Privacy Policy

Last updated: February 2026

1. Introduction

Hogit ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use the Hogit mobile application ("the App"). Hogit is designed with a privacy-first architecture — your PostHog data stays between your device and your PostHog instance.

2. Our Architecture: How Your Data Flows

Hogit acts as a thin client that communicates directly with your PostHog instance. Understanding this architecture is key to understanding our privacy model:

  • Device ↔ Your PostHog Instance (direct): All analytics data, events, feature flags, experiments, insights, and person profiles travel directly between your device and your PostHog instance over HTTPS. Hogit never proxies, relays, or intercepts this traffic.
  • Device ↔ Sentry: Anonymous error reports and performance metrics are sent to Sentry to help us identify and fix crashes. No personally identifiable information or PostHog data is included.
  • Device ↔ RevenueCat: When you subscribe to Hogit Pro, RevenueCat manages your subscription. It receives purchase receipts and device metadata for validation purposes only.

3. Information We Collect

Anonymous Error Tracking

We use Sentry to collect anonymous crash reports and performance metrics to help us identify and fix issues. The following data may be collected:

  • Device model and operating system version
  • App version and build number
  • Crash stack traces and error messages
  • Performance metrics (app startup time, screen render times)

All error reports are anonymized and do not include your email, name, PostHog API key, or any PostHog data. We do not use this data to track you across other apps or websites.

Subscription Data

When you subscribe to Hogit Pro, RevenueCat receives purchase receipts from the App Store or Google Play Store. RevenueCat also automatically collects your device model, OS version, app version, and country/region for purchase validation and analytics. RevenueCat does not receive any PostHog data.

What We Do NOT Collect

We want to be explicit about data we never collect, store, or have access to:

  • Your PostHog API key or access tokens (stored only in your device's native keychain)
  • Your PostHog instance URL (stored only on your device)
  • Your event data, analytics, or insight results
  • Your feature flag configurations or experiment data
  • Your person profiles, session recording metadata, or cohort data
  • Any data processed by your PostHog instance
  • Location data, contacts, photos, or other device data

4. Tracking & Cross-App Data

Hogit does not track you across other companies' apps or websites. We do not participate in ad networks, retargeting, or cross-app tracking of any kind. We do not use Apple's IDFA (Identifier for Advertisers) or any equivalent advertising identifier. Accordingly, the App does not present an App Tracking Transparency (ATT) prompt because no cross-app or cross-site tracking occurs.

5. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, we process your personal data on the following legal bases:

  • Legitimate interest: Anonymous error tracking via Sentry is collected to improve the App's stability and performance. These reports are anonymized and do not include personally identifiable information (Art. 6(1)(f) GDPR).
  • Contractual necessity: Subscription management via RevenueCat is necessary to fulfill your purchase and provide access to paid features (Art. 6(1)(b) GDPR).

6. API Key Storage & Security

Your PostHog API key is the most sensitive piece of data the App handles. Here is exactly how we protect it:

  • Stored exclusively in your device's native encrypted keychain using Expo Secure Store (iOS Keychain / Android Keystore) with WHEN_UNLOCKED_THIS_DEVICE_ONLY access level
  • Injected into API requests at the time of each call via an HTTP interceptor
  • Never written to AsyncStorage, logs, crash reports, or any unencrypted location
  • Never transmitted to Hogit servers, Sentry, RevenueCat, or any third-party service
  • Never synced across devices — you must re-enter your API key on each device
  • Immediately deleted from secure storage when you remove an instance

7. Instance Data

Your PostHog instance information (name, URL, region, API key) is stored entirely on your device. Instance URLs and names are kept in local device storage (MMKV). API keys are stored in encrypted device storage (iOS Keychain / Android Keystore). None of this data is sent to Hogit servers or any third party.

8. Third-Party Services

The App integrates with the following third-party services:

  • Sentry: Anonymous error tracking and performance monitoring. Receives crash reports and device metadata. Does not receive your email, name, or any PostHog data.
  • RevenueCat: Subscription and in-app purchase management. Receives purchase receipts, device metadata for purchase validation.
  • Apple App Store / Google Play Store: App distribution and payment processing.

We require that each third-party service provider maintains data protection standards that are the same as or equivalent to those described in this Privacy Policy.

9. Data Sharing

We do not sell, trade, or rent your personal information to third parties. We do not share your data with third-party AI services. Your data is shared only with the third-party services listed above, solely for the purpose of providing the App's functionality. We may disclose your information if required by law or to protect our legal rights.

10. Data Retention & Deletion

All PostHog data displayed in the App is fetched on-demand and cached locally on your device only. We do not retain any of your PostHog data on our servers.

When you remove an instance or clear app data, the following data is immediately removed:

  • All API keys from device secure storage
  • PIN hash and biometric authentication flags
  • All instance data from device storage
  • All cached analytics and event data

11. App Lock & Biometrics

The App offers optional PIN and biometric (Face ID / fingerprint) authentication for additional security. Your PIN is stored as a hash in device secure storage — never in plain text. Biometric data is handled entirely by your device's operating system and never touches the App.

12. Your Rights

You have the right to:

  • Access the personal information we hold about you
  • Request correction of inaccurate information
  • Delete all your data at any time by removing instances from the App
  • Remove individual PostHog instances and their associated data from your device

Additional rights for EEA/UK residents (GDPR): You also have the right to data portability, the right to restrict or object to processing, and the right to lodge a complaint with your local data protection authority.

Additional rights for California residents (CCPA/CPRA): You have the right to know what personal information we collect, the right to delete your data, and the right to opt out of the sale or sharing of personal information. We do not sell or share your personal information as defined under the CCPA.

13. Children's Privacy

The App is not intended for use by children under the age of 13 (or 16 in the EEA). We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child under the applicable age, we will take steps to delete such information.

14. International Data Transfers

Sentry processes data in the United States. RevenueCat processes data in the United States. Your PostHog data travels directly between your device and your PostHog instance and is not subject to transfer through our infrastructure. For data transferred outside the EEA, appropriate safeguards (such as Standard Contractual Clauses) are in place in accordance with applicable data protection laws.

15. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the updated policy within the App or on our website. Your continued use of the App after changes constitutes acceptance of the updated policy.

16. Contact Us

If you have any questions about this Privacy Policy, our data practices, or wish to exercise any of your rights, please contact us at hello@hogit.app.

17. Summary

In short: Hogit is a thin client for your PostHog instance. Your API keys never leave your device's keychain. Your instance URLs stay on your device. Your analytics data never touches our servers. We use Sentry for anonymous error tracking and RevenueCat for subscriptions. We do not track you across apps or websites. When you remove your data, everything is gone.