Privacy Policy

Happy High Privacy Policy

Happy High helps you experience the natural runner's high by tracking time spent in your Happy High Zone (70-80% of HRmax). We take your privacy seriously. Happy High is owned and run by FreeDAIY Pty Ltd, and we limit data collection to the minimum needed to power the core experience.

Last updated

November 12, 2025

All personal health data stays on your device (never sent to servers)Anonymous analytics is on by default (you can turn it off anytime)No third-party tracking or advertising

What stays local

  • Your heart rate readings
  • Your exact age
  • Your workout history and session details
  • Your app preferences

What can be sent (analytics on by default)

Anonymous summaries are sent to our server unless you turn analytics off in Settings → "Anonymous Analytics":

  • Time in zone and total workout duration
  • VO2max before/after workouts (if available)
  • Age bracket (e.g., "25-30")
  • Session date (no time or location)

Your choice

Analytics is ON by default to help improve Happy High. Turn it off anytime in Settings → "Anonymous Analytics"—no impact on core app functionality. We show a clear notice on first launch before analytics begins.

No selling, no ads, no third-party tracking.

Data We Collect

Essential Data (Always Collected)

Health Data (via HealthKit)

Collected with your explicit permission:

  • Heart rate: Real-time BPM during workouts
  • VO2max: Cardiovascular fitness (if available)
  • Workout duration: Start and end times

Used to calculate your Happy High Zone (70-80% HRmax), track time in zone, monitor improvements, and generate session summaries.

Personal Information

Age is collected to calculate HRmax (208 - 0.7 × age) and personalize your zone.

Stored locally on your device only.

App Usage Data

Session summaries (date, duration, time in zone, longest streak, average BPM) and preferences (theme, notifications, onboarding status) are stored locally using SwiftData and encrypted on-device. Optional iCloud sync is available if you enable iCloud.

Anonymous Analytics (Default On, You Can Disable)

Analytics starts in an on state so we can understand how heart rate zone training affects cardiovascular fitness. You can turn it off anytime in Settings → "Anonymous Analytics". In regions requiring consent (e.g., EU/UK/EEA), we present a clear prompt before sending any analytics.

What we collect (while enabled)

  • Time in Happy High Zone (minutes) and total workout duration
  • VO2max readings before and after workouts
  • Age bracket (5-year ranges only, never exact age)
  • Session date (no time or location)

No names, emails, Apple IDs, device identifiers, GPS, or individual heart rate readings.

How it works

  • Completely anonymous and aggregated—cannot trace data back to you or link sessions.
  • Sent over encrypted HTTPS to our secure server (Railway + PostgreSQL).
  • Used for research, product development, education, and anonymized partnerships.
  • No tracking, no behavioral profiling, and no advertising.
  • Retained indefinitely for longitudinal research. Past submissions can't be removed because we can't identify which data is yours.
  • Disable analytics anytime to stop future collection.

How Data Is Stored

  • Local Storage (Primary): Workout data stored locally on iPhone and Apple Watch via SwiftData, encrypted at rest in the app sandbox. HealthKit data remains in your Health app.
  • iCloud Sync (Optional): If enabled, summaries and preferences sync across your devices with encryption in transit and at rest. Controlled in iOS Settings → [Your Name] → iCloud → Happy High.
  • Cloud Storage (Analytics Only): If analytics is enabled, anonymized session summaries are sent to Railway (PostgreSQL, encrypted connections).
  • We do not store on servers: Personal info (name, email, Apple ID), individual heart rate readings, advertising IDs, location data, or device info beyond temporary rate limiting.

How Data Is Used

  • Zone calculation and real-time tracking of when you enter/exit the Happy High Zone.
  • Progress insights, history views, and afterglow timers for 10+ minutes in zone.
  • Local notifications only (no marketing, no remote push).
  • Never used for advertising, profiling, or data sharing with third parties.

