How It Felt
Download

Privacy Policy

Your reflections stay yours.

How It Felt is built around quiet, private noticing. This page explains, in plain language, what the app stores on your device, what limited information leaves your device, and how everything is handled.

Last updated: April 28, 2026

The short version

  • Your meal entries — photos, notes, hunger, fullness, feelings, senses — stay on your device. We never see them.
  • We don't sell your data, we don't share entry content with advertisers, and we don't build profiles of you.
  • In release builds, the app sends anonymous usage events (for example, that a meal was saved with the “calm” emotion) and crash reports to Firebase. Your photos, notes, and the contents of your entries are never sent.
  • The free tier shows ads served by Google AdMob. The Supporter subscription removes ads.
  • You can export your entries (CSV or PDF) and delete them at any time from inside the app.

What we collect — and where it lives

Entries you create in the app

When you use How It Felt, you can log entries that include a photo, hunger and fullness levels, a feeling, a sense, a free-text note, a meal type, and a timestamp. This content is stored locally on your device in a private app database (SQLite via Drift) and, for photos, in the app's private file storage. It is not uploaded to a server, is not part of any account, and is not visible to us.

Camera and photo library

If you choose to attach a photo to an entry, the app asks the operating system for permission to use your camera or photo library. Photos you select are saved into the app's private storage on the device. The app does not upload photos and does not access photos beyond what you explicitly pick. You can revoke these permissions at any time in your device's system settings.

Subscription and purchases

If you start a free trial or buy a Supporter subscription, the purchase is handled by the Apple App Store or Google Play. We use RevenueCat to verify and keep track of subscription status across devices. RevenueCat receives an anonymous app-generated user ID, the platform identifier of the purchased product, and basic device information. We don't see your payment card, billing address, or full Apple/Google account details.

Analytics and product diagnostics

In release builds, the app uses Firebase Analytics and Firebase Crashlytics (both provided by Google) to understand how features are used and to fix crashes. The app sends:

  • Usage events — for example, that an onboarding step was viewed, a meal was saved, the timer was started, or an insights tab was opened. Where an event has parameters, those parameters describe the category you chose (such as “snack”, “calm”, the hunger level, whether a photo was attached, or how many characters a note had) — never the content of your photo or the text of your note.
  • Screen views — which screen was shown, to help us understand navigation patterns.
  • Crash and error reports — stack traces, device model, OS version, app version, locale, and a randomly generated installation ID. These reports do not contain your entries, photos, or notes.
  • Standard Firebase data — an anonymous Firebase installation identifier, approximate region inferred from your IP address, language, and device model.

Analytics collection is disabled in development builds. We don't link these events to your real-world identity, and we don't merge them with the contents of your entries.

Advertising (free tier only)

If you use the free tier, the app shows banner ads served by Google AdMob. AdMob and its partners may collect identifiers and information needed to deliver, measure, and report on ads — for example, your device's advertising identifier (when you allow it), IP-derived region, device type, and basic ad-interaction data.

  • EU / UK / Switzerland — when you first launch the app, Google's User Messaging Platform (UMP) shows a consent form letting you choose whether ad partners may use your data for personalised ads. You can change your choice later in Settings.
  • iOS — Apple's App Tracking Transparency prompt asks whether the app may use your device's advertising identifier (IDFA). If you decline, you'll still see ads, but they won't be personalised based on cross-app activity.
  • Subscribe to remove ads — the Supporter subscription disables ads entirely and stops the AdMob SDK from loading them.

Remote configuration

The app uses Firebase Remote Config to fetch lightweight configuration values — for example, whether ads should be shown, or what the minimum supported version is. The app sends standard Firebase request metadata to retrieve these values; it does not send anything about your entries.

What we don't collect

  • We don't read your photos, your notes, or any entry content.
  • We don't track your location.
  • We don't access your contacts, calendar, microphone, or other apps.
  • We don't sell, rent, or trade your information.
  • We don't use your entries to train AI or any other model.
  • There are no user accounts, sign-ins, or passwords in the current version of the app.

How information is used

We use the limited information described above only to:

  • Run the app locally — display your entries, render insights, drive the timer, and so on.
  • Verify and restore your Supporter subscription across devices.
  • Understand which features are used and which screens crash, so we can improve the app.
  • Show ads in the free tier (where applicable) and respect your consent choices.
  • Reply to any support request you send us.

Service providers

We rely on a small number of trusted vendors to run the service. They process data only as needed to support the purposes above:

  • Apple App Store and Google Play — for app distribution, in-app purchases, and subscription billing.
  • Google Firebase (Analytics, Crashlytics, Remote Config) — for anonymous usage events, crash diagnostics, and configuration.
  • Google AdMob and the Google User Messaging Platform — for serving ads in the free tier and gathering EU consent.
  • RevenueCat — for managing subscription entitlements across devices.

Each of these providers has its own privacy policy that you can find on their websites.

Your rights and controls

  • Export — export your entries to CSV or PDF from inside the app.
  • Delete — delete individual entries, or remove all data by uninstalling the app.
  • Reset ad consent — reopen the EU consent form from Settings and change your choices.
  • Limit ad tracking — disable the advertising identifier on iOS or Android in your system settings, or subscribe to remove ads entirely.
  • Opt out of analytics — at the operating-system level by limiting ad/analytics tracking, or by uninstalling the app.

Depending on where you live, you may also have rights under laws such as the GDPR (EU/UK), CCPA (California), or similar regimes — including the right to access, correct, delete, port, or restrict use of personal data we hold about you. Because the app is largely on-device and account-free, most of those rights are exercised directly inside the app. For anything that requires us, write to the address below.

Children

How It Felt is not directed at children under 13 (or the equivalent minimum age in your country), and we don't knowingly collect data from them. If you believe a child has provided us with information, please contact us so we can remove it.

Data retention

Local entries stay on your device until you delete them or uninstall the app. Subscription records held by RevenueCat are retained for as long as needed to verify your entitlement and to meet legal and accounting obligations. Anonymous analytics events and crash reports are retained according to Firebase's standard retention windows.

Security

We use industry-standard safeguards: data sent to our service providers is encrypted in transit (TLS), the app is sandboxed by the operating system, and access to provider dashboards is limited and audited. No system is perfectly secure, but we treat your information with care and the principle of least privilege.

International transfers

Some of our service providers are based outside the European Economic Area (notably in the United States). Where data is transferred internationally, we rely on the safeguards those providers offer (such as Standard Contractual Clauses) so that your information is protected consistently with this policy.

Not medical advice

How It Felt is a self-reflection journal. It is not a medical device, and nothing in the app is a substitute for professional advice, diagnosis, or treatment. If something you notice while using the app concerns you, please speak with a qualified clinician, dietitian, or mental health professional.

Changes to this policy

If we update this policy, we will revise the “Last updated” date above and, for material changes, surface a notice in the app. Continued use after changes take effect means you accept the updated policy.

Contact

Questions, requests, or concerns? Email howitfeltapp@gmail.com.