moon made me — Privacy Policy
Effective Date: May 14, 2026
Last Updated: May 14, 2026
Version: 1.1
The short version (plain language)
moon made me is built around minimal data collection. Here's what matters most:
What we DON'T collect
- No password (you sign in with Apple, Google, or an email magic link)
- No location, contacts, photos, calendar, or browsing history
- No advertising ID (IDFA / GAID) — we do not track you across apps
- No behavioral advertising profile
- No third-party programmatic ads in the app
What we DO collect
- Your chosen first name or nickname
- Your guide preferences (avatar, name, tone, notification time)
- Your timezone (detected from device, stored to keep your daily reset on local midnight)
- Your email address — if your sign-in provider returns one. With email magic link, you give it to us directly. With Apple Sign In or Google Sign In, your provider passes it (or, in Apple's case, a private-relay address if you choose "Hide My Email") to Firebase Authentication. In all cases it is stored only in your authentication record and is deleted on account deletion.
- The last time you opened the app, so we can detect inactive accounts and stale data
- Which whisper you saw on which date (so we don't repeat it within 365 days)
- Product card taps (for affiliate tracking — no personal identifier shared with Amazon)
What we DO with it
- Show you a daily whisper matched to your tone
- Send a daily push notification (only if you opt in) and up to three return-reminder ("Reminders") notifications at 3, 7, and 15 days of inactivity (Reminders are on by default and can be turned off in Settings → Reminders)
- Match product recommendations to the day's vibe
- Improve the app via anonymized analytics
What we DON'T do
- Sell your data
- Share with advertising networks or data brokers
- Use your data for cross-context behavioral advertising
- Share with anyone beyond the essential service providers listed below
The detailed policy follows. In any conflict between this summary and the detailed sections, the detailed sections control.
1. Introduction
moon made me ("we", "us", "our") operates the moon made me mobile application (the "Service"). This Privacy Policy describes how we collect, use, share, and protect information when you use the Service.
By using the Service, you agree to the practices described here. If you do not agree, please do not use the Service.
2. Information We Collect
2.1 Information You Provide
During onboarding and in Settings, you may provide:
| Field | Purpose | Retention |
|---|---|---|
| First name or nickname (≤20 chars) | Personalization (shown in greetings, push notifications) | While account active |
| Guide selection (avatar ID + name ≤16 chars) | Delivery persona for whispers | While account active |
| Tone preference (Spark / Calm / Witty) | Select whisper variant | While account active |
| Notification time (preset: 7am / 9am / 12pm / 6pm / 9pm) | Schedule daily local push | While account active |
| Email address (if using Apple Sign In or Google Sign In) — including Apple's private-relay address when "Hide My Email" is selected | Returned by your sign-in provider's OAuth flow; stored in your Firebase Authentication record. We do not display it back to you, do not use it for marketing, and do not share it outside the providers listed in §4. | While account active; deleted on account deletion |
| Email address (if using email magic link) | Send a single, time-limited sign-in link, delivered via our transactional email provider Resend; retained in Firebase Authentication while account is active for re-login and account recovery | While account active; deleted on account deletion |
| Feedback message (free-text, ≤500 chars, optional via Settings → Feedback) | Read your message to improve the Service; respond if you've included contact info | Retained for 24 months then auto-deleted; deleted within 30 days of account deletion request |
2.2 Information Collected Automatically
When you use the Service:
| Data | Purpose | Retention |
|---|---|---|
| Authentication identifier from Apple Sign In / Google Sign In / Firebase email magic link | Account login | While account active |
| Authentication provider type (google.com / apple.com / password) | Identify sign-in method for account recovery and internal cohort analytics | While account active |
| Device type and OS version | Debugging, compatibility | Operational logs ≤ 90 days |
| Timezone (detected from device) | Local midnight reset for daily whisper; persisted to your account record so reset works consistently across devices | While account active |
