← Back to Home

Privacy Policy

Last updated: May 16, 2026

1. Introduction

Histriva ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our personal growth and habit tracking application.

2. Information We Collect

We collect the following types of information:

  • Account Information: Email address, name (optional), and encrypted password when you create an account. If you sign in via Google, we receive a verified email address and identity token from Google. ("Sign in with Apple" is planned and will be added before public launch.)
  • Habit, Goal, and To-Do Data: Habits, goals, milestones, and to-dos you create; completion records; progress tracking; self-assessment scores.
  • AI Coaching Conversations: The messages you send to Riva and the specialist coaches, along with their responses. Conversations are stored server-side so the coaching is continuous across sessions. Per our trust commitments, your conversation content is never used to train AI for anyone else.
  • Mood Check-Ins: If you opt into the daily mood check-in, we store your mood selection and any free-text reflection. The free-text reflection is envelope-encrypted at rest and is not sent to our AI provider — it stays available only to you.
  • People Directory: If you use the people-directory feature, we store the names, relationships, and notes you record about people in your life. This data is used to inform your coaching context and is not shared with our AI provider unless you explicitly reference the person in a chat message.
  • Safety Event Records: When our safety classifier identifies a Tier 0 or Tier 1 crisis signal in a message you send, we log the event (tier, category, timestamp) so we can route to crisis-response messaging and monitor classifier quality. The classifier exists to help us help you when you may be in danger. See how automated safety classification works for the full disclosure — what tiers and categories exist, what each triggers, and how to request human review of a classification under GDPR Article 22.
  • Email Communications & Preferences: Your email address, your category preferences (re-engagement nudges, weekly briefing digest, marketing), and a record of which addresses are suppressed from sending due to bounce, complaint, or unsubscribe.
  • Usage Data: Anonymous analytics about how you interact with the app (page views, feature usage) collected via PostHog. With your consent, we also record the shape of your sessions (clicks, scrolls, navigation) for UX research — every text node and input value is masked at the recorder, so we capture interaction patterns but never readable content. See the cookies page for details.

3. How We Use Your Information

  • To provide and maintain the Histriva service
  • To generate personalized AI-powered habit recommendations
  • To track your habit progress and provide insights
  • To improve our app based on aggregate usage patterns
  • To send you important account-related notifications

4. Data Storage, Security, and Retention

Your data is stored securely using Supabase (PostgreSQL) with row-level security policies. Passwords are hashed using bcrypt before storage. We use HTTPS for all data transmission. While we implement industry-standard security measures, no method of electronic storage is 100% secure.

Retention by data category:

  • Account data (email, name, profile): retained for the lifetime of your account. On account deletion, identifying fields are anonymized within 30 days.
  • AI coaching conversations: while your account is active, conversations are retained indefinitely so the AI can maintain long-term coaching context (the rolling summary serves as long-term memory). If your account becomes inactive for 12+ months or you delete it, conversation threads with no activity in the past 24 months are purged on a daily schedule. On hard account deletion, all conversations are removed immediately.
  • Habit completions and score history: retained for 2 years rolling for active users. Older history is purged for users who have been inactive for 12+ months.
  • Mood check-ins: mood values (5-bucket enum) retained for 5 years for graph rendering. Free-text reflections retained on the same schedule as conversations.
  • Safety event logs: retained for 24 months (audit and safety-classifier quality monitoring) regardless of account activity.
  • Email delivery logs (Resend): retained 30–90 days at the sub-processor for deliverability diagnostics.
  • Email suppression preferences: retained indefinitely (a long-lived signal so we honor your unsubscribe even after re-subscription attempts).

You can request export or deletion of your data at any time from your settings page. See Section 7 for your rights.

