Privacy Policy

Eaase Last updated: 4 May 2026

1. About this policy

This privacy policy explains how Athanor (ABN 22 125 077 521), a business name of The Trustee for H & S Family Trust (“we”, “us”, “our”) collects, uses, stores, and protects your personal information when you use the Eaase mobile application and website at eaase.app.

We are committed to handling your data responsibly and in accordance with the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). If you are located in the European Union or United Kingdom, we also comply with the General Data Protection Regulation (GDPR) and the UK GDPR respectively.

By using Eaase, you agree to the collection and use of information as described in this policy. If you do not agree, please do not use the app or website.

Contact: hello@eaase.app

2. Information we collect

2.1 Account information

When you create an account or join our waitlist, we collect your email address. If you subscribe to Eaase Pro, your payment is processed through the Apple App Store or Google Play Store via RevenueCat. We do not directly collect or store your credit card number, bank account details, or other payment credentials.

2.2 Budget and financial data

If you choose to use the budget analysis feature, you may upload bank statement files or manually enter financial information such as your salary, expenses, and subscriptions. The transactions in your statement are sent to Anthropic’s Claude API for analysis (see Section 4) and the resulting summary, category totals, subscription list, and savings ideas are stored on your account. The raw transaction text from your bank statement is never persisted to our database.

2.3 Fitness and health data

If you choose to use the fitness planning feature, you may provide body metrics such as weight, height, lifestyle information, and available time for exercise. This information is used to generate personalised, constraint-based fitness suggestions. We do not sell or share your health data with third parties.

2.4 Sleep data

If you use the sleep coach feature, the app may collect information about your sleep preferences, bedtime habits, sleep quality ratings, and free-text journal entries (“brain dump”). Brain dump entries are stored on your account and are sent to Anthropic’s Claude API only when generating your weekly observation (see Section 4). They are never shown to other users.

2.5 Content preferences

We collect information about how you interact with the content feed, including what you view, engage with, or dismiss. This helps us tailor the content shown to you over time.

2.6 Device and usage data

We collect standard device and usage information through our analytics provider, PostHog, including device type, operating system, app version, session duration, screens visited, and general interaction patterns. This data helps us understand how people use Eaase and improve the experience.

2.7 Push notification tokens

If you enable push notifications, we collect your device’s notification token through OneSignal to send you reminders and updates such as bedtime prompts and content suggestions.

2.8 Curriculum and reflection data (Learn feature)

If you use the Learn feature, we store the topic you’ve chosen, your weekly progress (which items you’ve marked as done), and any short reflections you write at the end of a week. The topic, the current week number, the titles of previously suggested items, and your completed item titles are sent to Anthropic’s Claude API to generate the next week of suggestions and a personalised weekly reflection prompt (see Section 4). The text of your reflection responses is stored on your account but is not sent to Anthropic.

2.9 Screen-time data

If you use the Screen Time feature on Android, the app reads per-app daily usage minutes from Android’s UsageStatsManager. We store the list of apps you’ve chosen to track, your direction goal for each (use less, keep steady, use more), and the daily minutes per tracked app on your account so the picture is consistent across devices. Per-app usage is queried fresh from your phone each session. We do not transmit usage data outside the device beyond storing your own per-day totals on Supabase. iPhone screen-time tracking is not yet available.

3. How we use your information

We use the information we collect to:

• Provide and personalise the Eaase app experience, including the content feed, budget analysis, fitness planning, and sleep coaching features
• Process and manage your subscription through RevenueCat and the relevant app store
• Send push notifications you have opted into, such as bedtime reminders
• Analyse usage patterns to improve the app’s features and performance
• Respond to your enquiries or support requests
• Comply with legal obligations

We do not use your personal information for targeted advertising. We do not sell your data to third parties.

Where we rely on GDPR, our lawful bases for processing are: performance of a contract (to provide the service you signed up for), legitimate interests (to improve the app and prevent fraud), consent (for push notifications, AI processing, and other optional data features), and legal obligation (where required by law).

4. AI processing (Anthropic / Claude)

Several Eaase features use Anthropic’s Claude language model API to do their underlying work. We list this explicitly so you know exactly which third party receives which content, and when.

What we send to Anthropic:

• Budget analysis — the parsed transaction text from any bank statement you upload, plus an optional salary figure if you provide one.
• Fitness plan generation — your stated movement background, time and equipment constraints, goal, and any free-text notes you’ve added.
• Sleep observation — up to 30 of your most recent brain dump journal entries and the sleep quality ratings you’ve recorded.
• Learn — weekly content — the topic you’re studying, the current week number, and the titles of items you’ve previously been suggested or completed.
• Learn — weekly reflection prompt — the topic, current week number, and the titles of items you completed that week.

What is not sent: your email address, account ID, payment information, fitness profile metrics outside the plan request, push tokens, device identifiers, or any data from features you have not actively used.

How Anthropic handles it: data sent to the Claude API is not used to train Anthropic’s models and is retained only as long as needed to deliver the response and for operational logging, in accordance with Anthropic’s Commercial Terms of Service and Privacy Policy.

Your control: you can turn AI processing off at any time in the app under Profile → Data & Privacy → Use AI features. When AI is off, the features above are blocked at our servers and no further content is sent to Anthropic. The rest of Eaase — the content feed, audio player, screen-time tracking, and manual logging — keeps working as normal.

