1. What Information Do We Collect?
Personal information you disclose to us
In short: We collect personal information that you provide to us.
We collect personal information that you voluntarily provide when you register on the Services, express an interest in obtaining information
about us or our products and Services, participate in activities on the Services, or otherwise contact us.
Personal information provided by you may include:
- Push notifications
- User-generated content
- Device identifiers
- Photos and camera access
Sensitive Information. We do not process sensitive information.
Payment Data
We may collect data necessary to process your payment if you choose to make purchases, such as your payment instrument details.
All payment data is handled and stored by RevenueCat and Apple.
You can review their privacy notices here:
Application Data
If you use our application, we may collect the following information if you choose to provide access or permission:
- Mobile Device Access. We may request access to features on your device, including your camera. You can change these permissions in your device settings.
- Mobile Device Data. We may automatically collect device information such as device ID, model, manufacturer, operating system, version information, configuration details, browser type and version, hardware model, carrier, IP address, and information about the features of our app that you use.
- Push Notifications. We may request permission to send push notifications related to your account or app features. You can turn these off in your device settings.
This information helps maintain the security and operation of the app, supports troubleshooting, and powers internal analytics and reporting.
All personal information you provide must be true, complete, and accurate. You must notify us of any changes.
Information collected from other sources
In short: We may collect limited data from public databases, marketing partners, and other outside sources.
To enhance our ability to provide relevant marketing, offers, and services, and to update our records, we may obtain information from sources such as
public databases, joint marketing partners, affiliate programs, data providers, social media platforms, and other third parties.
This may include mailing addresses, job titles, email addresses, phone numbers, intent data, IP addresses, social media profiles, and custom profiles.
2. How Do We Process Your Information?
In short: We process your information to provide, improve, and administer our Services, communicate with you, prevent fraud, and comply with law.
We process your personal information for a variety of reasons, depending on how you interact with our Services, including:
- To facilitate account creation and authentication and otherwise manage user accounts. We may process your information so you can create and log in to your account and keep it in working order.
- To deliver and facilitate delivery of services to the user. We may process your information to provide requested services.
- To send administrative information to you. We may process your information to send details about our products and services, changes to our terms and policies, and similar notices.
- To save or protect an individual's vital interest. We may process your information when necessary to prevent harm.
- To verify subscription status and enforce feature access. We use anonymous purchase identifiers via RevenueCat to determine which features a user is entitled to, including Pro vault access, widgets, and unlimited tracking.
3. What Legal Bases Do We Rely On to Process Your Personal Information?
In short: We only process your personal information when we have a valid legal basis under applicable law.
If you are located in the EU or UK
The GDPR and UK GDPR require us to explain the legal bases we rely on to process your personal information.
We may rely on the following:
- Consent. We may process your information if you have given us permission to do so for a specific purpose. You can withdraw your consent at any time.
- Performance of a Contract. We may process your personal information when necessary to fulfill our contractual obligations to you or provide Services before entering into a contract.
- Legal Obligations. We may process your information to comply with legal obligations, cooperate with law enforcement or regulatory bodies, exercise or defend legal rights, or disclose information in litigation.
- Vital Interests. We may process your information where necessary to protect your vital interests or the vital interests of another person.
If you are located in Canada
We may process your information if you have given us express or implied consent, depending on applicable law.
You can withdraw your consent at any time.
In some exceptional cases, we may be legally permitted to process your information without consent, including:
- If collection is clearly in an individual's interests and consent cannot be obtained in a timely way
- For investigations and fraud detection and prevention
- For business transactions if certain conditions are met
- If it is contained in a witness statement and needed to assess, process, or settle an insurance claim
- For identifying injured, ill, or deceased persons and communicating with next of kin
- If we reasonably believe an individual has been, is, or may be the victim of financial abuse
- If obtaining consent would compromise the availability or accuracy of the information and the collection is reasonable for investigating a breach of an agreement or a contravention of law
- If disclosure is required to comply with a subpoena, warrant, court order, or court rules
- If the information was produced by an individual in the course of employment, business, or profession and the collection is consistent with the purpose for which it was produced
- If the collection is solely for journalistic, artistic, or literary purposes
- If the information is publicly available and specified by regulation
- We may disclose de-identified information for approved research or statistics projects, subject to ethics oversight and confidentiality commitments
4. When and With Whom Do We Share Your Personal Information?
In short: We may share information in specific situations described in this section and with the following third parties.