| Last active timestamp | Detect stale accounts and inform stale-data cleanup | While account active |
| Session identifier | Group analytics events into sessions to understand usage patterns; rotate every 30 minutes of inactivity to limit cross-session correlation | UUID generated on device, persisted to local app storage; rotated after 30 minutes idle; not retained after rotation |
| Whisper interaction history (which whisper ID viewed, date, tone) | Prevent repetition within 365 days | 365 days rolling, then auto-deleted |
| Vibe grid impression events (the four vibes shown, whisper ID, tone, primary vibe) | Understand which vibe combinations users see per whisper; inform curation quality and pool sizing | 365 days, then auto-deleted |
| Talisman draw events (vibe selected, whisper ID, tone, product ID, Amazon ASIN, primary-vibe flag) | Record which talisman you draw per vibe per day; ensure same-day idempotence and 7-day product variety; inform affiliate analytics | 365 days, then auto-deleted |
| Product click events (product ID, whisper ID, tone) | Affiliate tracking; understand which products resonate with each whisper | 180 days, then auto-deleted. Aggregated anonymized counts may be retained longer. |
| Product return events (product ID, seconds elapsed before returning from Amazon, 1–300 s window) | Measure engagement depth with linked products | 180 days, then auto-deleted |
| In-app behavior events (onboarding step completed, share button tapped, app-open at session start) | Understand onboarding completion and content-sharing patterns; no content from these events is shared with third parties | 365 days, then auto-deleted |
| Event metadata (app version, OS version, platform, locale) attached to all in-app events | Diagnose performance regressions across versions; understand device and locale segments | Same retention as the parent event: 365 days for whisper-view, onboarding, share, and app-open events; 180 days for product events |
| Push notification token | Deliver notifications | Retained while account is active; cleared on account deletion. May persist briefly after disabling notifications until next account-state sync. |
2.3 Information We Do NOT Collect
To be explicit, we do not collect or access:
- Password, password hashes, or biometric credentials (sign-in is performed entirely by your chosen provider — Apple, Google, or Firebase email magic link)
- Precise or coarse device location
- Contacts, calendar, photos, or media library
- Device motion, health, fitness, or biometric data
- Microphone or camera input
- Browsing history outside the App
- Advertising identifier (IDFA on iOS, GAID on Android) — we do not request App Tracking Transparency permission
- SMS, call logs, or any messaging content
- Financial account information or payment card data (the App has no in-app payments as of this version)
3. How We Use Information
We use your information to:
- Deliver daily content: select a whisper aligned with your chosen guide and tone preference, ensuring no repetition within a rolling 365-day window
- Send notifications: if you opt in to push, schedule local push notifications at your chosen time. By default we additionally schedule up to three return-reminder ("Reminders") notifications at days 3, 7, and 15 of inactivity to invite you back; you can disable Reminders independently in Settings → Reminders without turning off your daily push.
- Match products: align Amazon product recommendations with the day's vibe based on internal keyword tags
- Operate your account: sign-in, preference updates, and deletion
- Improve the Service: in-app analytics events (stored in Supabase with your Firebase UID, see §4) to understand feature usage, onboarding completion, and content-sharing patterns; Firebase Analytics for aggregated session-level diagnostics
- Understand product and content effectiveness: product impression, click, and return-timing events help us evaluate which products resonate with each vibe and improve curation
- Send teaser/launch updates and product announcements to email addresses that opted in via the website signup form
- Read user feedback: when you submit a message via Settings → Feedback, we store it linked to your account ID solely so we can read it, prioritize improvements, and (where possible) respond.
- Respond to you: handle support requests, data access/deletion requests, and legal inquiries
4. How We Share Information
We share information only with the following service providers, for the specified purposes and in the minimum amount necessary.
