StatusIn development — the site and apps are not yet publicly available.
← Back to Inner Navigation
Inner Navigation · Legal

Privacy Policy

Last updated: June 12, 2026

Data controller: Esteban Pedreira, sole proprietor (entrepreneur individuel), 309 rue des Tarusates, 40600 Biscarrosse, France — support@manifestwealth.io.

Data protection contact: internal assessment dated June 12, 2026 — no DPO designated at this stage; requests are handled through the privacy/contact lead.

The purposes below apply in compliance with the GDPR when you are in the European Economic Area (or where EU law applies).

1. Data processed (overview)

  • Mood and wellbeing data: scores, periods, tags, emotions, text notes, optional heart rate, data linked to entries.
  • Daily data: sleep, health, meals and food, finances, activity (including step count if you enable the pedometer), events, lifestyle, illness episodes entered, environmental correlations (e.g. weather), optional demo astrological data if you use those features.
  • App settings: tracking mode, interface preferences, notifications, language, consents, location and community sharing options, etc.
  • Account: email address, technical account ID, session tokens managed by the authentication provider (e.g. Supabase).
  • Technical data: app version, technical identifiers required for connected services, minimal server-side API logs if enabled by the publisher.

2. Local storage

By default, a significant portion of data is stored locally on your device (encrypted storage where the system supports it). Uninstalling the App may cause loss of local data that has not been exported.

3. Personal cloud backup (legal basis: explicit consent / requested feature performance)

The App works locally by default. Creating an account does not automatically enable personal cloud backup. If you separately enable that consent, certain data may be sent and stored on infrastructure configured by the publisher (e.g. Supabase project: preferences and user data bundles). This data remains pseudonymised within the meaning of GDPR Article 4(5): linked to your account ID, deletable on request, but not anonymous in the legal sense. Purposes: backup and continuity across devices.

When cloud backup is enabled, a technical daily_app_opens row may record one app open per user per UTC day for service statistics, retained for 90 days. Product goal: remove this named counter or anonymize it.

4. Artificial intelligence analysis (legal basis: consent for text notes where applicable)

Summaries or analyses may be requested via an intermediary server (e.g. Cloudflare Worker) that sends aggregated context to a language-model provider (e.g. Anthropic). The AI provider’s secret keys are not present in the mobile app.

If you enable including text notes, those contents may be included in the transmitted context. Without that consent, text notes should not be included in the analysis payload (except in case of a bug—contact support).

Data sent to AI is not used to train a general AI model by the publisher. Any future training or fine-tuning purpose would require a separate explicit consent and a dedicated notice.

5. Community sharing — levels of identifiability (legal basis: consent)

Important GDPR distinction. When you enable “collective sharing”, two levels coexist and must be distinguished so as not to mislead you:

(a) Data stored on our servers: pseudonymised (GDPR Article 4(5)). Your data is linked to your account by a technical identifier. We can technically retrieve it and delete it on your request. It is therefore not anonymous in the legal sense: it remains personal data subject to the GDPR. Free-text notes are never included in the community flow; only structured indicators (rounded scores, tags from a closed list, day and 4-hour slot, coarse geographic area) are concerned.

(b) Statistics published to the community: aggregated with k-anonymity (k ≥ 10) and statistical noise. Before publication, indicators are aggregated by geographic cell (~110 km wide) and by time window. A cell is published only if at least 10 distinct contributors are present (k-anonymity), with deterministic ±0.3 noise added to the means. At this output level, and absent cross-referencing with other databases, the published statistics do not, in practice, allow tracing back to an individual.

“Extended sharing (partners)”: if you additionally enable this, it is these aggregated statistics (b) that may be shared with research partners, according to commitments shown in the App. No raw pseudonymised data (a) is transmitted to third parties under this scope.

6. Location (legal basis: consent via system permissions / consent for community features)

Location may be used for weather and environmental charts; coordinates may be rounded on device before storage.

For community features, a separate option may associate k-anonymous aggregates (k ≥ 10) with a very coarse area (e.g. short geohash) without mandatory transmission of precise coordinates to the community server.

7. Microphone and speech recognition (legal basis: consent)

Some voice input features may use the microphone and system or manufacturer speech recognition. Audio is processed according to platform rules (Apple/Google).

8. Physical activity (legal basis: consent)

Step counting may use the device’s activity sensors after permission is granted.

9. Notifications (legal basis: consent / legitimate interest for service messages if applicable)

Notification preferences are managed in system and App settings.

10. Payments (legal basis: contract)

In-app purchases are processed by Apple or Google. We do not receive your card number.

11. Retention periods (indicative)

  • On-device data: while the App is installed and you do not erase it (some retention options, e.g. astro data, may be configurable in the app).
  • Account and optional cloud backup: for the life of the account if personal cloud backup is enabled, then according to legal deadlines and deletion procedures. daily_app_opens, when present under cloud consent, is purged after 90 days.
  • Aggregated community statistics (k ≥ 10, ±0.3 noise): kept without a predefined retention period in the absence of individual identifiers once published. The pseudonymised data used to produce them remains subject to the account retention periods (above).

12. Recipients and sub-processors

Providers that may be involved depending on configuration: Supabase (hosting/auth), Cloudflare or equivalent (API Worker), AI model provider, server hosts, mobile stores for IAP. An up-to-date list may be requested from the contact at the top.

13. Transfers outside the EU

If sub-processors process data outside the EEA, the publisher aims to implement appropriate safeguards (standard contractual clauses, supplementary measures) in line with the GDPR.

14. Your rights

You have rights of access, rectification, erasure, restriction, portability (for data provided and processed by contract/automation), and objection, under legal conditions. Where processing is based on consent, you may withdraw consent at any time without affecting the lawfulness of prior processing.

You may lodge a complaint with the CNIL (www.cnil.fr) or your local supervisory authority.

15. Minors

The App is not directed at people under 15 (Article 8 GDPR, as implemented in French law). If you believe a minor has provided data without authorisation, contact the data controller.

16. Contact

For questions about this policy or your rights: support@manifestwealth.io.