Privacy Policy
Effective date: July 17, 2026
1. Who We Are
Hibern is an iOS alarm application developed and operated by an independent developer based in France. Throughout this policy, "Hibern," "we," "our," and "us" refer to the operator of the Hibern app and the hibern.info website.
If you have questions about this policy or your data, you can reach us at hello@hibern.info.
2. Scope of This Policy
This policy applies to:
- The Hibern iOS application ("the App"), available on the Apple App Store
- The hibern.info website ("the Website")
- The Hibern backend service used for alarm-proof verification
This policy does not apply to third-party services linked from the App or Website. Each service provider listed in this policy operates under its own privacy terms.
3. Information We Collect
3.1 Device and Identifier Information
When you use the App, the following identifiers may be processed by the App or its integrated service providers:
- PostHog anonymous identifier: PostHog assigns a random identifier to each app installation. This identifier is persistent across sessions and is used to associate analytics events and person properties with a single installation. It is not linked to your name, email, or Apple ID, but it is a persistent identifier tied to your usage profile within PostHog.
- Advertising identifier (IDFA): If you grant permission through Apple's App Tracking Transparency (ATT) prompt, the TikTok Business SDK may access your device's Identifier for Advertisers. This identifier is used for advertising attribution and campaign measurement. If you decline the ATT prompt, the IDFA is not accessed.
- Device information: The TikTok Business SDK and Superwall SDK automatically collect basic device information (device model, operating system version, language, time zone) as part of their standard operation.
- Transaction identifiers: When you make a purchase or start a free trial through the App, Apple StoreKit transaction identifiers and original transaction identifiers may be forwarded to TikTok for conversion measurement (see Section 7).
- IP address: Your IP address is visible to the servers that process your requests. The Hibern proof-verification backend uses your IP address solely for rate limiting (maximum 20 requests per 10 minutes). This IP address is held in temporary memory and is not logged or stored persistently. PostHog, TikTok, and Superwall also receive your IP address as part of standard HTTPS communication.
3.2 Onboarding and Profile Information
During onboarding, the App asks you a series of questions to personalize your experience and determine your wake-up profile. The following information is collected and sent to PostHog:
- Age range: A bracket you select (e.g., 18–24, 25–34, 35–44)
- Gender: "Woman" or "Man"
- Wake-up behavior answers: Your responses to questions about wake-up struggle frequency, first alarm response, unconscious alarm dismissal habits, how long it takes you to get out of bed, how your mornings feel, how much control you feel over your alarm, and your current wake-up strategies
- Alarm control score: A numeric score (0–100) derived from a slider, bucketed into low, medium-low, medium-high, or high
- Wake-up type: A profile label computed from your answers (e.g., "snooze loop," "scroll trap," "phantom dismisser," "slow riser," "inconsistent riser")
- Language preference: English or French
This information is sent to PostHog as event properties and stored as persistent person properties associated with your PostHog anonymous identifier. These answers are not anonymous in the strict sense — they are linked to a persistent analytics profile, even though that profile is not connected to your name or email address.
Onboarding answers are also stored locally on your device.
3.3 App Usage and Analytics
Hibern uses PostHog (hosted in the EU at eu.i.posthog.com) for product analytics. PostHog's automatic event capture features — including automatic screen views, lifecycle events, element interaction capture, rage-click detection, session replay, automatic error capture, and surveys — are all explicitly disabled in Hibern. Only the following manually instrumented events are sent:
- onboarding_screen_viewed — records which onboarding screen you viewed, with screen name, screen index, screen count, and language
- onboarding_question_answered — records your answer to each onboarding question, with question ID, answer value(s), and language. For the demographics question, age range and gender are included.
- onboarding_completed — records that you finished onboarding, with your wake-up type, age range, gender, and language
No other app events — such as alarm creation, alarm ringing, mission completion, settings changes, or general screen views — are sent to PostHog or any other analytics provider.
3.4 Subscriptions and Purchases
Hibern offers optional paid subscriptions ("Hibern Plus") processed entirely through Apple's App Store and StoreKit. Hibern does not directly collect, process, or store your payment-card details, billing address, or Apple ID credentials.
