Privacy Policy

Last Updated: January 21, 2025

            Important: This Privacy Policy explains how Haunting Fog ("we", "us", or "our") collects, uses, and protects your personal information when you use our mobile application and services.
        

1. Information We Collect

1.1 Information You Provide

When you create an account or use our services, we collect:

Account Information: Email address, display name, and password (encrypted)
Profile Information: Genre preferences, listening preferences, and profile customization
Payment Information: Subscription status and transaction history (processed securely through Apple App Store or Google Play Store)
Support Communications: Messages you send us for customer support

1.2 Information Collected Automatically

We automatically collect certain information when you use our app:

Usage Data: Stories viewed, listening history, swipe actions, search queries, and app navigation patterns
Device Information: Device type, operating system, app version, and unique device identifiers
Performance Data: App performance metrics, crash reports, and diagnostic information
Session Data: Session duration, features used, and interaction patterns

1.3 Third-Party Authentication

If you sign in using third-party services (Google, Apple), we receive:

Google Sign-In: Email address, name, and profile photo (if provided)
Apple Sign-In: Email address (or private relay email), and name (optional)

2. How We Use Your Information

We use your information for the following purposes:

2.1 Service Delivery

Provide, maintain, and improve our story discovery and playback services
Authenticate your account and manage your subscription
Synchronize your listening progress across devices
Deliver personalized story recommendations

2.2 Communication

Send transactional emails (account verification, password resets, subscription updates)
Respond to your support requests and inquiries
Send important updates about our services (with your consent)

2.3 Analytics and Improvement

Analyze usage patterns to improve app performance and user experience
Understand story preferences to curate better content
Detect and prevent technical issues and bugs
Ensure app security and prevent fraud

2.4 Legal Compliance

Comply with legal obligations and enforce our Terms of Service
Protect our rights, privacy, safety, or property
Respond to legal requests from authorities

3. Data Storage and Security

3.1 Data Storage

Your data is stored securely using:

Cloud Infrastructure: Supabase (PostgreSQL) hosted on secure cloud servers
Local Storage: Cached content on your device for offline access (encrypted)
File Storage: Audio files and images cached temporarily for performance

3.2 Security Measures

We implement industry-standard security practices:

End-to-end encryption for data transmission (HTTPS/TLS)
Password hashing using bcrypt with salt
Secure authentication tokens with automatic expiration
Regular security audits and updates
Access controls and monitoring for unauthorized access

            Note: While we implement robust security measures, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security.
        

4. Data Sharing and Disclosure

We do not sell your personal information. We may share your information only in these limited circumstances:

4.1 Service Providers

We share data with trusted third-party services that help us operate:

Supabase: Authentication and database hosting
Apple/Google: In-app purchase processing and subscription management
Cloud Storage: Audio file hosting and content delivery

4.2 Legal Requirements

We may disclose information if required by law, court order, or government request, or to:

Comply with legal obligations
Protect our rights and property
Prevent fraud or security threats
Protect user safety

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred. We will notify you before your information is transferred and becomes subject to a different privacy policy.

5. Your Privacy Rights

5.1 Access and Control

You have the right to:

Access: Request a copy of your personal data
Correction: Update or correct inaccurate information
Deletion: Request deletion of your account and data
Export: Download your data in a portable format
Opt-Out: Disable analytics tracking (may affect app functionality)

5.2 California Privacy Rights (CCPA)

If you are a California resident, you have additional rights:

Right to know what personal information is collected
Right to know whether personal information is sold or disclosed
Right to opt-out of the sale of personal information (we do not sell data)
Right to non-discrimination for exercising privacy rights

5.3 European Privacy Rights (GDPR)

If you are in the European Economic Area, you have rights under GDPR:

Right to access, rectification, and erasure
Right to data portability
Right to object to processing
Right to withdraw consent
Right to lodge a complaint with a supervisory authority

6. Children's Privacy

Our app is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately, and we will delete such information.

7. Data Retention

We retain your information for as long as necessary to provide our services and comply with legal obligations:

Account Data: Retained while your account is active, plus 90 days after deletion
Usage Analytics: Aggregated data retained for up to 2 years
Payment Records: Retained for 7 years for tax and legal compliance
Support Communications: Retained for up to 3 years

8. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for international transfers, including:

Standard contractual clauses approved by the European Commission
Adequacy decisions for specific countries
Compliance with Privacy Shield principles (where applicable)

9. Cookies and Tracking Technologies

Our app uses local storage and caching mechanisms for:

Authentication: Secure session tokens
Preferences: App settings and user preferences
Performance: Cached content for faster loading
Analytics: Usage patterns and app behavior (anonymized)

You can clear cached data through your device settings, but this may affect app functionality.

10. Third-Party Services

Our app integrates with third-party services that have their own privacy policies:

Google Sign-In: Google Privacy Policy
Apple Sign-In: Apple Privacy Policy
Google Play Billing: Google Play Privacy Policy
Apple In-App Purchase: Apple Privacy Policy

11. Changes to This Privacy Policy

We may update this Privacy Policy periodically. When we make changes, we will:

Update the "Last Updated" date at the top of this policy
Notify you via email or in-app notification for material changes
Provide 30 days notice before changes take effect

Your continued use of our services after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:

Email: hauntingfogstory@gmail.com

Response Time: We will respond to privacy requests within 30 days.