Privacy Policy
Last updated: May 2026
Your recovery, your pace. Anchor is built on one principle: your data belongs to you and no one else. This policy explains exactly what we collect, what we don't, and what you can do with your data at any time.
What we collect
Anchor collects only what is necessary to run the app:
- Account information — your email address, used to authenticate your account. No name required.
- Check-in data — the timestamps and types of check-ins you log (clean, urge, lapse). Stored in your private account.
- Journal entries — text you write in the journal. Stored in your private account and never read by us.
- Urge and trigger logs — tags and notes you add when logging urges. Stored in your private account.
- Debrief responses — your responses to the structured lapse debrief. Stored in your private account.
- App settings — preferences such as biometric lock and scripture toggle, stored locally on your device.
What we do not collect
- No advertising identifiers
- No analytics or usage tracking
- No third-party SDKs that observe your behavior
- No device fingerprinting
- No location data
- No contacts or photos
How your data is stored
Your data is stored in a private database (Supabase) tied to your account. Data is encrypted at rest and in transit. Your account is protected by your password and optionally by Face ID or Touch ID on your device.
No one at Anchor has routine access to your journal entries, check-in logs, or debrief responses. We do not read, sell, share, or aggregate your personal recovery data.
Third-party services
Anchor uses the following third-party services to operate:
- Supabase — database and authentication infrastructure. Your data is stored on Supabase servers. Supabase Privacy Policy: supabase.com/privacy
- RevenueCat — subscription management. RevenueCat receives your anonymized App Store customer ID to process subscription status. RevenueCat Privacy Policy: revenuecat.com/privacy
- Apple App Store — handles all payment processing for subscriptions. Apple's privacy policy governs payment data.
No other third-party services are used. There are no advertising networks, no analytics platforms, and no social SDKs in Anchor.
Your rights
You have full control over your data at any time:
- Export — export all your data from Settings at any time.
- Delete — delete your account and all associated data from Settings. Deletion is permanent and immediate.
- Correct — update your email address from Settings.
Data retention
Your data is retained for as long as your account is active. When you delete your account, all data is permanently removed from our servers within 30 days.
Children's privacy
Anchor is not intended for users under the age of 17. We do not knowingly collect data from anyone under 17. If you believe a minor has created an account, contact us and we will delete it promptly.
Changes to this policy
If we make material changes to this policy, we will notify you via the email address on your account before the changes take effect.
Contact
Questions about this policy or your data: rjflanagan12345@gmail.com