Haven — Privacy Policy
Last updated · 20 April 2026 · Version 1.0
Plain-English summary
Haven is designed so the things you do inside the app — your prompts, voice memos, photos, PDFs, and generated images — never leave your device. We do not have a server that stores them. We do not have a user-account system.
The one thing we do collect is anonymous product analytics (which screens were opened, whether a subscription was purchased, whether the app crashed) and subscription receipts processed through Apple. Nothing identifies you personally; nothing tells us what you asked the AI.
If you disagree with any part of this policy, please don't use Haven — uninstalling removes every trace of your use immediately.
1. Who we are
Haven ("the app", "we", "us", "our") is developed and operated by E2 Partners LLC ("E2 Partners", "the Developer"), the data controller for the limited personal information described below. You can contact us at hello@e2partners.co.
For users in the European Union, United Kingdom, Switzerland, or other regions with data-protection laws, we are the controller of the limited data described in Section 3. A data-protection representative, where legally required, is available on request at the address above.
2. Scope of this policy
This policy applies to the Haven iOS application distributed via Apple's App Store and to the related pages at e2partners.co. It does not apply to third-party services you may use alongside Haven (for example, the Hugging Face servers that host downloadable AI models; their terms and policies govern those interactions).
3. Data we collect
The following is an exhaustive list. If a type of data is not listed here, we do not collect it.
3.1 Product analytics (via Firebase Analytics)
- Screen views (which onboarding step you reached, which mode you opened).
- Paywall events (shown, plan selected, trial started, dismissed).
- Model lifecycle events (download started, download finished, install failed).
- Device-level identifiers that Apple provides to apps (Identifier for Vendor), device model, OS version, language, country derived from App Store.
Analytics events never include the contents of your prompts, transcripts, photos, documents, or generated images. They never include your name, email address, phone number, or any persistent identifier we create.
3.2 Crash and performance diagnostics (via Firebase Crashlytics)
- Stack traces and crash context when the app terminates unexpectedly.
- App launch time and other performance metrics Apple exposes through standard system APIs.
- A static custom value identifying the app (
product = haven_ios).
Crash reports do not include the contents of any chat, transcript, photo, document, or generated image.
3.3 Subscription billing (via Apple App Store and RevenueCat)
- A random, RevenueCat-generated identifier bound to your installation.
- Subscription state (active / inactive / in trial / expired), product identifier, renewal events.
- Country of the App Store account used to purchase.
We never see your payment method, credit card number, or Apple ID. All billing is handled directly by Apple.
3.4 Support correspondence
If you email hello@e2partners.co, we receive your email address and whatever you choose to include. We keep support emails for up to 24 months and then delete them.
4. Data we explicitly do NOT collect
The following stay on your device. Our servers never see them, our analytics never log them, our crash reports never include them:
- Every prompt, chat message, or question you send.
- Every voice recording and every on-device transcription.
- Every photo you pick and every on-device description of it.
- Every PDF you import and every bit of text we extract from it.
- Every image generated by on-device models.
- Your name, email address (unless you email us), phone number, physical address, date of birth, or any government identifier.
- Your precise or approximate location.
- Your contacts, calendars, reminders, or other system data.
- Your browsing history or searches made outside Haven.
5. Why we collect what we collect
| Purpose | Legal basis (GDPR) | Retention |
|---|---|---|
| Understand how Haven is used so we can improve it (analytics). | Legitimate interest; consent where required by local law. | Up to 14 months then aggregated or deleted. |
| Fix crashes and performance issues. | Legitimate interest. | Up to 90 days. |
| Manage your subscription, prevent abuse of the free trial. | Contract performance. | As long as your subscription is active, plus up to 24 months for accounting. |
| Respond to your support questions. | Legitimate interest; consent for marketing follow-ups (we do not send marketing follow-ups). | Up to 24 months. |
6. Third-party processors
We rely on a small number of service providers who process data on our behalf. Each has their own privacy commitments and is contractually bound not to use your data for any purpose outside the service they provide.
