Privacy Policy
Last Update: May 2026
aroa is operated by Laksh Bhadech, based in Mumbai, India. For privacy-related inquiries, contact us at .
Your privacy matters deeply to us. This Privacy Policy explains honestly and completely what data aroa collects, why we collect it, how it is stored, and what you can do with it. We collect data solely to understand how aroa is being used and to make it better. We do not sell, share, or monetise your data in any form.
1. What We Collect and Why
a) Account Information
When you create an account, we collect your name and email address. This is the only personal identifying information we collect. It is used to manage your account, provide support, and communicate with you about the Service.
b) App Usage Metrics
aroa's core feature requires access to how you use your designated habit apps. On Android, this is accessed via the UsageStats API. On iOS, this is accessed via the Screen Time and FamilyControls frameworks.
We collect the following derived metrics and store them on our servers:
- Total daily screen time across your selected habit apps
- Pickup frequency — how often you open your habit apps in a given period
- Your awareness state (green, yellow, or red) and how long you spent in each state per day
Raw app-level usage data (e.g. which specific app you opened at what time) is processed on your device only and is never transmitted to our servers. Only the derived metrics listed above are stored.
Before any permission is requested, aroa will show you a clear, in-app explanation of what access is needed and why — so you can make an informed choice. This applies to both Android (UsageStats) and iOS (Screen Time / FamilyControls) permission flows.
You may revoke this permission at any time: on Android, via Settings → Digital Wellbeing or Apps → Special App Access → Usage Access; on iOS, via Settings → Screen Time. Revoking this permission will disable aroa's core awareness features.
c) Intercept Interactions
Each time aroa's intercept screen appears, we record the choice you made: close the app, pause with aroa, or continue. This data is stored against your account and used to understand how aroa is being used over time. No other context about what you were doing on your phone is captured.
d) Journal and Mood Entries
If you choose to use the journal or mood logging features, your entries are stored on our servers. This data is entirely optional. It is treated as private, used only to provide and improve the Service, and is never shared with or accessible to any third party. Supabase, our infrastructure provider, stores this data on our behalf under strict confidentiality obligations and has no independent access to or use of your journal content. You may delete your entries at any time.
e) In-App Actions
We record interactions with aroa's features — such as activating Intentional Pause Mode, using Pause aroa Mode, or engaging with the Take Action and Let My Mind Breathe cards. This helps us understand which features are valuable and where the product can improve.
Intentional Pause Mode (also referred to as Hardcore Mode in some contexts) is a user-initiated feature that restricts your selected habit apps for a 48-hour period. It is activated only by your explicit choice and confirmation within the app. aroa cannot trigger, schedule, or extend this mode on your behalf. You remain in full control at all times.
f) Device and Technical Information
We automatically collect basic technical information including your device type, operating system version, app version, and crash or diagnostic data. This is used solely to maintain the stability and performance of the Service.
g) Website Analytics
Our website (aroa.life) uses Google Analytics (GA4) to collect anonymised data about how visitors use the site — including pages viewed, time spent, and general geographic location. This data is aggregated and cannot be used to identify you personally. Google Analytics uses cookies to distinguish visitors. By using aroa.life, you consent to the processing of data about you by Google in the manner and for the purposes described at policies.google.com/privacy.
h) Subscription Metadata
Subscription and payment transactions are processed exclusively by the Apple App Store or Google Play Store. We receive only confirmation of subscription status — we never see or store your payment details.
We do not collect:
- Your contacts, photos, microphone, or camera data
- Location data
- The specific apps you have installed beyond those you designate as habit apps
- Any data from third-party apps beyond the derived usage metrics described above
2. How We Store Your Data
Your data is stored securely on Supabase, a cloud database provider. Personal identifiers (name, email) are stored separately from behavioural data (usage metrics, intercept choices, journal entries). Behavioural data is linked to your account via an internal user ID, not directly to your name or email.
This separation means that if you request deletion of your account, your personal identifiers are permanently removed and your behavioural data is anonymised — it can no longer be linked back to you.
Supabase processes data under confidentiality obligations and is required to protect your data and use it only as necessary to provide infrastructure services. You can review Supabase's privacy practices at supabase.com/privacy.
3. How We Use Your Data
All data collected is used for the following purposes only:
- To deliver aroa's core awareness and intercept features
- To measure and understand how the app is being used, so we can improve it
- To identify technical issues and maintain the stability of the Service
- To provide customer support
- To manage your subscription and account
We do not use your data for advertising, profiling for commercial purposes, or any purpose beyond those listed above.
4. Cohort-Based Analysis
To understand how aroa's impact evolves over time, we group users by the month they installed aroa. This allows us to measure patterns — such as how awareness states change over weeks of use — without mixing data across different points in the product's development. This analysis is performed on anonymised, aggregated data and does not involve identifying or singling out individual users.
5. Third-Party Service Providers
We use the following third-party providers to operate the Service:
- Supabase — secure cloud database and backend infrastructure. Your account data, usage metrics, and journal entries are stored on Supabase servers. Privacy policy: supabase.com/privacy.
- Firebase (Google) — crash reporting and app diagnostics. Firebase collects anonymised crash logs and performance data to help us identify and fix technical issues. No personally identifying information is shared. Privacy policy: firebase.google.com/support/privacy.
- Apple App Store / Google Play Store — app distribution and subscription processing
- Google Analytics (GA4) — website analytics to understand how visitors interact with aroa.life. Google Analytics collects anonymised usage data including pages visited, session duration, and general location (country/city level). No personally identifying information is shared with Google. You can opt out of Google Analytics tracking at any time using the Google Analytics Opt-out Browser Add-on.
All third-party providers are bound by confidentiality obligations and may only use your data as necessary to provide their services to us.
6. Data Retention and Deletion
You may request deletion of your account and associated data at any time by contacting us at or through in-app settings where available.
What is permanently deleted upon request:
- Your name and email address
- Your journal and mood entries
- Your account credentials and preferences
What is retained in anonymised form:
- Derived usage metrics, awareness state history, and intercept interaction records — stripped of all personal identifiers and retained solely for aggregate service improvement analysis
- This anonymised data cannot be re-linked to you after deletion
Legal hold period: We may retain certain data for up to 90 days after a deletion request where required by law, to resolve disputes, or to prevent fraud. After this period, all personal data is permanently deleted.
Where no deletion request is made, personal data is retained only for as long as necessary to provide the Service or comply with applicable legal obligations.
7. Your Rights
Depending on your jurisdiction, you may have the right to:
- Access the personal data we hold about you
- Request correction of inaccurate data
- Request deletion of your data
- Withdraw consent for data collection (by revoking permissions or deleting your account)
To exercise any of these rights, contact us at or via in-app settings where available. We will respond within 30 days.
8. Children's Privacy
aroa is intended for users aged 18 and above. We do not knowingly collect personal data from anyone under 18. If we become aware that a user is under 18, we will delete their account and associated data promptly.
This age requirement reflects both the nature of the Service and our obligations under the Digital Personal Data Protection Act, 2023 (India), which requires verifiable parental consent for users under 18.
9. Security
We implement reasonable technical and organisational measures to protect your data, including encrypted storage and secure access controls. However, no method of transmission over the internet is completely secure. We will notify affected users promptly in the event of a data breach.
10. Changes to This Policy
We may update this policy as the Service evolves. Material changes will be communicated through the app or via email. The date at the top of this page reflects when the policy was last updated. Continued use of the Service after an update constitutes acceptance of the revised policy.