5. Third-party services

We use the following third-party services to operate Eaase. Each is a sub-processor for the data flows described above and operates under their own privacy policy.

• Supabase (database hosting, authentication, edge functions) — supabase.com/privacy
• Anthropic (Claude API for AI features described in Section 4) — privacy.anthropic.com
• RevenueCat (subscription management; receives anonymised purchase events from Apple and Google, never raw payment details) — revenuecat.com/privacy
• PostHog (product analytics; receives an opaque user ID and event names, never your email or content) — posthog.com/privacy
• OneSignal (push notification delivery; receives a device push token tied to your user ID) — onesignal.com/privacy_policy
• Pexels (stock imagery used as fallback artwork in the content feed; we send anonymised image queries, no user data) — pexels.com/privacy-policy
• Open Library (book lookups for the Learn feature; we send a book title and author as a search query, with our contact email in the request header) — openlibrary.org/about/privacy
• Apple App Store and Google Play (subscription billing; we never see card numbers) — apple.com/au/legal/privacy / play.google.com/about/play-terms
• Formspree (waitlist email collection on the website only) — formspree.io/legal/privacy-policy

Each of these providers has their own privacy policy governing how they handle data. We encourage you to review those policies. We select providers who maintain appropriate security and privacy standards.

6. Data storage and security

Your data is stored on secure, cloud-hosted infrastructure provided by Supabase. We implement reasonable technical and organisational measures to protect your personal information from unauthorised access, loss, misuse, or alteration. These measures include encryption in transit (TLS/SSL), authentication credentials stored in your device’s secure enclave (iOS Keychain / Android Keystore), database-level row-level security so each user can only read their own data, and regular security reviews.

No method of electronic storage or transmission is completely secure, and we cannot guarantee absolute security.

7. Data retention

We retain your personal information for as long as your account is active or as needed to provide you with the Eaase service. If you delete your account through Profile → Delete account, your data is scheduled for deletion and permanently removed within 30 days, except where we are required by law to retain it. You can cancel a pending deletion at any time during the 30-day grace window. Choosing “Delete everything now” skips the grace period and removes your data immediately.

Waitlist email addresses are retained until you unsubscribe or request removal.

8. Your rights

8.1 Australian users

Under the Australian Privacy Principles, you have the right to:

• Access the personal information we hold about you
• Correct any inaccurate or out-of-date information
• Request deletion of your personal data (subject to legal obligations)
• Opt out of marketing communications at any time
• Withdraw consent for AI processing through Profile → Data & Privacy in the app
• Withdraw consent for push notifications through your device settings

8.2 EU and UK users (GDPR)

If you are located in the European Union or the United Kingdom, you have additional rights under the GDPR and UK GDPR:

• Right of access — you can ask us for a copy of the personal data we hold about you.
• Right to rectification — you can ask us to correct inaccurate or incomplete data.
• Right to erasure (“right to be forgotten”) — you can ask us to delete your personal data where there is no compelling reason for us to keep it.
• Right to restriction of processing — you can ask us to limit how we use your data in certain circumstances, for example while a dispute is being resolved.
• Right to data portability — you can ask us to provide your data in a structured, commonly used, machine-readable format so you can transfer it to another service.
• Right to object — you can object to us processing your data where we rely on legitimate interests as our lawful basis.
• Rights related to automated decision-making — you have the right not to be subject to a decision made solely by automated means where it has a significant effect on you.

To exercise any of these rights, contact us at hello@eaase.app. We will respond within 30 days. We may need to verify your identity before processing your request.

9. Supervisory authorities

If you have a complaint about how we handle your personal data and we haven’t resolved it to your satisfaction, you can contact the relevant authority:

• Australia — Office of the Australian Information Commissioner (OAIC): www.oaic.gov.au
• United Kingdom — Information Commissioner’s Office (ICO): ico.org.uk
• European Union — your local Data Protection Authority (DPA). A full list is available at edpb.europa.eu

10. Children’s privacy

Eaase is not intended for use by children under the age of 16. We do not knowingly collect personal information from children. If we become aware that a child under 16 has provided us with personal data, we will take steps to delete that information promptly.

11. International data transfers

Your data may be processed by third-party service providers located outside your country, including in the United States. Where this occurs, we take reasonable steps to ensure your data is treated securely and in accordance with this policy and applicable law.

For EU and UK users, where data is transferred outside the UK or EEA, we rely on appropriate safeguards such as Standard Contractual Clauses (SCCs) or equivalent mechanisms to ensure your data remains protected.

12. Changes to this policy

We may update this privacy policy from time to time. When we make material changes, we will notify you through the app or by email. The “Last updated” date at the top of this page reflects the most recent revision.

13. Complaints

If you believe we have mishandled your personal information, please contact us first at hello@eaase.app. We will investigate and respond within 30 days. If you are not satisfied with our response, you may escalate to the relevant supervisory authority listed in section 9.

14. Contact us

If you have any questions about this privacy policy or how we handle your data, please contact us:

Email: hello@eaase.app
Website: https://eaase.app

Athanor is a business name of The Trustee for H & S Family Trust (ABN 22 125 077 521),

SE 2, 651-653 Canterbury Rd, Surrey Hills VIC 3127