The following purchase-related information is available to the App and may be processed by its service providers:
- Product identifier (e.g., monthly or annual plan)
- Subscription status (active, inactive, expired)
- Free-trial status and trial start
- Purchase date and renewal status
- Transaction identifier and original transaction identifier (assigned by Apple)
- Price, currency, and localized price
- Subscription period
Superwall is used to display, test, and manage paywalls within the App. Superwall receives subscription status information from StoreKit to determine whether to show a paywall and to track paywall conversion rates. Superwall also receives the App's language attribute (English or French) to display the correct paywall version.
TikTok receives purchase and subscription lifecycle events through a bridge between Superwall and the TikTok Business SDK (see Section 7 for details).
3.5 Alarm-Proof Photos and AI Verification
Certain wake-up missions require you to take a photo as proof of task completion (for example, photographing a made bed or a randomly selected object). When you submit a proof photo:
- The photo is captured using your device's rear camera, resized to a maximum of 960 pixels, and compressed as a JPEG image.
- The compressed image is sent to Hibern's backend server, hosted on Vercel, at a dedicated verification endpoint.
- The backend forwards the image and a text prompt describing the verification task to Google's Gemini API (models: gemini-2.5-flash-lite or gemini-2.5-flash) for AI-based image analysis.
- Gemini returns a structured result indicating whether the mission was completed, a confidence score, and a brief reason.
- The backend returns this result to the App. The image is then discarded.
What is not sent to Gemini: No user identifier, device identifier, email address, account information, or analytics identifier is included in the verification request. Gemini receives only the image and the challenge prompt.
Image retention: The Hibern backend does not store proof images. The backend has no database, no file-storage service, and no object-storage bucket. Images exist only in the serverless function's temporary memory during the few seconds required for verification, and are discarded when the function completes. The backend does not log image data, user identifiers, or IP addresses — only sanitized error messages are logged in case of technical failures.
Google Gemini API data use: According to Google's Gemini API Terms of Service, data sent through the paid Gemini API is not used by Google to train its AI models. Google may retain API inputs and outputs for a limited period for abuse monitoring and debugging purposes as described in its terms. We encourage you to review Google's current terms for the most up-to-date information.
3.6 Motion and Sensor Data
For movement-based missions (shake phone, squats, push-ups), the App accesses your device's motion sensors and, for exercise missions, the device camera with Apple's Vision framework for pose detection. This data is processed entirely on your device and is not transmitted to any server or third party.
3.7 Diagnostics
The App collects basic diagnostic and crash information using Apple's MetricKit framework. Diagnostic entries are stored locally on your device (up to 80 entries in UserDefaults). This diagnostic data is not transmitted to any server or third party.
3.8 Support Communications
If you contact us by email at hello@hibern.info, we receive your email address, the content of your message, and any attachments you include. We use this information only to respond to your inquiry.
4. Advertising Attribution and Tracking
Hibern uses the TikTok Business SDK (version 1.6) for advertising attribution and campaign measurement. Hibern does not display advertisements within the App.
Events Sent to TikTok
The following events are sent to TikTok through a bridge between Superwall (which manages paywalls) and the TikTok Business SDK:
- Paywall events: paywall opened (ViewContent), paywall closed, paywall declined
- Purchase events: checkout started (InitiateCheckout), free trial started (StartTrial), subscription started (Subscribe), purchase completed (Purchase), purchase failed, purchase abandoned, purchase restored
Data Included With TikTok Events
Each event sent to TikTok may include:
- Event name and a unique event identifier
- Paywall metadata: placement name, paywall ID, paywall name, presentation ID, whether a free trial is available
- Product information: product identifier, price, currency, localized price, subscription period
- Transaction identifiers: Apple StoreKit transaction ID and original transaction ID (for purchase events)
- Device information automatically collected by the TikTok SDK (device model, OS version, language, time zone)
- IDFA (Identifier for Advertisers) — only if you grant permission via the ATT prompt
TikTok automatic payment tracking is disabled in the App's TikTok SDK configuration. All purchase events are sent explicitly through the Superwall–TikTok bridge described above.
TikTok uses this information for install attribution, campaign measurement, ad optimization, and audience creation in accordance with TikTok's Privacy Policy.
App Tracking Transparency
The App requests your tracking permission through Apple's App Tracking Transparency (ATT) framework when you first open the App. If you decline, the TikTok SDK does not receive your IDFA. You can change your tracking preference at any time via Settings > Privacy & Security > Tracking on your iPhone.
Regardless of your ATT choice, TikTok may still receive non-identifier event data (such as purchase events and paywall interactions) as described above.
