Privacy Policy for Highlight

Last Updated: December 27, 2025

Introduction

Tiago Almeida ("we", "us", or "our") operates the Highlight mobile application (the "App"). This page informs you of our policies regarding the collection, use, and disclosure of personal information when you use our App.

Information Collection and Use

Data We Collect

Account Information:

  • Email address (via Google Sign-In or Firebase Authentication)
  • Profile information (name, profile picture if provided by Google)

Health and Fitness Data:

  • Step count
  • Sleep data
  • Active calories burned
  • Total calories burned
  • Exercise/activity data
  • Distance traveled

Location Data:

  • Precise location (GPS coordinates) when you add places to your moments
  • Location data is only collected when you explicitly use the location feature

User-Generated Content:

  • Photos and videos you upload
  • Notes and text entries
  • Calendar events and moments you create
  • Emoji reactions

Device Information:

  • Device model and operating system
  • App version
  • Push notification tokens
  • Crash logs and error reports

How We Use Your Data

We use the collected data for the following purposes:

  • To provide core functionality: Display your moments, health data, and calendar
  • To sync your data: Store and sync your content across your devices via Firebase
  • To send notifications: Remind you about scheduled moments and app updates
  • To improve the app: Analyze usage patterns and fix bugs
  • To provide customer support: Respond to your requests and troubleshoot issues

Data Storage

  • All user data is stored securely using Firebase Cloud Firestore
  • Photos and videos are stored in Firebase Storage
  • Health data is accessed through HealthKit (iOS) or Health Connect (Android) and stored locally or in our database per your preferences
  • We implement industry-standard security measures to protect your data

Data Sharing

We do NOT sell your personal information.

We may share your data only in the following circumstances:

  • With your consent: When you explicitly agree to share data
  • Service providers: Third-party services that help us operate the app (Firebase for authentication, database, and storage)
  • Legal requirements: When required by law or to protect our rights

Third-Party Services

Our app uses the following third-party services:

  • Firebase (Google): Authentication, Cloud Firestore, Cloud Storage, Cloud Messaging - Privacy Policy
  • Google Sign-In: For authentication - Privacy Policy

Health Data Privacy

iOS HealthKit:

  • Health data accessed through HealthKit remains on your device
  • We only read health data you explicitly grant permission to access
  • Health data is never shared with third parties without your consent
  • You can revoke health data access at any time in iOS Settings

Android Health Connect:

  • Health data accessed through Health Connect is stored locally
  • We only access health data types you approve
  • You can manage permissions in Android Settings → Health Connect

Your Data Rights

You have the right to:

  • Access: Request a copy of your personal data
  • Correction: Request correction of inaccurate data
  • Deletion: Request deletion of your account and all associated data
  • Portability: Receive your data in a portable format
  • Withdraw consent: Stop using location, health data, or other features at any time

To exercise these rights, contact us at tiago.ta.almeida25@gmail.com.

Data Retention

  • Active accounts: Data is retained while your account is active
  • Deleted accounts: All personal data is permanently deleted within 30 days of account deletion
  • Backup data: May be retained for up to 90 days in secure backups

Children's Privacy

Our app is not intended for children under 13 (or 16 in Europe). We do not knowingly collect data from children. If you believe we have collected data from a child, please contact us immediately.

Push Notifications

We use Firebase Cloud Messaging to send you:

  • Reminders about your scheduled moments
  • Important app updates

You can disable notifications in your device settings at any time.

Location Services

Location services are used only when you:

  • Add a location to a moment
  • Use the map feature

You can control location permissions in your device settings.

Camera and Photo Access

We request access to your camera and photo library only when you want to:

  • Take photos or videos for your moments
  • Upload existing photos or videos

We do not access your camera or photos without your permission.

Data Security

We implement security measures including:

  • Encryption in transit (HTTPS/TLS)
  • Firebase security rules
  • Secure authentication via Firebase Authentication
  • Regular security audits

However, no method of transmission over the internet is 100% secure.

Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by:

  • Posting the new Privacy Policy on this page
  • Updating the "Last Updated" date
  • Sending an in-app notification for significant changes

International Data Transfers

Your data may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your data in accordance with this Privacy Policy.

California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information we collect
  • Right to delete personal information
  • Right to opt-out of the sale of personal information (we don't sell data)
  • Right to non-discrimination

European Privacy Rights (GDPR)

If you are in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR):

  • Right to access your data
  • Right to rectification
  • Right to erasure ("right to be forgotten")
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing
  • Rights related to automated decision-making

Contact Us

If you have any questions about this Privacy Policy, please contact us:

Compliance

This Privacy Policy complies with:

  • Apple App Store Guidelines
  • Google Play Store Policies
  • GDPR (General Data Protection Regulation)
  • CCPA (California Consumer Privacy Act)
  • COPPA (Children's Online Privacy Protection Act)