Introduction
ReadyApp (also known as "HaoLeMe" or "ε₯½δΊδΉ") is a social accountability countdown application developed and operated by Shixi Chen, an individual developer (referred to as "we," "us," or "our" in this policy). We are committed to protecting your privacy and handling your personal information responsibly and transparently.
This Privacy Policy describes how we collect, use, share, and protect your personal information when you use the ReadyApp mobile application and associated website (haolemeapp.com). Please read this policy carefully before using our services. By using ReadyApp, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with any part of this policy, please do not use our services.
Privacy at a glance:
- We only collect information necessary to provide and improve our services
- We do not sell your personal information to any third party
- We do not use your data for AI model training
- Your data is stored in the United States (AWS us-west-2, Oregon)
- You can view, correct, export, or delete your personal information at any time
- You can delete your account at any time, and we will permanently erase your data
- California residents have additional rights under the CCPA/CPRA
1. Information We Collect
We collect only the minimum information necessary to provide, maintain, and improve our services. Below is a detailed breakdown of each category of information, the purpose for collection, and whether it is required or optional.
Account Registration and Authentication
| Information | Purpose | Required |
|---|---|---|
| Email address | Email-based authentication via one-time passcode (via Clerk) | Yes (if choosing email login) |
| Apple ID identifier | Sign in with Apple authentication (via Clerk) | Yes (if choosing Apple login) |
| Google account identifier | Google OAuth sign-in (via Clerk) | Yes (if choosing Google login) |
ReadyApp supports three login methods: (1) email verification via one-time passcode; (2) Sign in with Apple; and (3) Google Sign-In. You only need to use one. All authentication is handled by our identity provider, Clerk. When using Sign in with Apple or Google, you will be directed to the respective provider's login interface. We never receive your password β only the unique user identifier each provider supplies. ReadyApp's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. We only access your basic Google account identifier for authentication purposes and do not access, store, or share any other Google user data. See Apple's privacy policy and Google's privacy policy.
Profile Information
| Information | Purpose | Required |
|---|---|---|
| Display name | Shown to friends within the app | Yes (for profile setup) |
| Username | Unique identifier for friend search and discovery | Yes (auto-generated, editable) |
| Avatar photo | Profile image shown to friends | Optional |
| Bio | Personal profile display | Optional |
| Birthday | Personal profile display | Optional |
| Gender | Personal profile display | Optional |
| Region | Personal profile display | Optional |
A display name and username are required during profile setup. All other profile information is optional. You can leave optional fields blank or use system defaults without affecting core app functionality. If you upload an avatar, we will request access to your photo library or camera; this permission is only used when you actively choose to upload an image.
Countdowns and Social Interaction Data
| Information | Purpose | Required |
|---|---|---|
| Friend connections | Establishing social connections for accountability features | Yes (for social features) |
| Countdown records | Creating, managing, and displaying countdown tasks | Yes |
| Interaction data (nudges, alarm mode, etc.) | Social interaction features between friends | Yes (for social features) |
Countdown task status is only visible to friends you have specifically connected with. It is never publicly visible to other users. Alarm mode requires explicit authorization from the friend before it can be used.
Push Notification Data
| Information | Purpose | Required |
|---|---|---|
| Device push token | Delivering countdown reminders and friend interaction notifications via Apple Push Notification service (APNs) | Yes (if notifications enabled) |
| Device platform and name | Ensuring notification compatibility and delivery | Yes (if notifications enabled) |
| Timezone | Ensuring countdown reminders arrive at the correct local time | Yes |
Push notifications are optional. You can disable them at any time in your iOS Settings without affecting other features.
Achievement and Statistics Data
To provide badges and statistics features, we record your task completion history and streak data. This data is derived automatically from your countdown activity and does not require additional personal information.
Service Logs
To maintain the security and reliability of our services, we collect standard server logs (e.g., access timestamps, request types, error logs, and internal user identifiers). User identifiers in logs are system-generated UUIDs and do not contain your name, email, or other directly identifying information. Logs are retained for no more than 180 days.