5. Third-Party Services

We use the following sub-processors to provide the Histriva service:

  • Anthropic (United States): Powers the AI coaching (Riva + specialists). Your conversational messages, the context we send with them, and habit/goal/mood data referenced by you in chat may be sent to Anthropic's Claude API for processing. Anthropic's enterprise terms specify that inputs and outputs are not used to train their models.
  • Supabase (United States): Database hosting + authentication infrastructure. All your stored data (account, habits, goals, conversations, mood, etc.) lives here under row-level security and at-rest encryption.
  • Netlify (United States): Web hosting + content delivery for the histriva.com surface. Netlify receives standard request metadata (IP, user agent, request path) at the edge.
  • Resend (United States): Email delivery for transactional and re-engagement messages. Resend receives recipient email + message content at send-time and retains delivery logs for 30-90 days.
  • Google (United States): OAuth identity provider when you choose to sign in with Google. Google verifies your email and returns an identity token. We do not receive your Google contacts, calendar, or other Google data.
  • Apple (United States) — planned, not yet active: "Sign in with Apple" will be added as an OAuth identity option before public launch. When it ships, Apple will verify your email and return an identity token (or a private relay address if you choose to hide your email). This sub-processor is listed in advance so the disclosure remains complete the moment the integration goes live.
  • PostHog (United States): Privacy-friendly product analytics. Analytics is opt-in (default off) and text + input values are masked at the recorder before transmission.
  • Sentry (United States): Error monitoring to improve app reliability. Error data is scrubbed of personally-identifying content via a beforeSend hook before transmission.

We maintain Data Processing Agreements (DPAs) or equivalent contractual privacy commitments with each sub-processor that handles personal data. The current status of each DPA, along with the full Records of Processing Activities (ROPA), is documented internally and made available to data protection authorities on request.

Cross-border data transfers (EU / UK users):

All Histriva sub-processors listed above are located in the United States. When you use Histriva from the EU or UK, your personal data is transferred to the US for processing. We rely on one of the following legal mechanisms for each transfer:

  • EU-US Data Privacy Framework (DPF) — used where the sub-processor is DPF-certified (the EU Commission's 2023 adequacy decision restored a self-certification pathway).
  • Standard Contractual Clauses (SCCs) — 2021 EU Commission SCCs Module 2 (controller-to-processor), executed with each sub-processor that handles personal data, used as the primary mechanism for sub-processors not DPF-certified.

In addition to the contractual safeguards, our content-tier never-train commitment (your conversations, journal entries, and people-directory notes are never used to train AI for anyone else), envelope encryption at rest on the most sensitive fields, and the data-minimization measures described above (PII stripped from analytics + error reports before transmission) collectively form the "additional measures" required by the Schrems II decision (CJEU C-311/18, 2020) to supplement SCCs.

EU/UK users wishing to receive a copy of the SCCs in force for any specific sub-processor may request them via privacy@histriva.com.

6. Data Sharing

We do not sell, trade, or rent your personal information to third parties. We only share data with the third-party services listed above as necessary to provide our service. We may disclose information if required by law or to protect our rights.

7. Your Rights

You have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your account and associated data
  • Export your habit data
  • Opt out of analytics tracking

8. Email Communications

Histriva sends three categories of email, each handled differently:

  • Account security messages (verification, password reset, deletion warnings): required to operate your account; cannot be turned off per CAN-SPAM § 101(d)(7).
  • Re-engagement nudges: gentle reminders when you've been quiet for a few days. Each message includes a one-click unsubscribe link. You can also turn these off in Settings → Email Preferences.
  • Weekly briefing digest + marketing announcements: opt-out at any time via the unsubscribe link in every message or via Settings → Email Preferences.

Unsubscribe requests are honored immediately — the next send check against your address sees the suppression record before any message is dispatched.

9. Cookies

We use essential cookies for authentication (session management via NextAuth.js) and analytics cookies via PostHog. Authentication cookies are necessary for the app to function. You can disable analytics cookies in your browser settings.

10. Children's Privacy

Histriva is intended for users 18 and older. We do not knowingly collect personal information from anyone under 18. If you believe a minor has provided us with personal information, please contact us so we can delete it.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. Your continued use of the app after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy or your data, please contact us at privacy@histriva.com.