SnapHabit LLC takes privacy, data protection, and responsible disclosure seriously.
This policy outlines how to report security issues and what to expect from us.
SnapHabit LLC builds privacy‑first wellness technology focused on:
- On‑device behavioral audio detection
- No raw audio storage
- Minimal metadata retention
- User‑controlled data
- Strict transparency
Our provisional patent covers localized detection pipelines to ensure maximum privacy.
If you discover a security or privacy issue, contact:
📧 security@awareflow.app
(Alternate: support@awareflow.app)
- Description of the issue
- Reproduction steps
- Potential impact
- Proof‑of‑concept (if available)
- Whether you prefer public or private acknowledgment
We acknowledge reports within 72 hours.
We ask that you:
- Avoid public disclosure until we evaluate the issue
- Do not access other users’ data
- Avoid disruptive testing (e.g., denial‑of‑service)
- Avoid automated scanners that overload servers
We commit to:
- Verifying all non‑spam reports
- Providing fixes or mitigations
- Communicating status updates
- Crediting contributors (if desired)
Covered:
- getsnaphabit.com
- awareflow.app
- Static website assets
- All apps shipped under team ID DQ87579XV3
Not covered:
- Third‑party services (GitHub Pages, DNS, Apple APIs)
- Personal forks or modified versions
These are not considered vulnerabilities:
- Missing headers on GitHub Pages
- CSS/HTML injection requiring device access
- Self‑XSS
- Rate‑limiting complaints
- Social engineering attempts
SnapHabit LLC ensures:
- No cloud audio processing
- No advertising identifiers
- No sale or transfer of personal data
- User may request data deletion at any time
- All habit detection runs locally
- v1.0 — November 2025: Initial publication.