Habesha Drive Privacy Policy

1. Introduction

Welcome to Habesha Drive (“we,” “our,” or “us”). This Privacy Policy explains how we collect, use, store, share, and protect information when you use the Habesha Drive mobile application, website, and related services.

We are committed to protecting your personal information and your right to privacy. By using Habesha Drive, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our services.

2. Scope of This Policy

This Privacy Policy applies to the Habesha Drive mobile application, our public website, and related services. The web version of this policy is provided for transparency and for app store requirements, including Google Play.

3. Information We Collect

3.1 Personal Information

We collect personal information that you voluntarily provide to us when you:

• Register for an account, such as your name, email address, and password
• Contact our support team, including communication content and contact details
• Subscribe to our services, including subscription status and purchase-related information needed to manage your subscription

Subscriptions and purchase management are handled through RevenueCat and the applicable app store billing provider, such as Google Play Billing or Apple In-App Purchases, for the mobile application. On the Habesha Drive website, payments are processed through Stripe. Your payment and card information is collected and processed directly by these third-party payment providers and is never collected or stored by Habesha Drive. We only store payment event records, such as subscription status and transaction confirmations, received through payment provider webhooks.

3.2 Guest User Information

When you first open the app, a guest user account may be automatically created. This allows you to use the app without registering for an account. Guest user accounts may use a unique anonymous or pseudonymous identifier connected to your selected language, jurisdiction, preferences, app progress, and history data.

Guest user account tokens or identifiers may be stored securely on your device. Guest users are available only in the Habesha Drive mobile app. There are no guest users on the Habesha Drive website.

3.3 Usage, Activity, and Diagnostic Information

We may collect limited usage, activity, and diagnostic information necessary to operate, secure, debug, and improve the app. This may include:

• Practice activity, selected answers, test attempts, completed questions, scores, study history, and learning progress
• App interactions, such as screens used, features accessed, and interactions with app content, where collected
• Device model, operating system version, app version, and device or app identifiers
• Guest user identifiers, account identifiers, RevenueCat identifiers, and identifiers used for subscription management, diagnostics, security, and account management
• Crash logs, error logs, diagnostics, crash traces, and related technical information
• Interactions with AI-generated tips content, if applicable

3.4 Location and Jurisdiction Information

We collect your selected country and jurisdiction information to provide you with relevant driving theory test content specific to your region. This is selected by you during initial setup and stored locally on your device.

4. Crash Reports and Diagnostics

We may collect crash reports and diagnostic information to identify and fix technical issues. This may include device type, operating system version, app version, error logs, crash traces, and the time the error occurred.

We use Sentry to help collect and analyze crash reports and diagnostics.

5. How We Use Your Information

We use the information we collect for the following purposes:

• Service Delivery: To provide, maintain, and improve our driving theory test preparation services
• Account Management: To create and manage your registered account or guest user account
• Personalization: To customise your learning experience, track your progress, and show relevant app content
• Payment and Subscription Management: To manage subscriptions, purchase status, billing events, and premium access through RevenueCat and the applicable app store billing provider
• Communication: To send service updates and respond to support messages
• Diagnostics: To identify and fix technical issues, crashes, and bugs
• Security: To detect, prevent, and address technical issues, misuse, and fraudulent activity
• Legal Compliance: To comply with applicable laws and regulations

6. Third-Party Service Providers

We use trusted third-party service providers to operate, maintain, and improve Habesha Drive. These providers may process information on our behalf according to their own privacy policies and contractual obligations.

Third-party service providers we use include:

• RevenueCat — subscription and purchase management
• Google Play Billing — in-app purchases and subscriptions on Android
• Apple In-App Purchases — in-app purchases and subscriptions on iOS
• Stripe — payment processing on the website
• Sentry — crash reporting and diagnostics
• Google Sign-In — authentication on Android and iOS
• Apple Sign-In — authentication on iOS

7. Information Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

• Service Providers: With third-party service providers only as necessary to operate, maintain, and improve the app, website, and related services
• Legal Requirements: When required by law, court order, or government regulation
• With Your Consent: When you explicitly agree to share your information
• Business Transfers: In connection with a merger, acquisition, or sale of assets, limited information may be shared as part of the transfer
• Protection of Rights: To protect our rights, privacy, safety, or property, and that of our users

Information shared with service providers may be used for app functionality, account management, subscription management, crash reporting, diagnostics, security, fraud prevention, compliance, and service improvement.

8. Data Security

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit using HTTPS
• Secure on-device token storage using platform-native encrypted storage, such as Keychain on iOS and Keystore on Android
• Regular security assessments and updates
• Access controls and authentication mechanisms
• Secure payment processing through trusted providers

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee its absolute security.

