Privacy Policy

{{APP_NAME}} is operated by {{COMPANY}}. If you have a privacy question, write to {{CONTACT_EMAIL}} and a human will reply.

Account data. Email address (used for sign-in and account recovery), display name, and a username you pick.

Your content. Whatever you put in {{APP_NAME}} — vault items, tasks, lists, notes, attachments. This is yours. We store it on your behalf.

Household membership. Which households you belong to and who else is in them. Required to show shared items to the right people.

Billing. If you upgrade to Pro, we store your Stripe customer ID and subscription status. We never see or store full card numbers — Stripe handles that.

Operational logs.Server logs (request paths, status codes, error messages) and authentication events. We don't track you around the internet, and we don't run third-party analytics or ad pixels.

We don't train AI on your content. Full stop. The vault is not a corpus.

We don't sell your data, rent it, or share it with advertisers. We have no advertisers.

We don't scan your notes or vault for marketing signals. The content is just storage for you.

Personal items are visible only to you. Database row-level security (RLS) policies enforce this at the row layer — even our own queries can only see your data when run on your behalf.

Items shared with a household are visible to every current member of that household. If a member leaves, they lose access immediately.

Items shared with specific people are visible only to the usernames you list, plus you. You can change the list any time.

We use a small set of processors to run the service. Each handles a narrow slice of your data:

• Supabase — hosts the database, file storage (for vault attachments), and authentication. Data is stored encrypted at rest in their EU region.
• Vercel — hosts the web application and serverless functions. Sees HTTP requests and response bodies in transit.
• Stripe — processes payments. Sees email, payment method, and Pro plan choice. Stripe is the only party that sees your card details.
• Resend — sends renewal reminder emails on our behalf. Sees recipient email, item name, and renewal date.
• Apple — when in-app purchases ship, Apple processes those subscriptions and shares with us whether you have an active subscription.

Our infrastructure is hosted in the European Union. Some processors (Stripe, Vercel, Apple) operate global networks and may transfer data outside the UK/EU under standard contractual clauses or equivalent protections.

We keep your data for as long as your account exists. Household activity entries are kept for 30 days then deleted automatically. Done items on shopping lists auto-archive 24 hours after they were ticked off.

When you delete your account, every row you own is deleted within minutes. Backups are rotated within 30 days.

You can, at any time:

• Export your data as a JSON file from your profile page (Pro accounts).
• Delete your account and everything in it from your profile page. This is immediate and cannot be undone.
• Update your data — every screen that shows content lets you edit or remove it.
• Ask us a question or raise a complaint by emailing {{CONTACT_EMAIL}}.

If you're in the UK and we don't resolve a concern to your satisfaction, you can complain to the Information Commissioner's Office at ico.org.uk.

Connections to {{APP_NAME}}are encrypted with HTTPS. Data at rest is encrypted on Supabase's servers. Access to your rows is controlled by row-level security policies that check your authentication token on every request.

We don't use end-to-end encryption for vault items in this version. Server-side encryption with RLS is the model, similar to Notion. We're evaluating zero-knowledge personal items for a future release.

{{APP_NAME}}isn't designed for under-13s. We don't knowingly collect data from children. If you believe a child has signed up, write to {{CONTACT_EMAIL}}and we'll delete the account.

We'll update this page when the privacy practices change. Material changes will be announced inside the app. The effective date at the top reflects the most recent version.