| Recipient | Role | What they see | Location |
|---|---|---|---|
| Apple Sign In (iOS only) / Google Sign In | Identity provider | Own OAuth flow — we receive a user ID token and, if the provider returns one, your email address (which Firebase Authentication then stores in your auth record) | Global |
| Firebase Authentication (Google) | Identity provider, session management, magic-link issuance (delivery is performed by Resend, see below) | User ID token, provider, and email address — supplied by your chosen sign-in provider (Apple, Google, or magic link) | Google Cloud |
| Firebase Analytics (Google) | Anonymized usage analytics | Event data without personally identifying fields | Google Cloud |
| Firebase Crashlytics (Google) | Crash reporting and breadcrumb logs to diagnose stability issues | Crash stack traces; non-fatal exceptions; breadcrumb logs (analytics event names, no user identifiers); device + OS version | Google Cloud |
| Supabase (PostgreSQL) | Backend database — stores user profile, whisper history, talisman draw history, and all in-app analytics events (app_open, onboarding_step, whisper_viewed, vibe_grid_impression, talisman_drawn, product_clicked, product_click_return, share_tapped). All events include your Firebase UID so that your data can be located and deleted on account removal. | Encrypted storage of the fields in Section 2 | US East (AWS) |
| Loops (Email Service Provider) | Marketing email collection + delivery for landing-page signup, welcome, and launch announcements | Email address; subscription timestamp; standard delivery telemetry | US (AWS) |
| Resend (operated by Resend, Inc.) | Transactional email delivery (SMTP relay for the magic-link sign-in path) | Recipient email address; magic-link message body; standard delivery telemetry (sent / delivered / bounced / opened) | US (AWS) |
| Amazon (Associates Program) | Affiliate tracking for product links | Your click on a product link + our partner tracking tag — no personal identifier from us | Global |
| Expo / Expo Application Services (EAS) | App build infrastructure and over-the-air updates | Build metadata, crash diagnostics (no PII) | Expo / AWS |
| Expo Notifications (wraps APNs and FCM) | Push notification delivery | Push token and notification payload | Apple / Google / Expo infrastructure |
| Cloudflare (Pages, Workers, KV) | (a) Static hosting for moonmademe.com and /.well-known/ files. (b)
Server-side affiliate redirect proxy at
moonmademe.com/r/{product_id} — every product-card tap in
the App passes through this Worker, which looks up the product, applies
our Amazon affiliate tag, and 302-redirects to Amazon |
Source IP and user agent (transient, in standard edge access logs); requested product UUID; redirect timing | Cloudflare global edge |
We do NOT:
- Sell your personal information to anyone
- Share your personal information with advertising networks or data brokers
- Use your personal information for cross-context behavioral advertising
- Allow any third party to use your personal information to track you across other apps, services, or websites
4.1 Legal disclosures
We may disclose information if required by law, valid legal process (subpoena, court order), or to protect the safety and rights of users or the public. We will challenge overbroad or improper requests where feasible.
4.2 Business transfers
If moon made me is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you and post a notice in the App if your information becomes subject to a materially different privacy policy.
5. Data Retention
We retain information only as long as necessary for the purposes described. Specifically:
- Profile data (name, preferences): kept while your account is active. Deleted within 30 days of account-deletion request, except where retention is required by law.
- Whisper interaction history: automatically deleted after 365 days (rolling window).
- Product interaction events (product_clicked, product_click_return): automatically deleted after 180 days. Aggregated anonymized counts (e.g., "X taps on product Y on date Z" with no user identifier) may be retained longer for business analytics.
- In-app behavior events (onboarding_step, share_tapped, app_open, vibe_grid_impression, talisman_drawn, whisper_viewed): automatically deleted after 365 days.
- Daily activity aggregate (
daily_active_userstable): one row per (Firebase UID, date) that we use to compute Daily / Weekly / Monthly Active User counts after raw events are deleted. This row includes your Firebase UID and is not anonymized. Retained while your account is active; deleted when your account is deleted via database cascade. The same applies to your daily talisman draw history (one row per user/date/vibe). - Feedback messages: retained for 24 months from submission, then automatically deleted, unless required for an open support thread.
- Push notification tokens: deleted when notifications are disabled or the account is deleted.
- Authentication identifiers: deleted when the account is deleted.
- Operational logs (debugging, security): maximum 90 days.
- Crash reports and breadcrumb logs (Firebase Crashlytics): retained for 90 days per Google's default policy.
- Marketing email subscriptions (Loops): email
addresses retained while your subscription is active. Upon unsubscribe,
your email is removed from the active sending list and moved to a
suppression list per CAN-SPAM compliance to prevent unintended
re-mailing; addresses on the suppression list are deleted upon explicit
erasure request to
contact@hasia.ai.
6. Your Rights
6.1 Rights available to all users
At any time you may:
- View and edit your name, guide, tone, and notification time in the Settings screen.
- Disable notifications via your device's system settings or the in-app Settings screen
- Disable return-reminder notifications independently of the daily push, in Settings → Reminders
- Sign out and stop using the Service
- Request account deletion via the Settings screen or by contacting us
Account deletion removes your personal data within 30 days, subject to the retention exceptions above.
6.2 California residents (CCPA / CPRA)
If you are a resident of California, you have the right to:
- Know what categories of personal information we collect and why (see Section 2)
- Access a copy of the specific personal information we have about you
- Delete your personal information, subject to legal retention exceptions
- Correct inaccurate personal information
- Opt out of the sale or sharing of personal information for cross-context behavioral advertising — we do not sell or share your information for these purposes; this right is honored by default
- Limit the use of sensitive personal information — we do not collect sensitive personal information as defined by CCPA/CPRA
- Non-discrimination — we will not deny service, charge a different price, or provide a different quality of service because you exercised these rights
To exercise these rights, email us at contact@hasia.ai
with the subject line "Privacy Request". We will verify
your identity via the email address associated with your Apple/Google
sign-in before acting.