5. How We Use Information
We use the information described in this policy for the following purposes:
- Providing the App: Processing alarm schedules, missions, streaks, and wake-up sessions
- Proof verification: Sending proof photos to the Gemini API to verify that alarm missions were completed
- Product analytics: Understanding onboarding completion rates and user profiles to improve the App (via PostHog)
- Subscription management: Determining your subscription status to unlock premium features (via Apple StoreKit and Superwall)
- Paywall optimization: Selecting and testing paywall configurations based on language and subscription status (via Superwall)
- Advertising measurement: Measuring the effectiveness of advertising campaigns and attributing app installs and conversions (via TikTok)
- Rate limiting: Preventing abuse of the proof-verification backend using temporary IP-based rate limiting
- Support: Responding to your emails and support requests
- Legal compliance: Meeting applicable legal obligations
6. Service Providers and Data Sharing
We share information with the following third-party service providers. Each provider processes data for the purposes described below and operates under its own privacy terms.
Apple (App Store, StoreKit)
- Service: Payment processing, subscription management, app distribution
- Data received: Payment details, purchase history, subscription status — processed entirely by Apple
- Role: Independent controller for payment data
- Privacy information: apple.com/legal/privacy
PostHog
- Service: Product analytics
- Data received: Onboarding events, onboarding question answers (including age range, gender, wake-up behavior), wake-up type, language preference — all associated with a persistent anonymous identifier
- Data hosting: European Union (eu.i.posthog.com)
- Role: Data processor
- Privacy information: posthog.com/privacy
TikTok
- Service: Advertising attribution, campaign measurement, ad optimization
- Data received: Paywall events, purchase and subscription events (including product identifiers, prices, currency, transaction identifiers), device information, IDFA (if ATT is granted)
- Role: Independent controller for advertising data. Under applicable data-protection laws, TikTok's receipt of advertising events and identifiers may constitute a "sale" or "sharing" of personal information.
- Privacy information: tiktok.com/legal/privacy-policy
Superwall
- Service: Paywall display, paywall A/B testing, subscription-status interpretation
- Data received: Subscription status, language preference, paywall impression and conversion events, device information
- Role: Data processor
- Privacy information: superwall.com/legal/privacy-policy
Google (Gemini API)
- Service: AI-powered image verification for alarm-proof missions
- Data received: Proof photos and text prompts describing the verification task. No user identifiers are included.
- Role: Data processor for the image-verification request
- Privacy information: Gemini API Terms of Service
Vercel
- Service: Hosting for the proof-verification backend and the hibern.info website
- Data received: HTTP requests including IP address, request headers, and request body (proof images in transit). Vercel may retain standard server logs.
- Role: Infrastructure provider / data processor
- Privacy information: vercel.com/legal/privacy-policy
Other Sharing
We may also disclose information if required by law, regulation, or legal process, or in connection with a merger, acquisition, or sale of assets.
7. App Tracking Transparency and User Choices
You have the following choices regarding your data:
- Tracking permission: You can decline the ATT prompt when it appears, or change your choice at any time in Settings > Privacy & Security > Tracking on your iPhone. Declining prevents the TikTok SDK from accessing your IDFA.
- Camera and motion permissions: You can revoke camera or motion-sensor access at any time in Settings > Hibern on your iPhone. Revoking camera access will prevent photo-based missions from working. Revoking motion access will prevent shake, squat, and push-up missions from working.
- Notification permissions: You can disable alarm notifications in Settings > Notifications > Hibern. This may affect alarm functionality.
- Subscription management: You can view, change, or cancel your Hibern Plus subscription in Settings > [your name] > Subscriptions on your iPhone.
8. Legal Bases for Processing (EEA, UK, and Switzerland)
If you are located in the European Economic Area, United Kingdom, or Switzerland, we process your personal data on the following legal bases:
- Performance of a contract: Processing alarm schedules, missions, streaks, proof verification, and subscription management — all necessary to provide the App's core functionality
- Consent: Advertising tracking via the ATT prompt. You may withdraw consent at any time through iOS Settings; withdrawal does not affect processing that occurred lawfully before withdrawal
- Legitimate interests: Product analytics (understanding onboarding flows and user profiles to improve the App), rate limiting to prevent abuse, and basic security measures. We balance these interests against your rights and do not use this basis for tracking or profiling for advertising.
