Privacy Policy
Last updated
Ritua is built to keep your habits private. Here is exactly what that means: in plain language, and in full.
Who we are
Ritua is a local-first habit tracker for iOS and Android. The product is operated under the name Supercollective (“we”, “us”) — a personal studio brand, not a separate company. This Privacy Policy explains what information the app does and does not handle, and it applies to the Ritua mobile app and this website, getritua.com.
If anything here is unclear, email us at support@getritua.com. We would rather answer a question than have you guess.
Local-first by design
Ritua has no account system and no Ritua server. There is nothing to sign up for and nothing to log in to. Everything you track (your rituals, your check-ins, your notes) is stored in a database on your device and never sent to us.
Because there is no cloud copy, we cannot read your habits, sell them, analyse them, or lose them in a breach. The trade-off is the honest one: your data lives with you, so keeping a backup is up to you (see Exporting, importing, and sharing).
What stays on your device
The following is stored locally in the app’s on-device database and, unless you choose to export or share it, never leaves your phone or tablet:
- Your rituals: names, descriptions, icons, colours, categories, and reminder settings.
- Your daily check-ins, completion counts, and streak history.
- Any free-text notes you attach to an entry.
- App preferences such as theme (light or dark) and language.
- Whether you have unlocked Premium: a simple on/off flag cached on the device.
We do not have a copy of any of this. When we say “we never see it”, we mean it literally: there is no channel for it to reach us.
What we don’t collect
To be concrete, Ritua does not collect, request, or transmit any of the following:
- Your name, email address, phone number, or any account credentials; there is no account.
- Usage analytics, event tracking, or behavioural profiling. There is no analytics SDK in the app.
- Crash or diagnostic telemetry sent to us.
- Advertising identifiers (such as Apple’s IDFA or Google’s Advertising ID). Ritua shows no ads and includes no ad or tracking SDKs.
- Your location, contacts, photos, camera, microphone, calendar, or health data from other apps.
Ritua does not track you across apps or websites, and there is nothing to opt out of because there is nothing being tracked.
Purchases and subscriptions
Ritua offers an optional one-time Premium purchase and optional yearly and monthly subscriptions. When you choose to buy, the transaction is handled by the Apple App Store or Google Play, with subscription state managed through RevenueCat, our purchase-management provider.
Ritua never sees or stores your payment-card details. We do not send RevenueCat your name or email. Ritua identifies your purchase using an anonymous, randomly generated ID tied to your app installation, not to you personally.
To process a purchase and keep Premium in sync across your own devices, these providers necessarily handle standard billing information: the purchase and receipt, the anonymous identifier, and coarse device and store metadata (device model, operating system, country, and IP address). That processing is governed by their own privacy policies, linked in Third-party services. If you never make a purchase, the app performs no network requests at all for payments.
Reminders and notifications
Reminders in Ritua are local notifications scheduled by your device. When you set a reminder for a ritual, your phone’s operating system delivers it at the chosen time. There is no push server, and no push token is ever created or sent anywhere.
Ritua asks for notification permission only when you first add or edit a reminder, never at launch, and never for marketing. If you decline, the rest of the app works exactly the same.
Third-party services
Ritua relies on a small, deliberate set of third parties, and only for the purposes described above. We encourage you to review their privacy practices:
- Apple App Store: app distribution and payment processing on iOS. Apple’s Privacy Policy.
- Google Play: app distribution and payment processing on Android. Google’s Privacy Policy.
- RevenueCat: subscription and purchase management (using an anonymous ID). RevenueCat’s Privacy Policy.
That is the complete list. Ritua embeds no other analytics, advertising, social, or tracking services.
Keeping and deleting your data
Because your data lives on your device, you are in direct control of how long it is kept and when it is removed:
- Delete an individual ritual or entry inside the app to remove it and its history.
- Uninstall Ritua to delete the entire on-device database. Once the app is removed, that data is gone from the device; we hold no copy to restore it from, so export a backup first if you want to keep it.
For purchase records held by Apple, Google, or RevenueCat, retention and deletion follow their policies; you can manage your subscription and request data directly from them.
Your privacy rights
Depending on where you live, privacy laws such as the GDPR (Europe / UK) and the CCPA/CPRA (California) give you rights to access, correct, delete, or port your personal data, and to object to certain processing.
With Ritua these rights are unusually simple to exercise: because we hold no personal data about you on any server, there is no profile for us to retrieve, correct, or erase. You already have full, direct access to your data on your device: you can view, edit, export, and delete all of it yourself, without asking us. We do not sell or “share” personal information, and there is nothing to opt out of. For any data processed by our payment providers, you can exercise your rights with them directly.
Children’s privacy
Ritua is intended for a general audience and is not directed to children under 13 (or the minimum age of digital consent in your country). We do not knowingly collect personal information from children; in fact, we do not collect personal information from anyone. If you believe a child has provided us information, there is nothing for us to hold, but you are welcome to contact us.
Security
Your Ritua data is protected by your device’s own security: its passcode or biometrics, and the operating system’s sandboxing that keeps one app’s data separate from another’s. We recommend setting a device passcode and enabling encrypted device backups.
Because none of your habit data sits on a Ritua server, there is no central database for an attacker to breach. The most important safeguard is the one you control: keep your device secure, and keep your own backups somewhere you trust.
Changes to this policy
If we update this policy, we will revise the “Last updated” date above and post the new version here. For material changes, we will make a reasonable effort to flag them (for example, in the app). Because Ritua’s privacy model is structural rather than a promise we could quietly change, substantive changes should be rare.
Contact us
Questions, concerns, or requests about privacy? Email support@getritua.com and a real person will reply. This policy is also available any time at getritua.com/privacy-policy, linked from the app’s onboarding and Settings.
This document is available at getritua.com/privacy-policy/. Questions? Write to support@getritua.com.