| Provider | Role | Data they see |
|---|---|---|
| Apple Inc. | App Store distribution and subscription billing. | Your Apple ID, payment method, country, purchase receipts. Apple's privacy policy applies. |
| Google LLC (Firebase) | Analytics, Crashlytics, Remote Config. | Anonymous analytics events, crash traces, device-level identifiers. Firebase ships its own privacy manifest. |
| RevenueCat Inc. | Subscription plumbing on top of the App Store. | Anonymous install ID, subscription state. |
| Hugging Face Inc. | Hosts the open-source AI model weights. | Your IP address and which model file you downloaded. We do not transmit any Haven usage data to Hugging Face. |
We do not use advertising networks, data brokers, fingerprinting SDKs, or cross-app tracking providers.
7. Tracking and advertising
Haven does not track you across other companies' apps or websites. We do not serve advertising inside the app. We have never and will never sell your data. We do not request App Tracking Transparency permission because we have no tracking to do.
8. International transfers
Analytics and crash data are processed by Google LLC in the United States and other regions where Google operates data centres. RevenueCat processes subscription data in the United States. Apple processes billing data in the region associated with your Apple ID. Where these transfers involve personal data of EU, UK, or Swiss residents, we rely on Standard Contractual Clauses and adequacy decisions where applicable.
9. Your rights
Depending on where you live, you may have the following rights over the limited data we hold about you:
- Access — ask what, if anything, we hold about you.
- Correction — ask us to fix inaccurate data.
- Deletion — ask us to delete data (we will honour this for support email threads immediately; analytics/crash data is already pseudonymised and auto-expires).
- Portability — request a machine-readable copy of your data.
- Objection — object to processing based on legitimate interests.
- Withdraw consent — where processing is based on consent.
- Lodge a complaint — with your local supervisory authority. For EU residents, you can find yours at edpb.europa.eu.
To exercise any of these, email hello@e2partners.co from the address you contacted us with (we have no other way to identify you — there are no accounts).
You can also control two things directly in the app:
- Toggle analytics and crash reporting off in Settings → Privacy.
- Delete individual chats, transcripts, generated images, or indexed documents from their respective screens. Uninstalling the app removes every local record immediately.
We do not charge a fee for responding to these requests and will reply within 30 days (or 45 days for complex requests, with notice).
10. California residents (CCPA / CPRA)
If you are a California resident, the sections above describe the categories of personal information we collect, the sources, and the purposes. We have not sold or shared personal information for cross-context behavioural advertising in the preceding 12 months and have no intention of doing so. You have the right to know, delete, correct, and limit the use of sensitive personal information; contact us to exercise these rights.
11. Children
Haven is intended for users aged 13 and older. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, contact us and we will delete it. If you are a parent or guardian and want to know how Haven handles your family's data, we're happy to walk you through it.
12. Security
Because almost no personal data ever leaves your device, there is very little for us to secure centrally. For the data described in Section 3, we rely on the security controls provided by Apple, Google, and RevenueCat, each of which maintains industry-standard protections (TLS in transit, AES-256 at rest, access controls). Locally on your device, chats and other content live inside Haven's application container and, where applicable, the iOS Secure Enclave; enabling the Face ID lock in Settings adds a biometric gate on top.
No system is perfectly secure. If you discover a vulnerability, please email hello@e2partners.co with the subject line "Security" and we will respond promptly.
13. Changes to this policy
If we materially change how Haven handles data, we will:
- Update the "Last updated" date and version number at the top.
- Surface the change inside the app the next time you open it, before it takes effect.
- For changes affecting EU or UK residents, obtain consent where legally required.
Non-material edits (typos, clarifications) may be made without notice.
14. Contact
Questions, requests, or concerns: hello@e2partners.co.
We read every message and reply to every one.
© 2026 E2 Partners LLC