We may share your data with third-party vendors, service providers, contractors, or agents who perform services for us or on our behalf
and require access to such information to do their work. We have contracts in place designed to help safeguard your personal information.
Third parties we may share personal information with
- OpenAI, for AI-powered functionality such as image analysis
- RevenueCat, for subscription management
- Supabase, for backend data storage and sync
- Apple, for push notifications and platform services
We may also share your personal information in the following situations:
- Business Transfers. We may share or transfer your information in connection with a merger, sale of company assets, financing, or acquisition of all or part of our business.
5. Do We Offer Artificial Intelligence-Based Products?
In short: We offer products, features, or tools powered by artificial intelligence, machine learning, or similar technologies.
As part of our Services, we offer AI-powered products and features designed to improve your experience.
The terms in this Privacy Notice govern your use of those features.
Use of AI technologies
We provide AI-powered features through third-party service providers, including OpenAI.
Your input, output, and personal information may be shared with and processed by these AI service providers as needed to enable the AI features.
You must not use these AI features in any way that violates the terms or policies of the provider.
Our AI products
Our AI features currently support:
How we process your data using AI
All personal information processed through our AI products is handled in line with this Privacy Notice and our agreements with third parties.
6. Is Your Information Transferred Internationally?
In short: We may transfer, store, and process your information in countries other than your own.
Our servers are located in the United States. If you access our Services from outside the United States,
your information may be transferred to, stored by, and processed by us and by third parties in the United States and other countries.
If you are in the European Economic Area, United Kingdom, or Switzerland, those countries may not have data protection laws as comprehensive as those in your country.
We will take all necessary measures to protect your personal information in accordance with this Privacy Notice and applicable law.
European Commission's Standard Contractual Clauses
We have implemented safeguards including the European Commission's Standard Contractual Clauses for transfers of personal information
between our group companies and between us and our third-party providers. These clauses require recipients to protect personal information
originating from the EEA or UK in accordance with European data protection laws. Our Standard Contractual Clauses can be provided upon request.
7. How Long Do We Keep Your Information?
In short: We keep your information for as long as needed to fulfill the purposes described in this Privacy Notice unless a longer period is required by law.
We will only keep your personal information for as long as it is necessary for the purposes set out in this Privacy Notice,
unless a longer retention period is required or permitted by law, such as for tax, accounting, or other legal requirements.
In general, no purpose in this notice requires us to keep your information longer than the period during which you maintain an account with us.
When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it.
If that is not possible, for example because it has been stored in backup archives, we will securely store your personal information
and isolate it from further processing until deletion becomes possible.
8. How Do We Keep Your Information Safe?
In short: We aim to protect your personal information through technical and organizational security measures.
No online system is fully secure. We use reasonable safeguards, but no storage method or data transmission method offers a full guarantee.
We have implemented appropriate and reasonable technical and organizational security measures designed to protect the security of personal information we process.
Even so, no electronic transmission over the internet or information storage technology can be guaranteed to be 100% secure.
We cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security
and improperly collect, access, steal, or modify your information. You should only access the Services within a secure environment.
9. Do We Collect Information From Minors?
In short: We do not knowingly collect data from or market to children under 18 years of age.
We do not knowingly collect, solicit, or market to children under 18, and we do not knowingly sell such personal information.
