Privacy Policy

Effective Date: March 19, 2026

Mornist ("we," "our," or "us") is operated by OguzHub. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and related services (collectively, the "Service").

1. Information We Collect

Account Information: When you create an account, we collect your email address and a password (stored as a salted hash). You may also provide a preferred name or identity title (e.g., "Sergeant," "Doctor").

Alarm & Sleep Data: We collect your current wake time, target wake time, alarm history (scheduled times, dismiss times, response latency), and cycle progress. This data powers the Neuro-Periodization algorithm that calculates your next alarm.

Usage Analytics: We collect anonymized event data (e.g., "dashboard_viewed," "alarm_fired," "alarm_dismissed") to improve the app experience. We do not track your location, contacts, or browsing history.

Content Preferences: Evening intentions, engagement with morning speeches, and content interaction data help us personalize your experience.

Device Information: We may collect device type and operating system version for crash reporting and compatibility purposes.

2. How We Use Your Information

• Alarm Calculation: Your wake time data drives the 2-1-1 Neuro-Periodization protocol to calculate optimal alarm times.
• AI-Personalized Content: We use Amazon Bedrock (Claude AI) to generate personalized morning speeches based on your identity, progress, and engagement patterns. Your data is sent to AWS services for processing.
• Voice Synthesis: Amazon Polly converts text speeches into audio. The generated audio is cached on Amazon S3 for faster delivery.
• Service Improvement: Aggregated analytics help us understand feature usage and improve the app.
• Communication: We may send you service-related emails (e.g., password reset). We do not send marketing emails without your consent.

3. Data Storage & Infrastructure

Your data is stored on Amazon Web Services (AWS) infrastructure in the us-east-1 (N. Virginia) region:

• Database: Amazon RDS (PostgreSQL) stores account data, alarm history, and analytics.
• Audio Cache: Amazon S3 stores generated speech audio files.
• Local Storage: The app uses Hive (encrypted local database) on your device to store alarm state, preferences, and offline data. This data never leaves your device unless you explicitly sync with the backend.

All data in transit is encrypted using TLS/SSL. Data at rest is encrypted using AWS managed encryption keys.

4. Data Sharing

We do not sell, rent, or trade your personal information to third parties. We share data only with:

• AWS Services: Amazon Bedrock, Polly, RDS, S3, and Lambda process your data to provide the Service. AWS acts as our data processor under their privacy policy.
• Legal Requirements: We may disclose information if required by law, court order, or governmental request.

We do not use any third-party analytics, advertising, or tracking services.

5. Data Retention

We retain your data for as long as your account is active. Alarm history older than 90 days is automatically pruned. If you delete your account, all personal data is permanently removed within 30 days. Anonymized, aggregated analytics may be retained indefinitely.

6. Your Rights

You have the right to:

• Access: Request a copy of all personal data we hold about you.
• Correction: Update or correct inaccurate information via the app settings.
• Deletion: Request deletion of your account and all associated data at mornist.app/delete-account.
• Data Portability: Request your data in a structured, machine-readable format.
• Withdraw Consent: You may withdraw consent at any time by deleting your account.

To exercise these rights, contact us at contact@mornist.app.

7. Children's Privacy

Mornist is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If we learn that we have collected data from a child under 13, we will delete it promptly.

8. International Data Transfers

Your data is processed in the United States (AWS us-east-1 region). By using the Service, you consent to the transfer of your data to the United States. We ensure appropriate safeguards are in place for international data transfers in compliance with applicable data protection laws.

9. Security

We implement industry-standard security measures including encrypted data transmission (TLS), hashed passwords (bcrypt), JWT-based authentication with short-lived tokens, and AWS security best practices. However, no method of transmission over the Internet is 100% secure.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy on this page and updating the "Effective Date." Your continued use of the Service after changes constitutes acceptance of the updated policy.

11. Contact Us

If you have questions about this Privacy Policy, please contact us:

• Email: contact@mornist.app
• Publisher: OguzHub