Privacy Policy

This Privacy Policy describes how WatchDecide (“WatchDecide”, “we”, “us”) collects, uses, processes and protects the personal data of users of the WatchDecide mobile app and the website watchdecide.app, in compliance with Regulation (EU) 2016/679 (“GDPR”) and applicable Italian and EU privacy law.

1. Data Controller

The Data Controller is WatchDecide, based in Italy. For any privacy-related question or to exercise the rights described below, you can contact us at privacy@watchdecide.app.

2. Data we collect

• Email address (waitlist)

  Collected when you join the waitlist. Purpose: to contact you at launch and manage your early-access invitation. Legal basis: consent (Art. 6.1.a GDPR).

• Usage analytics (Google Analytics 4)

  Aggregated and anonymous events and metrics about how visitors interact with watchdecide.app, collected through Google Analytics 4. IP addresses are anonymised. No identifiers are linked back to individual users. Legal basis: legitimate interest in improving the service (Art. 6.1.f GDPR).

• Apple HealthKit data

  When you grant permission inside the WatchDecide iOS app, the app reads health signals from Apple HealthKit and computes a single daily aggregated energy estimate. Raw HealthKit data is never transmitted to or stored on our servers. Only an opaque numeric estimate, generated on-device, is used to personalise recommendations. Legal basis: explicit consent (Art. 9.2.a GDPR).

3. Data processors

WatchDecide relies on a small number of vetted sub-processors that act on our behalf under Art. 28 GDPR. We do not sell or share your data for marketing purposes.

• Supabase

  Database and backend hosting for the waitlist. Data is stored in the EU-West region (Frankfurt, Germany). GDPR-compliant; a Data Processing Agreement is in place.

• Resend.io

  Transactional email delivery for waitlist confirmations and launch notifications. Receives only the email address necessary to deliver each message.

• Google Analytics 4

  Aggregated, anonymised usage analytics on the marketing website. Configured with IP anonymisation and standard retention policies (up to 14 months).

4. Data retention

• Waitlist email: kept until the user requests deletion or, at the latest, for 24 months from sign-up.
• Apple HealthKit aggregates: never stored server-side; the daily aggregate lives only on your device and is recomputed locally.
• Analytics: aggregated, anonymised data retained per Google Analytics 4 default policies (max 14 months).

5. Your rights under the GDPR

You can exercise the following rights at any time by writing to privacy@watchdecide.app:

• Right of access (Art. 15) — obtain a copy of the personal data we hold about you.
• Right to rectification (Art. 16) — correct inaccurate or incomplete data.
• Right to erasure (Art. 17) — request deletion of your data (“right to be forgotten”).
• Right to restriction of processing (Art. 18).
• Right to data portability (Art. 20) — receive your data in a structured, machine-readable format.
• Right to object (Art. 21) — object to processing based on legitimate interest.
• Right to withdraw consent at any time, without affecting the lawfulness of processing already carried out.
• Right to lodge a complaint with the Italian Data Protection Authority (Garante per la protezione dei dati personali, garanteprivacy.it) or the supervisory authority of your country.

6. International data transfers

Personal data processed by Supabase is stored within the EU (Frankfurt, Germany). Some sub-processors (e.g. Google Analytics) may transfer data outside the EU on the basis of the Standard Contractual Clauses approved by the European Commission or adequacy decisions.

7. Contact

For any question about this Privacy Policy or to exercise your rights, write to privacy@watchdecide.app. We respond within 30 days as required by the GDPR.

8. Changes to this policy

We may update this Privacy Policy from time to time. Material changes will be communicated through the website or by email before they take effect. The date at the top of this page always reflects the latest revision.