By using the Services, you represent that you are at least 18, or that you are the parent or guardian of a minor and consent to the minor's use of the Services.
If we learn we have collected personal information from a child under 18, we will deactivate the account and take reasonable steps to delete that data.
If you believe we may have collected information from a child under 18, contact us at
[email protected].
10. What Are Your Privacy Rights?
In short: Depending on where you live, you may have rights that allow greater access to and control over your personal information.
In some regions, including the EEA, UK, Switzerland, Canada, and certain US states, you may have rights under applicable data protection laws.
These may include the right to request access, obtain a copy, correct inaccuracies, request deletion, restrict processing, request portability,
and object to certain processing. If a decision that produces legal or similarly significant effects is made solely by automated means,
we will inform you, explain the main factors, and provide a way to request human review.
If you are located in the EEA or UK and believe we are unlawfully processing your personal information,
you may complain to your
Member State data protection authority
or the
UK data protection authority
.
If you are in Switzerland, you may contact the
Federal Data Protection and Information Commissioner
.
Withdrawing your consent
If we rely on your consent to process your personal information, which may be express or implied depending on applicable law,
you have the right to withdraw your consent at any time by contacting us using the details in the contact section below.
This will not affect the lawfulness of processing before withdrawal or any processing based on legal grounds other than consent.
Account Information
If you would like to review or change the information in your account or terminate your account, you can:
- Log in to your account settings and update your user account.
Upon your request to terminate your account, we will deactivate or delete your account and information from our active databases.
We may retain some information to prevent fraud, troubleshoot problems, assist with investigations, enforce legal terms, and comply with applicable legal requirements.
If you have questions or comments about your privacy rights, email us at
[email protected].
11. Controls for Do-Not-Track Features
Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track ("DNT") feature or setting you can activate
to signal your privacy preference not to have data about your online browsing activities monitored and collected.
At this time, no uniform technology standard for recognizing and implementing DNT signals has been finalized.
As a result, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online.
If a standard is adopted in the future that we must follow, we will update this Privacy Notice.
California law requires us to explain how we respond to DNT signals.
Because there is currently no industry or legal standard for recognizing or honoring DNT signals, we do not respond to them at this time.
12. Do United States Residents Have Specific Privacy Rights?
In short: If you are a resident of California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky,
Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, or Virginia,
you may have rights to request access to, correct, delete, or obtain a copy of your personal information,
and to withdraw consent where applicable.
Categories of Personal Information We Collect
The table below shows the categories of personal information we have collected in the preceding twelve (12) months.
| Category |
Examples |
Collected |
| A. Identifiers |
Real name, alias, postal address, phone number, unique personal identifier, online identifier, IP address, email address, account name |
Yes |
| B. Personal information as defined in the California Customer Records statute |
Name, contact information, education, employment, employment history, financial information |
Yes |
| C. Protected classification characteristics under state or federal law |
Gender, age, date of birth, race and ethnicity, national origin, marital status, and other demographic data |
No |
| D. Commercial information |
Transaction information, purchase history, financial details, payment information |
Yes |
| E. Biometric information |
Fingerprints and voiceprints |
No |
| F. Internet or other similar network activity |
Browsing history, search history, online behavior, interest data, interactions with websites, applications, systems, and advertisements |
No |
| G. Geolocation data |
Device location |
No |
| H. Audio, electronic, sensory, or similar information |
Images and audio, video, or call recordings created in connection with our business activities |
No |
| I. Professional or employment-related information |
Business contact details, job title, work history, and professional qualifications if you apply for a job with us |
No |
| J. Education information |
Student records and directory information |
No |
| K. Inferences drawn from collected personal information |
Profiles or summaries about preferences and characteristics |
No |
| L. Sensitive personal information |
Any sensitive personal information as defined by applicable law |
No |
We may also collect other personal information when you interact with us in person, online, by phone, or by mail in the context of:
- Receiving help through customer support channels
- Participation in customer surveys or contests
- Facilitating delivery of our Services and responding to inquiries
Retention of collected categories
- Category A: As long as the user has an account with us
- Category B: As long as the user has an account with us
- Category D: As long as the user has an account with us
Sources of personal information
Learn more in the section What Information Do We Collect?.
