Privacy Policy
Last updated: June 2026
Who we are (Data Controller)
LifePilot is the data controller for personal data processed through the Service. Contact: hello@lifepilot.app. References to "we", "us", and "our" mean LifePilot.
What we collect
We collect only what is needed to run LifePilot: (a) account data — email address and authentication identifiers; (b) product data — habits, ritual completions, journal entries, Life Score, XP, badges; (c) technical data — device identifiers, IP address, basic usage telemetry for security and reliability; (d) support communications when you contact us.
Why we use it and legal basis (GDPR)
We process personal data to: provide and operate the Service (contract performance, Art. 6(1)(b) GDPR); secure the Service, prevent fraud, and improve reliability (legitimate interests, Art. 6(1)(f)); send essential service messages and respond to support (contract performance / legitimate interests); meet legal and tax obligations (Art. 6(1)(c)); and send optional marketing communications only with your consent (Art. 6(1)(a)). We do not sell personal data and do not use it for third-party advertising.
Who we share it with
We share personal data only with service providers acting on our instructions: (a) managed cloud hosting and database providers; (b) Paddle.com Market Limited, our Merchant of Record, for processing payments, subscription management, invoicing, and tax compliance — see Paddle's privacy notice at https://www.paddle.com/legal/privacy; (c) email and customer-support tooling; (d) professional advisers (legal, accounting) where necessary; (e) authorities where required by law.
International transfers
Where personal data is transferred outside the UK/EEA, we rely on adequacy decisions or Standard Contractual Clauses with appropriate safeguards.
Storage and security
Data is stored in encrypted databases on managed cloud infrastructure. Access is restricted via row-level security and least-privilege controls. We apply appropriate technical and organisational measures including encryption in transit and at rest.
Data retention
We keep account and product data for as long as your account is active. If you delete your account, we delete or anonymise your personal data within 30 days, except where we are required to retain limited records (for example, billing and tax records kept by Paddle and ourselves for up to 10 years to meet legal obligations).
Your rights
Subject to applicable law (including GDPR for UK/EEA users) you have the right to access, rectify, erase, restrict or object to processing, request portability, and withdraw consent at any time. You can also lodge a complaint with your local supervisory authority. To exercise any right, email hello@lifepilot.app — we respond within one month.
Cookies
We use only essential cookies for authentication and session management. No third-party advertising or cross-site tracking cookies.
Changes
We may update this notice. Material changes will be communicated by email or in-app. The "Last updated" date above always reflects the current version.