Triple Check — Privacy Policy

1. Information we collect

Information you provide

• Account information: when you register or sign in we collect your first name, last name, and email address.
• User content: notes, to‑do lists and texts you create and save in the app.
• Temporary photos: if you use the paid cloud‑sync feature, the app uploads a single temporary photo per user to Supabase (encoded). Each new photo replaces the previous one.

Automatically collected information

• Diagnostics & crash reports: we use Sentry to collect diagnostic data and crash reports to help us find and fix issues. This data helps us analyze errors but is not shared with other third parties for marketing purposes.

Payment information

• Payments for subscriptions or in‑app purchases are handled by RevenueCat (which in turn uses Apple In‑App Purchase). We do not collect or store your raw payment card details.

2. How we use your information

We use the information we collect to:

• Create and manage your account;
• Provide the core app features (saving your notes, todos, and check records);
• Sync paid features (temporary photo storage) to your account;
• Diagnose and fix errors using Sentry;
• Respond to your inquiries and support requests;
• Comply with legal obligations.

We do not use your personal data for advertising, profiling for marketing, or sell it to third parties.

3. Where and how data is stored

• All user data (account details, notes, todos, and temporary photos) is stored in Supabase.
• Temporary photos are stored Encoded and are overwritten when you upload a new photo (there is only one stored photo per user for the temporary sync feature).
• Connections to Supabase use secure transport (HTTPS). Supabase access controls (including Row Level Security if configured) and authentication protect the data.

4. Third parties and sharing

We use the following third‑party services:

• Supabase — primary data storage and authentication.
• Sentry — crash reporting and diagnostics.
• RevenueCat — subscription and purchase management.

We do not share personal data with other third parties for marketing or advertising. We may disclose personal data to comply with legal requests or to protect rights and safety.

5. Payments & billing

• Purchases and subscriptions are handled through RevenueCat and Apple In‑App Purchases. RevenueCat may process transactional metadata required to manage subscriptions (transaction identifiers, subscription status). Please refer to RevenueCat's privacy documentation for details about their data handling.
• We do not store raw payment card numbers or payment credentials on our servers.

6. Data retention and deletion

• You can delete your account at any time from within the app. When you delete your account, we will delete your account details, notes, todos and the temporary photo from Supabase.
• If you request account deletion, we will also remove personal data from active systems within a reasonable timeframe consistent with legal restrictions and technical constraints. Backups may persist for a limited period as required by our backup and disaster‑recovery processes, but such backups are deleted or overwritten according to our retention schedule.

7. Security

• We protect data in transit with HTTPS and rely on Supabase security features to protect stored data.
• Temporary photos are stored Encoded in Supabase and access is restricted to authenticated accounts; avoid storing extremely sensitive images.
• While we take reasonable measures to protect your data, no system is completely secure. We cannot guarantee absolute security.

8. Your rights

Depending on your jurisdiction you may have rights including:

• Access to the personal data we hold about you;
• Rectification of inaccurate or incomplete data;
• Deletion (right to be forgotten) of your data;
• Portability (receive a copy of your data in a common format);
• Restriction of processing and objection to certain uses.

To exercise these rights, contact us at pro.grb.studio@gmail.com. We may ask for information to verify your identity before fulfilling requests.

9. Children

The app is not intended for children under 13 (or the minimum age in your country). We do not knowingly collect personal data from children. If you believe a child under the applicable age has provided us personal data, contact us and we will take steps to delete such data.

10. International transfers

Triple Check is operated worldwide and stores data in Supabase servers which may be located outside your country. By using the app you consent to transfer of your information to countries that may have different data protection laws. We rely on appropriate safeguards where required by law.

11. Changes to this policy

We may update this Privacy Policy from time to time. We will post the updated policy in the app and on any website linked from the App Store listing with the new effective date. Substantial changes will be communicated via the email address you provided if required by law.

12. Contact

If you have questions, requests or complaints about this policy or our handling of your data, please contact:

Régis Grumberg

Email: pro.grb.studio@gmail.com

French translation (Traduction française — pour information)

Date d'entrée en vigueur : 16 octobre 2025

Développeur / Responsable du traitement : Régis Grumberg —pro.grb.studio@gmail.com

Triple Check est une application conçue pour aider les personnes ayant des comportements de vérification liés au TOC. Cette version française est fournie à titre informatif ; la langue de l'application reste l'anglais.

(La version française reprend les mêmes sections : Données collectées, Utilisation, Stockage (Supabase), Services tiers (Sentry, RevenueCat), Suppression du compte, Sécurité, Droits, Enfants, Transferts internationaux, Modifications et Contact.)

Pour toute demande en français, contactez-nous à pro.grb.studio@gmail.com.