PRIVACY POLICY — 21 DAYS
Last updated: June 29, 2026
This Privacy Policy describes how the developer of 21 Days ("we", "us", or "our") handles information when you use the 21 Days mobile application ("App"), available on Google Play.
By using the App, you agree to this Privacy Policy. If you do not agree, please do not use the App.
1. SUMMARY
21 Days is a subscription-based habit ritual tracker with no third-party advertisements. The App stores your rituals and settings on your device and, when you sign in with Google, syncs ritual data to Google Firebase (Firestore) tied to your account.
The App uses Google Sign-In, Firebase, RevenueCat, and Google Play Billing for account sync and subscriptions. Local notifications remind you about rituals you configure.
2. INFORMATION WE STORE ON YOUR DEVICE
The App stores the following data locally using on-device storage (AsyncStorage). This data remains on your phone unless you sign in (see Section 3) or delete it:
- Rituals (challenges): name, description, emoji, color, duration, start date, reminder schedules, daily logs (Done / Skipped / Missed status, mood, journal notes, timestamps), archive state, and creation dates
- App settings: theme (dark / light / system), display name, onboarding state, notification preference, dashboard layout, and selected notification sound
- Subscription and trial state used to determine access to the App
You can export rituals and settings as a JSON backup file from Settings. You can remove local data by clearing the App's storage in Android settings or uninstalling the App.
3. INFORMATION STORED IN THE CLOUD (GOOGLE SIGN-IN)
When you sign in with Google, the App uses Firebase Authentication and Cloud Firestore. Data linked to your Google account may include:
- Account identifiers from Google Sign-In (such as user ID, email address, display name, and profile photo URL when provided by Google)
- Your chosen app display name
- Ritual documents you create or update while signed in (same fields as stored locally)
- Subscription trial metadata used to restore trial timing across reinstalls (trial start date and related subscription fields)
We do not operate a separate backend server beyond Google Firebase. Firestore security rules limit each signed-in user to their own data path (users/{uid} and subcollections).
If you sign out, rituals remain on your device; cloud sync pauses until you sign in again with the same Google account.
If you use guest mode without signing in, ritual data stays on your device only and is not synced to Firebase.
4. DEVICE PERMISSIONS
The App may request the following Android permissions:
- Notifications (POST_NOTIFICATIONS): Used to deliver local ritual reminders you schedule. You can deny this permission; the App still works, but reminders will not appear.
- Vibrate: Used for light haptic feedback on supported actions.
- Google Play Billing (com.android.vending.BILLING): Used to process in-app subscriptions through Google Play.
The App does not request location, contacts, camera, microphone, or broad storage access to upload your personal files to us. Backup export uses the system share sheet; import uses the system document picker — files you choose are read only for restore and are not sent to our servers except when you are signed in and the restored rituals sync to Firestore.
5. THIRD-PARTY SERVICES
Google Sign-In and Firebase (Authentication, Cloud Firestore) Google processes sign-in and hosts synced data according to Google's policies:
- Google Privacy Policy: https://policies.google.com/privacy
RevenueCat and Google Play Billing Subscriptions are sold through Google Play. RevenueCat helps validate subscription status. Google and RevenueCat may process purchase identifiers, subscription status, and device or app instance data needed for billing.
- RevenueCat Privacy Policy: https://www.revenuecat.com/privacy
- Google Play Terms: https://play.google.com/about/play-terms
We do not use Google AdMob or other in-app advertising networks in this App.
6. NOTIFICATIONS
If you allow notifications and enable ritual reminders, the App schedules local notifications on your device at times you set. Notification content is generated from your ritual names and reminder text stored on the device. We do not use notifications to collect personal data.
7. CHILDREN'S PRIVACY
The App is not directed at children under 13. We do not knowingly collect personal information from children.
8. DATA RETENTION AND DELETION
- Local data: delete via Android App info → Storage → Clear data, or uninstall the App.
- Cloud data: while your Firebase account document exists, ritual data synced under your user ID remains until you delete rituals in the App or request deletion (see Contact). Deleting the App from your device does not automatically delete Firestore data if you were signed in.
To request deletion of cloud data associated with your account, contact us at photographywithdc@gmail.com and include the Google account email you used to sign in.
9. CHANGES TO THIS POLICY
We may update this Privacy Policy from time to time. The "Last updated" date at the top will change when we do. Continued use of the App after changes means you accept the updated policy.
10. CONTACT
For privacy questions about this App, contact the developer at photographywithdc@gmail.com.
Developer Email: photographywithdc@gmail.com