- Legal obligation: Where we are required to retain data or respond to legal process
9. Data Retention
Different categories of data are retained for different periods:
- PostHog analytics events and person profiles: Retained according to PostHog's default retention settings. PostHog stores events for the duration configured in the project settings. Person profiles (including onboarding answers, age range, gender, and wake-up type) persist until deletion is requested.
- TikTok advertising events: Retained by TikTok in accordance with TikTok's Privacy Policy. Hibern does not control TikTok's retention periods.
- Superwall paywall data: Retained by Superwall in accordance with Superwall's Privacy Policy.
- Proof photos: Not stored. Images exist in temporary server memory only during the seconds required for verification, then are discarded. Gemini API input retention is governed by Google's API terms.
- Vercel server logs: Vercel may retain standard server logs (including IP addresses) in accordance with Vercel's retention policies.
- On-device data: Alarm data, session history, onboarding answers, and diagnostics are stored on your device and persist until you delete the App or reset the App's data.
- Support communications: Emails you send us are retained for as long as reasonably necessary to resolve your inquiry and for our records, unless you request deletion.
10. International Transfers
Your data may be processed outside your country of residence through the following service providers:
- PostHog: Hosted in the European Union (eu.i.posthog.com)
- TikTok: TikTok may process data in the United States, Singapore, and other countries as described in its privacy policy
- Superwall: Based in the United States
- Google (Gemini API): May process requests in the United States or other Google data-center locations
- Vercel: May process requests in the United States or other Vercel edge locations
Where data is transferred outside the EEA, we rely on the safeguards provided by each service provider, which may include Standard Contractual Clauses, adequacy decisions, or other legally recognized transfer mechanisms.
11. Website (hibern.info)
The hibern.info website is a static website hosted on Vercel. The website does not use cookies, analytics scripts, advertising pixels, tracking technologies, or consent-management tools. Vercel may collect standard server-access logs (IP address, browser user-agent, request timestamp) as part of its hosting infrastructure.
12. Security
We implement technical and organizational measures to protect your information, including:
- All data transmitted between the App, our backend, and third-party services uses HTTPS/TLS encryption
- The proof-verification backend runs as a stateless serverless function with no persistent storage
- The Gemini API key is stored server-side only and is never embedded in the App
- Error logs are sanitized to redact API keys and sensitive values
- Rate limiting is applied to the proof-verification endpoint to prevent abuse
No system is 100% secure. We cannot guarantee absolute security of your data during transmission or processing.
13. Children's Privacy
The App's onboarding includes an "under 18" age-range option, reflecting that some users may be minors. However, Hibern is not specifically directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child under 13 has provided personal information through the App, please contact us at hello@hibern.info so we can take appropriate action.
14. Your Privacy Rights
Depending on your jurisdiction (including under the GDPR, UK GDPR, and applicable state privacy laws), you may have the right to:
- Access: Request a copy of the personal data we hold about you
- Correction: Request that we correct inaccurate or incomplete data
- Deletion: Request that we delete your personal data
- Restriction: Request that we restrict the processing of your data
- Objection: Object to processing based on legitimate interests
- Portability: Request a copy of your data in a structured, machine-readable format
- Withdraw consent: Where processing is based on consent (such as tracking), withdraw your consent at any time. Withdrawal does not affect the lawfulness of processing carried out before withdrawal.
To exercise any of these rights, contact us at hello@hibern.info. We will respond within 30 days or as required by applicable law.
If you believe your data-protection rights have been violated, you have the right to lodge a complaint with your local data-protection supervisory authority. In France, this is the Commission Nationale de l'Informatique et des Libertés (CNIL).
15. Deleting Your Information
On-device data: Deleting the Hibern app from your iPhone removes all locally stored data (alarms, session history, onboarding answers, diagnostics).
PostHog data: Deleting the App does not automatically delete your PostHog analytics profile. To request deletion of your PostHog data, contact us at hello@hibern.info.
TikTok data: Events already transmitted to TikTok are governed by TikTok's retention policies. You can disable tracking via iOS Settings to prevent future data from being sent.
Superwall data: To request deletion of data held by Superwall, contact us at hello@hibern.info.
Proof photos: Since proof photos are not stored by our backend, no deletion request is necessary for photos.
16. Changes to This Policy
We may update this Privacy Policy from time to time. When we make material changes, we will update the "Effective date" at the top of this page. We encourage you to review this page periodically. Your continued use of Hibern after changes are posted constitutes your acceptance of the updated policy.
17. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:
- Email: hello@hibern.info
- Support: hibern.info/support