Privacy Policy
Effective Date: March 5, 2026 · Last Updated: March 5, 2026
AhaDaily ("we," "our," or "us") is operated by Vic Yu. This Privacy Policy explains how we collect, use, share, and protect your personal information when you use the AhaDaily mobile application ("App") and our website at ahadaily.app ("Website").
By using AhaDaily, you agree to the practices described in this policy. If you do not agree, please do not use our services.
1. Information We Collect
1.1 Account Information
When you sign in with Apple or Google, we receive:
- Email address — used as your account identifier
- Display name — shown in your profile (you can change this)
- Profile photo URL — from your OAuth provider (optional)
We do not receive or store your Apple/Google password.
1.2 Photos You Upload
When you take or select a photo in AhaDaily:
- EXIF metadata (location, device info) is stripped before upload
- Photos are compressed to a maximum of 1024 pixels
- Photos are stored in an encrypted storage bucket with time-limited signed URLs (expire after 24 hours)
1.3 Quiz and Activity Data
- Quiz answers and scores
- Badge and level progress
- Token balance (in-app currency)
- Quiz quality ratings (feedback you provide)
1.4 Device Information
- Device language/locale (to display content in your language)
- App interaction data (features used, screens viewed)
We do not collect precise location, contacts, health data, browsing history, or advertising identifiers.
2. How We Use Your Information
- Generate AI quizzes — Your photos are sent to Google Gemini to create fun fact quizzes
- Track your progress — Levels, badges, and scores
- Improve quiz quality — Your ratings help us refine AI-generated content
- Manage your account — Authentication, profile settings
- Communicate with you — Service updates, support responses
3. Third-Party AI Service — Google Gemini
Important: AhaDaily uses Google Gemini API (provided by Google LLC) to generate quiz content from your photos. This is a third-party AI service.
When you take a photo and generate a quiz:
- Your photo is sent to Google Gemini as a base64-encoded image
- Gemini analyzes the image and returns quiz questions, fun facts, and related information
- Google processes this data according to Google's Gemini API Terms of Service
- We do not send your name, email, or other personal identifiers to Gemini — only the photo content
4. Other Third-Party Services
| Service | Provider | Purpose |
|---|---|---|
| Supabase | Supabase Inc. | Database, file storage, user authentication |
| Apple Sign In | Apple Inc. | OAuth authentication |
| Google Sign In | Google LLC | OAuth authentication |
We do not sell, rent, or share your personal information with advertisers or data brokers.
5. Data Retention and Deletion
We retain your data for as long as your account is active. When you delete your account:
- All personal data is permanently deleted
- All photos are removed from storage
- All quiz history, badges, levels, and tokens are erased
- Your authentication record is removed
This deletion is complete and irreversible (cascade delete). You can delete your account at any time within the App (Settings → Account → Delete Account) or by contacting us.
6. Data Security
- All data is transmitted over HTTPS (TLS encryption)
- Database access is protected by Row Level Security (RLS) — users can only access their own data
- Photos are accessible only via signed URLs that expire after 24 hours
- OAuth tokens are securely managed by Apple/Google
7. Children's Privacy
AhaDaily is intended for users aged 13 and older. We do not knowingly collect personal information from children under 13. If we become aware that a child under 13 has provided us with personal information, we will promptly delete it. If you believe a child under 13 is using AhaDaily, please contact us at support@ahadaily.app.
8. Your Rights
8.1 All Users
You have the right to:
- Access your personal data
- Correct inaccurate data (edit your profile name and photo)
- Delete your account and all associated data
- Withdraw consent at any time by deleting your account
8.2 European Economic Area (GDPR)
If you are located in the EEA, you additionally have the right to:
- Data portability — request a copy of your data in a portable format
- Restrict processing — limit how we use your data
- Object to processing — object to certain uses of your data
- Lodge a complaint with your local data protection authority
Our legal basis for processing your data is your consent (provided when you create an account and use the App) and legitimate interest (improving our services).
8.3 California Residents (CCPA)
If you are a California resident, you have the right to:
- Know what personal information we collect, use, and disclose
- Delete your personal information
- Non-discrimination — we will not treat you differently for exercising your rights
We do not sell your personal information. We do not share personal information for cross-context behavioral advertising.
9. Cookies
The AhaDaily App does not use cookies. Our Website (ahadaily.app) uses only essential cookies required for basic functionality. We do not use tracking cookies, analytics cookies, or advertising cookies.
10. Changes to This Policy
We may update this Privacy Policy from time to time. When we make significant changes, we will notify you through the App and update the "Last Updated" date above. Your continued use of AhaDaily after changes are posted constitutes your acceptance of the updated policy.
11. Contact Us
If you have questions about this Privacy Policy or wish to exercise your data rights, contact us at:
Email: support@ahadaily.app
Operator: Vic Yu