Third-Party Services

  • Core: Apple HealthKit, iCloud (optional), UserNotifications. No analytics platforms, crash reporting, ads, customer support platforms, or social media integrations.
  • Analytics (on by default, can be disabled): Railway for hosting and PostgreSQL database. HTTPS encryption, rate limiting, anonymized summaries only.
  • Minimal dependencies reduce privacy risk; external services never receive personal identifiers.

HealthKit Permissions & Data Use

  • Requested access: Heart Rate (read), VO2max (read), Workouts (write).
  • Used for: Real-time monitoring, calculating time in zone, VO2max trends, session summaries.
  • Not used for: Advertising, marketing, sharing, data mining, server transmission, or combining with other apps.
  • Revoke anytime in Settings → Privacy & Security → Health → Happy High (the app can continue with mock data if HealthKit is revoked).

Your Privacy Rights & Controls

  • Access: View all session data in History; workouts are also in the Health app.
  • Delete: Uninstall the app to remove local data. Delete individual workouts in the Health app. Turn off iCloud to stop syncing.
  • Revoke permissions: HealthKit toggles for Heart Rate, VO2max, or Workouts; Notifications; iCloud sync.
  • Update: Change age in Settings → Profile → Age (recalculates your zone immediately).
  • Data portability: Export workouts via the Health app or third-party HealthKit export tools.

Data Security

  • Encryption at rest for app data via SwiftData; HealthKit enforces strict security.
  • iCloud sync (if enabled) uses end-to-end encryption via Apple.
  • No server storage of personal data reduces breach risk.
  • Device loss: data protected by device passcode/Face ID/Touch ID; iCloud can restore on a new device.
  • Security updates will never reduce your privacy protections.

International Users & Data Transfers

  • Essential app data stays on your device/iCloud—no cross-border transfers of personal information.
  • Anonymous analytics (if enabled) may be stored in the United States (Railway).
  • GDPR/CCPA/LGPD/PIPEDA compliant: lawful basis is consent for analytics; you can withdraw by disabling analytics.
  • EU-US transfers rely on anonymization, Standard Contractual Clauses (Railway), and TLS 1.3 encryption.
  • Apple may store iCloud data in various countries per Apple's privacy policy.

Children's Privacy

Happy High is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you are under 13, do not use Happy High or provide any information in the app. If we learn we collected information from a child under 13, we will delete it promptly.

Parents: If you believe your child has used Happy High and provided information, please contact us at contact@freedaiy.com.

Changes to This Privacy Policy

  • We may update this policy as we add features (e.g., analytics enhancements, cloud sync).
  • Significant changes will be highlighted in App Store release notes and in-app if they affect your rights; the "Last updated" date will change.
  • Existing practices never change retroactively. New data collection will always come with a clear in-app notice and the ability to turn it off.
  • Continued use after changes means you accept the updated policy. If you disagree, you can delete the app and your data.

Legal Basis for Processing (GDPR)

  • Heart Rate, VO2max (HealthKit): Consent (you authorize access during onboarding).
  • Age: Contractual necessity to calculate your personalized Happy High Zone.
  • Session history (local) & app preferences: Legitimate interest to provide the requested workout tracking experience.
  • Anonymous analytics: Consent (we present a first-launch notice and respect your choice; you can turn it off anytime in Settings → "Anonymous Analytics").

Withdraw consent anytime: revoke HealthKit access, disable analytics, or delete the Happy High app.

Contact & Data Protection

Happy High is owned and run by FreeDAIY Pty Ltd. We aim to respond to all privacy inquiries within 30 days.

General inquiries

contact@freedaiy.com

Privacy requests (deletion, access, GDPR/CCPA)

contact@freedaiy.com

Complaints: You have the right to contact your local data protection authority (e.g., EU DPAs, UK ICO, California Privacy Protection Agency). We welcome the chance to address concerns directly via contact@freedaiy.com.