Privacy Policy

Last updated: April 2026

Zero-Knowledge Encryption

Metamorphic uses end-to-end encryption for all user content. Your habits, reflections, goals, and other personal data are encrypted on your device using libsodium cryptographic primitives before being transmitted to our servers. We do not have the ability to decrypt or read your data. Encryption is available on every plan, including the free tier — it is not a paid upgrade.

In addition to client-side end-to-end encryption, all encrypted data stored in our database is wrapped with a second layer of AES-256-GCM at-rest encryption, providing defense-in-depth against database-level breaches.

What We Collect

We collect only the minimum information needed to operate the service. We do not sell, share, or monetize your data in any way.

  • Email address — your plaintext email is never stored in our database. We keep only a one-way cryptographic hash for login lookups and an end-to-end encrypted copy that only you can decrypt. Plaintext email is seen transiently during registration solely to send your confirmation email.
  • Encrypted content — habit names, descriptions, reflections, goals, check-in details, and group data are stored as encrypted blobs that we cannot read.
  • Non-sensitive metadata — certain structural data is stored in plaintext to support core functionality: check-in dates (for streak calculations), habit frequency, display color, sort order, and archive status. This metadata does not reveal the content of your habits or personal data.
  • Cryptographic keys — your public key and encrypted private key are stored on our servers. Your private key is encrypted with a key derived from your password and can only be decrypted on your device. We never have access to your private key or password.

Payment Processing

Paid subscriptions are processed by Stripe, a PCI-compliant payment processor. We do not store your credit card number, CVC, or full billing details on our servers. Stripe’s handling of your payment data is governed by Stripe’s Privacy Policy .

Data Retention

Your encrypted data is stored for as long as your account is active. You may delete your account at any time from your settings page, which will permanently remove all associated data — including encrypted content, keys, and account metadata — from our servers.

Contact

If you have questions about this policy, please contact us at support@metamorphic.app .