6.3 EEA / UK residents (GDPR / UK-GDPR)
If you are in the European Economic Area or the United Kingdom, you
have additional rights including access, rectification, erasure,
restriction of processing, data portability, and objection. Contact us
at contact@hasia.ai to exercise these rights.
Legal basis for processing:
- Performance of a contract — to provide the Service you requested (profile, whisper delivery, notifications)
- Legitimate interest — service improvement, security, fraud prevention
- Consent — for push notifications (withdrawable anytime via device or app settings)
6.4 Other jurisdictions
Residents of other jurisdictions with applicable privacy laws (e.g., Virginia, Colorado, Connecticut, Utah in the US; LGPD in Brazil) have similar rights. Contact us for assistance.
7. Children (COPPA)
moon made me is not directed at children under 13 years old. We do not knowingly collect personal information from children under 13.
If you are a parent or guardian and believe your child under 13 has
provided personal information to us, please contact us at
contact@hasia.ai. We will delete the information within a
reasonable timeframe and terminate the account.
App Store age rating restricts download to age-appropriate users. If we later discover an existing user is under 13, we will terminate the account and delete associated data.
8. Security
We take reasonable technical and organizational measures to protect your information, including:
- Encrypted transport (HTTPS / TLS 1.2+) between the App and our servers
- Row-level security at the database layer: one user cannot access another user's data
- OAuth-based authentication — we never see your Apple/Google password
- Principle of least privilege for operational staff access
- Automated deletion of time-limited data (see Section 5)
- Dependency and vulnerability monitoring on server infrastructure
No system is perfectly secure. If we discover a security incident affecting your personal information, we will notify you as required by applicable law.
9. International Data Transfer
Our servers are located in the United States (AWS US East via Supabase). If you use the Service from outside the US, your information will be transferred to, stored, and processed in the US. Data protection laws in the US may differ from those in your country.
By using the Service, you consent to this transfer. For EEA/UK residents, this transfer relies on standard contractual clauses or other transfer mechanisms as permitted by applicable law.
10. Cookies and Similar Technologies
moon made me is a native mobile app and does not use browser cookies. We use:
- Local device storage (AsyncStorage on iOS/Android)
to cache your profile, the day's whisper, your session identifier, your
magic-link cooldown timestamp, and (for Apple Sign-In users) a
short-lived Apple
authorizationCodethat we use only to revoke your Apple refresh token when you delete your account, per App Store guideline 5.1.1. The AppleauthorizationCodeis cleared when your account is deleted. None of this is shared with third parties. - Firebase Authentication ID token (issued after sign-in) stored securely on-device to keep you signed in. It is encrypted at rest by the operating system and is sent to Supabase as a Bearer token to authorize per-user database access.
We do not use web beacons, pixel tags, fingerprinting, or any cross-app tracking technologies.
11. Do Not Track
The App does not respond to Do Not Track signals, because Do Not Track is a browser-level standard that does not apply to native mobile apps. However, we do not track you across other apps or services regardless of Do Not Track status.
12. Advertising (current state: none)
As of this Policy's effective date, moon made me does not display third-party advertising of any kind — no banners, interstitials, rewarded video, or sponsored content. We do not use advertising SDKs and do not process advertising identifiers.
If we ever introduce advertising or change our data practices, we will:
- Update this Privacy Policy with at least 30 days' advance notice in the App
- Provide opt-out mechanisms and consent flows required by applicable law (e.g., iOS App Tracking Transparency prompt, GDPR consent banner where applicable)
- Update App Store Privacy Labels and Google Play Data Safety disclosures
13. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will:
- Update the "Last Updated" date at the top
- Post a notice in the App for material changes
- For very material changes (e.g., new categories of data collection, new sharing partners, introduction of advertising), provide at least 30 days' advance notice
Continued use of the Service after an update constitutes acceptance of the revised Policy. If you do not agree to the revised Policy, you must stop using the Service and may request account deletion.
14. Contact Us
Questions, concerns, or requests regarding this Privacy Policy or your personal information:
moon made me
Operated by: HASIA Co., Ltd.
Email: contact@hasia.ai
For data access, correction, or deletion requests, include "Privacy Request" in the subject line. We will verify your identity using your Apple/Google sign-in email before acting on the request.