How we use and share personal information
Learn more in the section How Do We Process Your Information?.
We collect and share your personal information through:
Will your information be shared with anyone else?
We may disclose your personal information with service providers under written contracts.
We may also use your personal information for our own business purposes, such as internal research for technological development and demonstration.
This is not considered "selling" your personal information.
We have not sold or shared any personal information to third parties for a business or commercial purpose in the preceding twelve (12) months.
We have disclosed the categories of personal information listed above to third parties for a business or commercial purpose as described in
When and With Whom Do We Share Your Personal Information?.
Your Rights
You may have the following rights under certain US state data protection laws:
- Right to know whether we are processing your personal data
- Right to access your personal data
- Right to correct inaccuracies in your personal data
- Right to request deletion of your personal data
- Right to obtain a copy of the personal data you shared with us
- Right to non-discrimination for exercising your rights
- Right to opt out of targeted advertising, sale of personal data, or profiling in furtherance of decisions that produce legal or similarly significant effects
Depending on your state, you may also have rights to:
- Access categories of personal data being processed
- Obtain a list of categories of third parties to which we disclosed personal data
- Obtain a list of specific third parties to which we disclosed personal data
- Obtain a list of third parties to which we sold personal data
- Review and question certain profiling activities
- Limit the use and disclosure of sensitive personal data where allowed by law
- Opt out of the collection of sensitive data and personal data collected through voice or facial recognition features where allowed by law
How to Exercise Your Rights
To exercise these rights, you can submit a
data subject access request
,
email us at
[email protected],
or use the contact details at the bottom of this notice.
Under certain US state laws, you can designate an authorized agent to make a request on your behalf.
We may deny a request from an authorized agent if they do not submit proof that they are validly authorized to act on your behalf.
Request Verification
Upon receiving your request, we will verify your identity to determine that you are the same person about whom we have information.
We will only use personal information provided in your request to verify your identity or authority to make the request.
If we cannot verify your identity using information already maintained by us, we may request additional information for verification and fraud prevention.
Appeals
Under certain US state laws, if we decline to act on your request, you may appeal our decision by emailing
[email protected].
We will inform you in writing of the action taken or not taken in response to the appeal, including the reasons for our decision.
If your appeal is denied, you may submit a complaint to your state attorney general.
California "Shine The Light" Law
California Civil Code Section 1798.83 permits California residents to request and obtain, once a year and free of charge,
information about categories of personal information disclosed to third parties for direct marketing purposes
and the names and addresses of those third parties during the immediately preceding calendar year.
To make such a request, contact us using the details in the contact section below.
13. Do We Make Updates to This Notice?
In short: Yes. We will update this notice as needed to stay compliant with relevant laws.
We may update this Privacy Notice from time to time. The updated version will be indicated by an updated "Last updated" date at the top of this notice.
If we make material changes, we may notify you by posting a prominent notice or by sending a direct notification.
We encourage you to review this Privacy Notice regularly.
14. How Can You Contact Us About This Notice?
If you have questions or comments about this notice, you may email us at
[email protected]
or contact us by post at:
Joshua Sean Johnson
631 Brawley School Rd
Ste 300 #1139
Mooresville, NC 28117
United States
15. How Can You Review, Update, or Delete the Data We Collect From You?
Based on the applicable laws of your country or your US state of residence, you may have the right to request access to the personal information we collect from you,
review how we have processed it, correct inaccuracies, or delete your personal information.
You may also have the right to withdraw consent to our processing of your personal information.
These rights may be limited in some circumstances by applicable law.
To request to review, update, or delete your personal information, please complete and submit a
data subject access request
.