9. Account and Data Deletion

Registered users can delete their Habesha Drive account themselves from the Profile screen in the mobile app or from the Profile page on the website.

Guest users do not have a registered account. Guest users are available only in the Habesha Drive mobile app. There are no guest users on the Habesha Drive website. Guest users can reset their history data in the mobile app. When a guest user resets their history data, the existing guest history data is cleared and a new empty guest user account is created automatically.

If you encounter an error, or if you do not have access to the mobile app or website to delete your account, please contact us at [email protected].

We will delete or anonymize personal information within 30 days of a valid deletion request, unless we are required to retain certain information for legal, security, fraud prevention, accounting, tax, subscription, app store transaction, or dispute-resolution purposes.

Account Deletion Instructions: https://www.habeshadrive.com/account-deletion

10. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy:

• Registered account data is retained while your account is active
• Subscription and purchase records are retained as needed for billing, app store, legal, tax, accounting, fraud prevention, subscription management, or dispute-resolution purposes
• Crash reports and diagnostics are retained only as long as needed for debugging, service improvement, security, and diagnostics
• Guest user account history data may remain on the device until you reset it, clear app data, or uninstall the app
• Support communications may be retained as needed to respond to your request and maintain support records

11. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal information:

• Access: Request access to the personal information we hold about you
• Correction: Request correction of inaccurate or incomplete information
• Deletion: Request deletion of your personal information
• Portability: Request a copy of your data in a portable format
• Objection: Object to our processing of your personal information
• Restriction: Request restriction of processing your personal information
• Withdraw Consent: Withdraw your consent at any time where we rely on consent

To exercise these rights, please contact us at [email protected]. We will respond to your request within 30 days.

12. Legal Bases for EEA and UK Users

For users in the European Economic Area and the United Kingdom, we process personal information based on one or more legal bases, including performance of a contract, legitimate interests, legal obligations, and consent where required.

• Performance of a contract: To provide the app, website, accounts, subscriptions, premium access, and support
• Legitimate interests: To secure the service, fix bugs, prevent fraud, improve app reliability, manage subscriptions, and understand essential app usage
• Legal obligations: To comply with tax, accounting, legal, and regulatory requirements
• Consent: For optional notifications, marketing, or other processing where required

13. Local Storage and Device Data

Our mobile application stores certain data locally on your device to support app functionality and improve your experience:

• Authentication tokens stored in encrypted device storage, such as Keychain on iOS and Keystore on Android
• User preferences such as theme, language selection, and jurisdiction
• Cached content to support limited offline functionality
• In-progress test state to allow session recovery
• Guest user account data, history data, and reset state

You can clear locally stored data by using available reset options in the app, clearing the app data through your device settings, or uninstalling the application.

14. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence where Habesha Drive or its service providers operate. These countries may have different data protection laws. We use appropriate safeguards where required to protect your personal information in accordance with this Privacy Policy.

15. Children's Privacy

Habesha Drive is not intended for children under the age of 13, and we do not knowingly collect personal information from children under 13. Our services are intended for users who are old enough to prepare for driving theory tests in their jurisdiction. If you are a parent or guardian and believe that a child has provided us with personal information, please contact us and we will take steps to delete the information.

If Habesha Drive is ever made available to children or families, we will update this Privacy Policy and our data practices to comply with applicable children's privacy laws and Google Play Families Policy requirements.

16. Data Safety and App Store Disclosures

Our Google Play Data Safety section and other app store privacy disclosures are intended to summarize our mobile app data practices. This Privacy Policy provides additional detail. We aim to keep these disclosures accurate and consistent with this Privacy Policy.

17. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, regulatory, or operational reasons. We will notify you of any material changes by posting the new Privacy Policy within the application and updating the “Last updated” date. We encourage you to review this Privacy Policy periodically.

18. Specific Regional Rights

18.1 European Economic Area (EEA) Users

If you are located in the EEA, you have additional rights under the General Data Protection Regulation (GDPR), including the right to lodge a complaint with your local data protection authority.

18.2 California Residents

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information we collect, the right to delete your information, and the right to opt out of the sale of your personal information. We do not sell personal information.

18.3 Other Jurisdictions

We comply with applicable data protection laws in all jurisdictions where we operate. If you have specific questions about your rights in your jurisdiction, please contact us.

19. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

Support: [email protected]

Public Privacy Policy URL: https://www.habeshadrive.com/privacy

Account Deletion Instructions: https://www.habeshadrive.com/account-deletion

20. Related Policies

For more information about how we operate, please review our Terms and Conditions, accessible from the Info screen within the application.