PlacePal Privacy Policy

1. Information We Collect

Information You Provide

• Email address: used to create and manage your account via secure authentication (Supabase Auth with PKCE flow)
• First name (optional): used for personalized greetings within the App
• Voice preference: your selected text-to-speech voice setting
• Support and communication submissions (optional): text or category you submit via in-app support (currently: Feedback in Settings), plus device info, user ID, and any files you attach (such as screenshots).

Information Created Through Use

• Items and locations: when you tell PlacePal where you put something, we store the item name, location description, and category in our database so you can retrieve it later
• Voice recordings: your voice is processed entirely on your device using WhisperKit, an on-device speech recognition model. Audio is converted to text on your iPhone and is never sent to our servers or any third party. The raw audio is not stored after transcription.

Information Collected Automatically

• Authentication events: we track authentication funnel stages (requested, delivered, clicked, verified) using a SHA256 hash of your email address. We do not store your raw email in analytics.
• App usage events: we record feature usage events (e.g., voice processing, container creation, export actions) tied to your user ID. These help us understand how the App is used and improve the experience.
• API usage: we track daily request counts for rate limiting (50 requests/day on the free tier).

2. How We Use Your Information

We use your information to:

• Provide the service: store your items and locations, process your voice queries, and return spoken responses
• Process your voice input: your transcribed text (not audio) is sent to our server, where it is processed by Claude (Anthropic's AI) to understand your intent (e.g., storing an item, searching for an item). Claude does not retain your data after processing.
• Generate spoken responses: your response text is sent to Cartesia for text-to-speech audio generation
• Authenticate your account: verify your identity and maintain your session
• Improve the App: analyze aggregated, non-identifying usage patterns
• Communicate with you: respond to support requests sent to privacy@heyplacepal.com
• Handle support and communication: when you submit feedback or reach out for support, your message is delivered to our team inbox via our email provider (see §3)

We do not use your information for advertising, sell it to third parties, or build marketing profiles.

3. Third-Party Services

PlacePal uses the following third-party services to operate:

Each service operates under its own privacy policy. We select services that align with our commitment to data minimization.

4. Data Storage and Security

• Database hosting: Supabase (United States)
• Authentication tokens: Stored in iOS Keychain with device-only access. Encrypted, not backed up to iCloud.
• Row-Level Security: Every database table uses Supabase Row-Level Security (RLS), meaning you can only access your own data
• Email privacy: Authentication analytics use SHA256-hashed email addresses. Your raw email is not stored in analytics tables.
• Encryption: Data is encrypted in transit (TLS) and at rest (Supabase infrastructure encryption)
• Authentication flow: PKCE (Proof Key for Code Exchange), an industry-standard secure authentication pattern for native apps

5. Data Retention and Deletion

• Items: When you delete an item, it is soft-deleted (marked with a deletion timestamp). Soft-deleted items are excluded from all queries and responses. Permanent deletion from the database occurs within 30 days.
• Account deletion: You may request full account deletion by emailing privacy@heyplacepal.com. We will delete your account and all associated data within 30 days of a verified request.
• Authentication events: Retained for up to 90 days for security monitoring, then automatically purged.
• App usage events: Retained for analytics purposes. Upon account deletion, all associated events are deleted via database cascade.

6. Your Rights

You have the right to:

• Access your data: view all items, locations, and profile information within the App
• Correct your data: edit item names, locations, and profile details within the App
• Delete your data: delete individual items within the App or request full account deletion via email
• Export your data: export your items in CSV, JSON, or PDF format from within the App
• Withdraw consent: stop using the App at any time; request account deletion to remove all stored data

California residents (CCPA): We do not sell personal information. We do not share personal information for cross-context behavioral advertising. You may request disclosure of the categories of personal information collected by contacting privacy@heyplacepal.com.

7. Children's Privacy

PlacePal is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, please contact privacy@heyplacepal.com and we will delete it promptly.

8. Permissions

PlacePal requests the following device permissions:

• Microphone: required for voice input. Audio is processed on-device by WhisperKit and is never transmitted. You can revoke microphone access in iOS Settings at any time; the App will still function for browsing stored items but voice input will be unavailable.

PlacePal does not access your camera, photos, contacts, location, calendar, or health data.

9. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you through the App or via email before the changes take effect. The "Last Updated" date at the top reflects the most recent revision.

10. Contact

For privacy questions, data requests, or concerns:

Email: privacy@heyplacepal.com