RECOVERY OS — PRIVACY POLICY

Effective date: 5 May 2026. Last updated: 9 June 2026. We may update this page when the app or data practices change; the in-app About screen links to this URL for the Play Store listing.

1. Who we are

Recovery OS is published by PhaseWright Labs (developer: CodeManMike). This policy describes how the Recovery OS mobile and web app handles information.

PhaseWright Labs is the data controller for personal information processed by Recovery OS. PhaseWright Labs is an independent developer operating from Cape Town, South Africa. For a postal contact, email [email protected] (or: support [at] recoveryos.org) and we will respond with one on request.

2. Local-first data

Your recovery logs, journal content, slip/lapse episodes, daily slip markers, settings, and most app data are stored on your device (browser localStorage on web, the same persisted store in the Android wrapper). A slip is stored as recovery history and daily context; it does not reset your clean-day counter to zero. We do not operate a Recovery OS user account or identity service. Optional Google Drive backup/sync uses your Google account only if you choose to connect it, and only for user-owned cloud storage described below.

3. When data leaves your device

Data may leave your device only when you take an action that implies sharing or export, for example:

3a. Optional Google Drive backup/sync

If you choose to connect Google Drive, Recovery OS uses Google Identity Services and the Google Drive API to create or update a Recovery OS backup file in your own Google Drive. This is optional and separate from a Recovery OS account. You sign in with your own Google account when you enable backup/sync. PhaseWright Labs and Recovery OS servers do not receive, host, or read your Google Drive backup data. The app may read, download, or decrypt the file on your device when you choose to restore or sync it. Google stores the file under Google's privacy policy and your Google account settings.

The Drive backup/sync file is a Recovery OS backup snapshot. It may include local app storage such as daily logs, journal/reflection content, clean date, slip/lapse episodes, daily slip markers, settings, progress state, Pro entitlement state, and tour/restore metadata. It is intended to match the local export/restore backup surface so you can recover or sync your own data.

Passphrase encryption is strongly recommended for Drive backups. If you provide a passphrase, the app encrypts the snapshot in the browser/device before upload using Web Crypto; the passphrase is not stored by Recovery OS and cannot be recovered by PhaseWright Labs. If you choose plaintext backup/sync, the file is readable by anyone with access to that Google Drive file, so the app requires an explicit risk acknowledgement first. Local on-device data is not app-encrypted beyond the operating system protections described in Security.

4. Google Play Billing (Android)

If you purchase Pro through Google Play, Google processes payment and subscription status according to Google's privacy policy. We receive purchase confirmation through the platform billing APIs on your device so we can unlock Pro features. We do not receive your full payment card number.

5. Gift codes and optional operator unlock (server)

If you redeem a gift code, the app sends the code, your email address (for recovery), and an anonymous per-install device identifier to our entitlement service (Cloudflare Worker) so we can validate the code and bind it to your device. We use that contact only for entitlement support unless you separately email us.

If remote operator unlock is enabled in your build, a support unlock code may be sent to the same class of service for verification. That code is used only to issue a time-bounded unlock token and is not used for marketing.

5a. Optional in-app bug reports (Firebase no-reply relay)

If you choose to submit a bug report from within the app, we send the report to a Firebase-hosted relay so we can route it to our support mailbox. The payload may contain:

We do not include your journal entries, sobriety start date, or chosen name in bug reports. This data is used only for support and debugging, not for advertising or profiling.

6. Analytics and advertising (the app)

The app does not include third-party analytics SDKs or advertising networks. We do not sell your personal information.

6a. Cookies and tracking on recoveryos.org (marketing site)

Our public marketing site at recoveryos.org — separate from the app itself — uses cookies and similar technologies for analytics and marketing, gated behind the cookie banner shown on your first visit:

CategoryTechnologyPurposeLoads before consent?
Necessary Local storage of your cookie choice Remembers your cookie preference so we don't ask every visit Yes (required for the banner itself to function)
Analytics Google Tag Manager (GTM) & Google Analytics 4 (GA4) Aggregate traffic and usage measurement (pages viewed, waitlist conversions, section engagement) No — only after you accept analytics cookies
Marketing Meta (Facebook) Pixel Measuring and improving campaign performance for RecoveryOS ads and posts No — only after you accept marketing cookies

You can change your choice at any time using the Cookie settings link in the site footer. Where Google Consent Mode v2 is supported, we also signal your choice directly to Google's tags. This site does not currently offer a full cookie policy separate from this section; the categories above are exhaustive for recoveryos.org as of the effective date below.

6b. Marketing site waitlist (recoveryos.org)

Our public marketing site at recoveryos.org includes an optional early-access waitlist. If you submit your email address there, we store the following in Google Firebase / Cloud Firestore as our processor:

To prevent automated abuse, the waitlist form is protected by Google reCAPTCHA v3 via Firebase App Check. Submitting the form involves Google collecting browser and device signals (cookies, IP address, interaction signals) under Google's privacy policy.

We use waitlist information only to send launch updates, tester-cohort invites, and release announcements relating to RecoveryOS. We do not share it with advertising or analytics providers. Waitlist data is retained until public launch plus a reasonable wind-down period; you can request deletion at any time via the support contact below, and we respond to deletion requests within 30 days.

7. Notifications

Local reminders (daily log, medications, weekly summary) are scheduled on your device. We do not send push notifications from our servers in the current product.

8. Health-adjacent information

Recovery OS may help you track routines and reflections related to wellbeing. It is not a medical device and not a substitute for professional care. Information you enter may be sensitive; treat your device and backups accordingly.

9. Retention and deletion

Data categoryRetention
Local app data (journal, settings, voice memos) Until you delete it in-app or uninstall the app. Voice memos auto-purge after 28 days.
Optional Google Drive backup/sync file Stored in your Google Drive until you delete it there or replace it through sync. Revoking or disconnecting Drive access stops Recovery OS from accessing the file, but it does not necessarily delete the file from Google Drive. PhaseWright Labs does not receive or retain a copy.
Gift / operator-unlock records (Cloudflare Worker) Until the entitlement expires + 30 days, then deleted.
Bug reports (support mailbox / relay) 90 days from receipt, then deleted.
Waitlist (Firestore) Until public launch + 90 days, then deleted. Earlier on request.

10. Audience

Recovery OS is intended for adults (18 and over) managing their own recovery. It is not directed at children. We do not knowingly process information from anyone under 18; if you believe a minor has provided information, contact us and we will delete it.

11. Your rights under GDPR and similar laws

If the GDPR (EU/EEA, UK) or a similar privacy law applies to you, you have the right to access, rectify, erase, restrict, object to, port, or withdraw consent for our processing of your personal information, and to lodge a complaint with a supervisory authority. To exercise any of these rights, email [email protected]. We will respond within 30 days. Where Cloudflare or Google process data on our behalf outside your region, we rely on the EU-U.S. Data Privacy Framework and Standard Contractual Clauses as applicable.

12. Security

We use HTTPS for all network requests. Local data is protected by your device's standard storage protections — we set Android allowBackup=false so Android Auto Backup does not sync app data off-device. We do not encrypt local data at rest beyond what the operating system provides.

13. Contact

For privacy questions, contact [email protected] (or: support [at] recoveryos.org).

RecoveryOS home · Terms of service · AI info · Cookie settings