1. Introduction

ActionSmartAI Ltd ("we", "us", or "our"), a company registered in England and Wales with company number 16429509, is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal data when you use the ActionSmartAI iOS application ("the App").

This policy complies with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and other applicable laws. By using the App, you agree to the practices described in this policy.

2. Data We Collect

We collect only the data necessary to provide and improve the App's functionality. The types of data collected include:

Personal Data

Information you voluntarily provide, such as:

• Name and email address (if provided for account creation or support purposes)
• Subscription-related data (e.g., payment status for premium features, processed via StoreKit)

App Usage Data

Information generated through your use of the App, including:

• Macro Goals, Micro Goals, Habits, Routines, and Journal/Reflection entries
• Achievement data (e.g., progress, streaks, and unlocked achievements)
• Notification and reminder settings

Technical Data

Automatically collected data to ensure the App functions correctly:

• Device information (e.g., device type, operating system version)
• Usage analytics (e.g., app interactions, feature usage, and performance metrics)
• Crash reports and diagnostic data to improve stability

3. How We Use Your Data

Your data is used solely to provide, maintain, and enhance the App's functionality. Specific uses include:

Service Delivery

• Managing and displaying your goals, habits, routines, and journal entries
• Generating AI-powered insights using AWS Bedrock (Claude 3 Sonnet model)
• Scheduling and delivering notifications via iOS UserNotifications framework
• Tracking achievements and progress metrics

App Improvement

• Analysing usage patterns to optimise performance and user experience
• Identifying and fixing bugs through crash reports and diagnostics

Subscription Management

• Processing subscription status and enabling premium features via StoreKit

4. Data Storage and Security

We take robust measures to protect your data:

Storage

• Data is stored locally on your device using UserDefaults for persistence
• Cloud-based data (for backup or sync via CloudKit) is encrypted both in transit and at rest

Security

• End-to-end encryption ensures data remains inaccessible to unauthorised parties
• Highly secure algorithms and protocols prevent data breaches
• AWS services (Lambda, API Gateway, Bedrock, CloudKit) are secured with AWS IAM
• Client-side caching reduces unnecessary API calls, minimising exposure

Retention

• Data is retained only for as long as necessary to provide the App's services
• You can delete your data at any time via the App's settings
• Upon deletion, data is permanently removed from our systems

5. Data Sharing and Third Parties

We do not sell, share, or disclose your personal data to third parties, except in the following limited circumstances:

Service Providers

We use AWS (Amazon Web Services) for backend infrastructure (Lambda, API Gateway, Bedrock, CloudKit). These services process data in accordance with our instructions and strict security standards, without human access.

Legal Obligations

We may disclose data if required by law, such as to comply with a court order or regulatory requirement, but only to the extent necessary.

6. Your Rights

Under the UK GDPR, you have the following rights regarding your personal data:

To exercise these rights, contact us at support@actionsmartai.com. We will respond within one month, as required by law.

7. Children's Privacy

The App is not intended for use by individuals under 16 years of age. We do not knowingly collect personal data from children. If you believe a child under 16 has provided data, please contact us to have it removed.

8. Cookies and Tracking

The App does not use cookies or third-party tracking technologies. Analytics are collected in an anonymised form to improve functionality, without identifying individual users.

9. International Data Transfers

As ActionSmartAI Ltd is based in the UK, data is primarily processed within the UK or the European Economic Area (EEA). Where data is processed by AWS in regions outside the UK/EEA, we ensure compliance with UK GDPR through appropriate safeguards, such as Standard Contractual Clauses.

10. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. We will notify you of significant changes via the App or by email (if provided). The latest version is always available at https://actionsmartai.com/privacy-policy.

11. Contact Us