Security

Designed from the beginning to respect your privacy and protect your data.

Platform-first approach

AwareFlow is built using Apple-native technologies to reduce risk and limit external dependencies.

Apple frameworks only: StoreKit for purchases, CloudKit (optional) for sync. No Firebase, no analytics SDKs, no cross-app trackers.
On-device habit detection: Audio is processed locally on your device using Core ML and AVAudioEngine. Raw audio never leaves your device.
Data minimization: We collect only what’s necessary to operate the app or provide support. See our Privacy Policy.

Data protection

Encryption in transit: All network communication uses TLS 1.2 or higher.
Encryption at rest: Apple-managed device and iCloud encryption protect stored data.
Access control: We follow the principle of least privilege for any internal accounts or systems.

Payments

All purchases are processed through Apple’s In-App Purchase system. SnapHabit LLC never receives or stores full payment card details.

Third-party processors

AwareFlow is designed to run primarily without external services. If we use a processor (for example, email support), it will be listed in our Privacy Policy and bound by appropriate agreements.

Responsible disclosure

If you discover a security concern, we encourage responsible reporting. We will review and respond promptly.

Email: security@awareflow.app
Please include: steps to reproduce, expected vs. actual behavior, and relevant details or screenshots.

Updates

As AwareFlow evolves, we update this page and our practices accordingly.

Last updated: 2025-09-24.