerts you have opted into.
• Personal trigger correlations — derived on the server from your own reports and weather history (for example, "your headaches correlate with low pressure"). These are computed by SQL queries, not by AI, and are visible only to you.

2. Data We Do NOT Collect

• Name, email address, phone number, or age
• Photos, contacts, or messages
• Health records or medical history
• Precise GPS location (coordinates are rounded for privacy)

3. How We Use Data

• Display aggregate symptom counts by city, country, and globally
• Correlate symptom reports with atmospheric pressure and geomagnetic activity
• Generate anonymous statistics and heatmaps
• Rate-limit submissions to prevent abuse (using Device UUID)

4. Advertising

We use Google AdMob to display advertisements. AdMob may collect your Advertising ID and device information to serve relevant ads. You can opt out of personalized ads in your device settings. See Google's Privacy Policy.

5. Data Sharing

We do not sell, trade, or transfer your data to third parties, except:

• Google AdMob — for advertising purposes as described above.
• Aggregate statistics — anonymous, aggregated data (e.g., "5,000 people in Astana reported headaches today") may be displayed publicly within the app.

6. Data Retention

• Raw symptom reports (including intensity, blood pressure, and notes) are automatically deleted after 365 days.
• Weather snapshots are deleted after 365 days.
• Daily aggregated statistics (anonymous, per-city counts) are kept indefinitely for research and historical comparison; they cannot be linked back to any individual.
• News and storm-forecast posts are deleted after 30 days.
• Other content posts (morning/evening summaries, tips, fact-of-the-day, world-feeling) are deleted after 90 days.
• Weekly and monthly personal reports are kept indefinitely so you can review your own history.
• Pill reminders and intake logs remain until you delete the reminder or request a full data wipe.

7. Data Security

Data is transmitted over HTTPS. We use industry-standard security practices including encrypted connections, rate limiting, and access controls.

8. Children's Privacy

The app is not directed at children under 13. We do not knowingly collect data from children.

9. Your Rights (GDPR Articles 15–17)

Even though we do not collect personally identifying information, you can at any time:

• Request deletion of all server-side data tied to your device via Settings → "Delete my data". This wipes every record we hold for your Device UUID: reports, profile, daily moods, pill reminders, pill intakes, personal trigger correlations, personal weekly reports, FCM token, and any rate-limit or block flags.
• Uninstall the app to remove the locally stored Device UUID and preferences.

Note: anonymous unique-user counters (HyperLogLog buckets) are aggregated by a one-way hash and cannot be reversed to identify any individual; they are not subject to deletion under GDPR Article 17 because they contain no personal data.

10. Changes to This Policy

We may update this policy. Changes will be posted on this page with an updated effective date.

11. Languages Supported

The app interface and content are available in English, Russian, Kazakh, Spanish, Portuguese, German, and Simplified Chinese.

12. Contact

If you have questions about this privacy policy, contact us at support@howarewe.app.