MoonFlower

Introduction

MoonFlower ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and protect your information when you use the MoonFlower mobile application ("App").

Our Privacy-First Approach

MoonFlower is built with privacy as a fundamental principle. We believe that helping you build better digital habits doesn't require collecting your personal information. We are transparent about what data we collect and why.

Information We Collect

Information We DO Collect:

1. Anonymous Account Information
   • When you first open the app, we create an anonymous account using Firebase Authentication
   • Anonymous User ID (UID): A randomly generated identifier that cannot be linked to your personal identity
   • Display Name: A randomly generated name (e.g., "GoldenRose42") - this is not your real name and cannot identify you
   • Age Group: The age range you select (Under 16, 16-25, 26-35, 36-45, 45+) - used only for personalized messaging
   • Account Creation Timestamp: When you first created your account
   • This information is stored in Firebase Firestore in the users collection
2. Subscription Data (If You Subscribe)
   • Subscription Codes: Unique codes (MF-XXXX-XXXX format) generated when you purchase a subscription
   • Recovery Codes: Master recovery codes (MF-REC-XXXX-XXXX format) for account recovery
   • Subscription Status: Whether your subscription is active or inactive
   • Plan Type: Monthly or yearly subscription plan
   • Expiration Date: When your subscription expires
   • Google Play Order ID: Transaction identifier from Google Play
   • This information is stored in Firebase Firestore in the subscription_codes collection
   • Subscription codes are also stored locally on your device for quick access
3. Device Registration Data (If You Subscribe)
   • Device ID: Your device's Android ID (persists across app installs)
   • Device Registration Timestamp: When your device was registered to a subscription
   • Device Status: Whether the device is active or inactive
   • Primary Device Flag: Whether this is your primary device
   • This information is stored in Firebase Firestore in the device_registrations collection
4. Approval Request Data (If Using Multi-Device Subscription)
   • Request Timestamps: When approval requests are created
   • Request Status: Pending, approved, rejected, expired, or cancelled
   • Requester Device Information: Device ID of the device requesting access
   • This information is stored in Firebase Firestore in the approval_requests collection
5. Failed Attempt Tracking (For Security)
   • Failed Attempt Timestamps: Records of failed subscription code entry attempts
   • Lockout Status: Whether your device is temporarily locked from entering codes
   • Lockout Expiration: When the lockout expires (if applicable)
   • This information is stored in Firebase Firestore in the failed_attempts collection
6. Recovery Code View Tracking (If You Use Recovery Codes)
   • View Timestamps: Records of when recovery codes are viewed
   • View Count: Number of times a recovery code has been viewed (limited to 2 views per 8 hours globally)
   • This information is stored in Firebase Firestore in the recovery_code_views collection
7. Global Achievement Rankings Data (If You Opt In)
   • Display Name: Your randomly generated display name (e.g., "GoldenRose42")
   • Achievement Counts: Total number of achievements unlocked
   • Unlocked Achievement IDs: List of achievement IDs you've unlocked
   • Last Updated Timestamp: When your achievement data was last synced
   • This information is stored in Firebase Firestore in the global_achievements collection
   • Only collected if you opt in to global rankings (this is optional)
   • You can opt out at any time through the app's settings
8. Accessibility & On-Device Monitoring (Processed Locally Only)
   • MoonFlower uses Android's Accessibility Service to help you stay focused and maintain your streak.
   • What we monitor: The URL in your browser's address bar; when you open apps; window content to identify the current website or app. Used only to compare against your blocked list and show gentle reminders.
   • How we use it: We check if you visited a blocked site or opened a blocked app. We do not collect, store, or upload your browsing history or full app usage. All detection happens on your device only. No URL or app-usage data is sent to our servers.
   • We may use Usage Statistics (PACKAGE_USAGE_STATS) to detect which app is in the foreground when needed for blocking. This is also processed only on your device.
   • We use Overlay (display over other apps) to show the gentle blocking screen. No overlay content is sent off-device.
9. Push Notifications (FCM)
   • If you use optional social/guardian features, we use Firebase Cloud Messaging to deliver push notifications (e.g., "A gardener needs water").
   • FCM token: Stored and used only to deliver these notifications. We do not use FCM for marketing or tracking.
10. Wear OS Companion App
    • If you use MoonFlower on a Wear OS watch, the phone app sends minimal data to the watch (e.g., streak count, garden stage) so the watch can display your progress. This data is sent only between your own phone and watch and is not stored on our servers.
11. App Usage Data (Stored Locally Only)
    • Blocked Websites and Apps List: Your personal list of sites/apps you want to avoid (281 apps available in database for easy selection)
    • App Preferences: Theme selection (light/dark/auto), privacy toggle state
    • Streak Statistics: Your daily streak count, longest streaks, bloom statistics
    • Focus Mode Sessions: Focus Mode activity history, statistics, and session data
    • Focus Mode Statistics: Focus percentages, unlock counts, session details
    • Still Garden Data: Crystal Seeds balance, Still Garden items, 30-day cycle information, timer states
    • Abuse Prevention Data: Nectar balance, item removal tracking, cooldown states
    • Achievement Data: Unlocked achievement IDs, achievement progress
    • All of this data stays on your device and is NEVER sent to our servers

Information We DO NOT Collect:

• Your real name
• Your email address
• Your phone number
• Your location or GPS data
• Your browsing history (we only check if you visit sites you've added to your list)
• Your contacts
• Your photos or media files
• Your calendar information
• Your call logs or messages
• Any personal information that can identify you
• Analytics or tracking data about your app usage patterns
• Advertising identifiers

How We Use Your Information

Anonymous Account Information:

• To enable app features that require cloud storage
• To provide personalized messaging based on your age group selection
• To prevent abuse and ensure fair use

Subscription Data:

• To manage your subscription and verify subscription status
• To provide subscription codes for device management
• To enable multi-device support
• To process subscription renewals and cancellations

Device Registration Data:

• To track which devices are registered to your subscription
• To manage the multi-device approval flow
• To prevent unauthorized access to subscriptions

Data Storage

Local Storage (On Your Device):

• Your blocked websites and apps list
• Your app preferences and settings
• Your streak statistics and progress data
• Your Focus Mode sessions and statistics
• Your subscription status and codes (cached)

Cloud Storage (Firebase Firestore):

• users collection: Anonymous account information
• subscription_codes collection: Subscription and recovery codes
• device_registrations collection: Device registration info
• approval_requests collection: Approval request data
• failed_attempts collection: Security tracking
• recovery_code_views collection: Usage limits
• global_achievements collection: Global rankings (if opted in)

Data Sharing

We do NOT share your data with anyone.

The only exceptions are:

1. Google Play Billing: For processing subscription payments. We do not receive payment info.
2. Firebase (Google): For secure cloud storage and authentication.

Your Rights

• Use the App Anonymously: No personal info required.
• Control Your Data: Manage your blocked list and local data.
• Delete Your Data: Delete all data via Settings or by uninstalling. Global rankings data can be deleted upon request.
• Cancel Your Subscription: Via Play Store at any time.
• Access Your Data: View stats in app or request cloud data copy.

Children's Privacy

We do not knowingly collect personal information from children under 13. The app uses anonymous accounts and collects no identifying info.

Contact Us