2. How We Use Your Information
We use the information we collect for the following purposes:
- Service operation: To create and maintain your account, provide countdown and social accountability features, manage friend connections, and deliver the core app experience
- Authentication: To verify your identity when you register, log in, or perform account-sensitive actions via email one-time passcode, Sign in with Apple, or Google Sign-In (all managed through Clerk)
- Notifications: To send you countdown reminders, friend interaction alerts, and achievement notifications through Apple Push Notification service (APNs)
- Gamification: To calculate and display achievement badges, streaks, and statistics based on your countdown activity
- Security and integrity: To detect, prevent, and respond to fraud, abuse, security incidents, and technical issues
- Compliance: To comply with applicable legal obligations
We do not use your information for advertising, behavioral profiling, or AI/ML model training. We do not engage in automated decision-making that produces legal or similarly significant effects on you.
3. How We Share Your Information
User-directed sharing
When you use social features, certain information (such as your display name, avatar, countdown status, and interaction data) is shared with the friends you have connected with in the app. This sharing is initiated by your actions and is limited to the friends you choose.
Service providers
We use the following third-party service providers to operate ReadyApp. Each provider only receives the minimum data necessary to perform its specific function, and is contractually obligated to protect your information.
| Provider | Service | Data Shared |
|---|---|---|
| Clerk | Authentication (email OTP, Apple Sign-In, Google OAuth), session and token management. Clerk processes data using its own sub-processors including Google Cloud Platform, Cloudflare, and Postmark. See Clerk's sub-processor list | Email address, Apple user identifier, Google account identifier |
| Amazon Web Services (AWS) | Cloud infrastructure, compute (App Runner), and storage (S3) | All data (encrypted at rest and in transit) |
| Apple | Push notifications (APNs) and Sign in with Apple (SIWA) | Device push token, Apple user identifier |
| OAuth sign-in provider | Google account identifier |
Legal requirements
We may disclose your information if required to do so by law, regulation, legal process, or enforceable governmental request.
Business transfers
If ReadyApp is involved in a merger, acquisition, or sale of assets, your personal information may be transferred as part of that transaction. We will notify you via in-app notification before your information becomes subject to a different privacy policy.
We do not sell, rent, or trade your personal information to any third party for marketing, advertising, or any other purpose.
4. Data Storage and Retention
Storage location
Your personal information is stored on servers in the United States (AWS us-west-2 region, Oregon). Authentication data processed by Clerk is stored on Clerk's infrastructure (Google Cloud Platform, United States). See Clerk's privacy policy for details. If you access ReadyApp from outside the United States, please be aware that your information will be transferred to and processed in the United States.
Retention periods
We retain your data for the following periods. After the applicable retention period, data is deleted or anonymized.
- Account information (email, Apple ID identifier, Google account identifier): Retained while your account is active. Upon account deletion, all personal data is permanently erased within 30 days, including account information, profile data, social interaction data, device tokens, and all tokens associated with Apple Sign-In (we will call Apple's token revocation endpoint). This action is irreversible
- Profile data (display name, avatar, bio, birthday): Retained while your account is active; deleted within 30 days upon account deletion. Avatar files are removed from cloud storage
- Social interaction data (countdowns, friend connections, achievements): Retained while your account is active; deleted within 30 days upon account deletion
- Device push tokens: Retained while your account is active; deleted within 30 days upon account deletion
- Email verification codes: Expire automatically after 10 minutes or upon successful verification, whichever comes first
- Service logs: Retained for no more than 180 days for security and debugging purposes. Logs do not contain directly identifying personal information
5. Security
We implement industry-standard technical and organizational measures to protect your personal information:
- Encryption in transit: All data transmitted between the app and our servers is encrypted using HTTPS/TLS
- Encryption at rest: Sensitive information (such as authentication tokens and identifiers) is encrypted using AES-256-GCM before storage. Encryption keys are managed through secure key management practices
- Access controls: Strict role-based access controls and authentication mechanisms prevent unauthorized access to your data
- Data isolation: Each user's data is logically isolated from other users
- Security monitoring: We perform regular security reviews of our systems and data processing activities
While we take reasonable measures to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. In the event of a data breach affecting your personal information, we will notify you within 30 days of discovery and will notify the California Attorney General as required by California law (Cal. Civ. Code section 1798.82).
6. Your Privacy Rights
Rights available to all users
Regardless of where you live, you have the following rights regarding your personal information:
- Access: You can view your profile, countdown records, friend connections, and achievement data at any time within the app. You may also request a copy of your personal information, and we will respond within 45 days
- Correction: You can update your profile information at any time within the app. If you believe other information we hold about you is inaccurate, you may request that we correct it
- Deletion: You can delete your account at any time from within the app. Upon deletion, all your personal data will be permanently erased, including your profile, friend connections, countdown records, achievements, avatar files, and all tokens associated with Apple Sign-In (we will call Apple's token revocation endpoint). This action is irreversible.
- Withdraw consent: You can withdraw consent at any time by:
- Disabling push notifications in your iOS Settings
- Revoking camera or photo library access in your iOS Settings
- Contacting us to withdraw consent for specific data processing activities
Withdrawing consent does not affect the lawfulness of processing carried out before the withdrawal.
- Data portability: You may request a copy of your personal information in a structured, commonly used, machine-readable format
Additional rights for California residents (CCPA/CPRA)
If you are a California resident, the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA) provide you with the following additional rights:
- Right to know: You have the right to request that we disclose the categories and specific pieces of personal information we have collected about you, the categories of sources from which it was collected, the business or commercial purpose for collecting it, and the categories of third parties with whom we share it
- Right to delete: You have the right to request that we delete the personal information we have collected from you, subject to certain exceptions provided by law
- Right to correct: You have the right to request that we correct inaccurate personal information that we maintain about you
- Right to opt-out of sale or sharing: You have the right to opt out of the "sale" or "sharing" of your personal information. However, ReadyApp does not sell or share your personal information as those terms are defined under the CCPA/CPRA, so there is no need to opt out
- Right to limit use of sensitive personal information: You have the right to direct us to limit our use of your sensitive personal information to only what is necessary to provide our services. ReadyApp only uses sensitive personal information (such as your account login credentials) for the purpose of providing and securing our services, so no further limitation is needed
- Right to non-discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights. We will not deny you our services, charge you different prices, provide a different quality of service, or retaliate against you in any way for exercising your rights
Response timeline: We will acknowledge your request within 10 business days and respond substantively within 45 days of receiving your verifiable request. If we need additional time (up to 45 more days), we will inform you in writing of the reason and the extension period.
How to submit a request: You can exercise your CCPA/CPRA rights by emailing us at support@readyapp.com. We will verify your identity before processing your request by matching information you provide with information we have on file.
Authorized agents: You may designate an authorized agent to submit a request on your behalf. We may require the agent to provide proof of authorization and may still verify your identity directly.
7. Children's Privacy
ReadyApp is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13, in compliance with the Children's Online Privacy Protection Act (COPPA).
If we learn that we have collected personal information from a child under 13 without verifiable parental consent, we will take steps to delete that information as quickly as possible. If you are a parent or guardian and believe your child under 13 has provided us with personal information, please contact us at support@readyapp.com so we can take appropriate action.
8. Do Not Sell or Share My Personal Information
ReadyApp does not sell your personal information. We have not sold personal information in the preceding 12 months and have no plans to do so.
We also do not "share" your personal information for cross-context behavioral advertising, as those terms are defined under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA).
We do not use or disclose "sensitive personal information" for purposes other than those permitted under the CCPA/CPRA (i.e., we only use it to provide and improve our services).
9. Cookies and Tracking Technologies
ReadyApp is a native mobile application and does not use browser cookies. Our website (haolemeapp.com) is a static informational site and does not use cookies or similar tracking technologies to collect your personal information. We recognize and honor Global Privacy Control (GPC) opt-out preference signals. Because we do not sell or share your personal information as defined by the CCPA/CPRA, a GPC signal will not result in any change to your experience, as there is no sale or sharing to opt out of. We do not engage in online tracking.
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. The updated policy will be posted on this page with a revised "Last updated" date.
For material changes β including but not limited to expansion of data collection, changes in purpose of use, or addition of new third-party service providers β we will notify you via in-app notification before the changes take effect and, where required by law, obtain your consent.
We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.
11. Governing Law
This Privacy Policy and any disputes arising from or related to it shall be governed by the laws of the State of California, United States, without regard to its conflict of law provisions. Any legal action or proceeding relating to this Privacy Policy shall be brought exclusively in the state or federal courts located in Los Angeles County, California.
12. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or your personal information, please contact us:
- Developer: Shixi Chen (individual developer)
- Address: Los Angeles, CA, United States
- Email: support@readyapp.com
- Report abuse or objectionable content: support@readyapp.com with the subject line "Content Report"
- CCPA/CPRA requests: California residents may submit data access, deletion, correction, or opt-out requests by emailing support@readyapp.com with the subject line "CCPA Request"
- Response time: We will respond to all privacy-related inquiries within 45 days