Privacy Policy
Last updated: January 5, 2026
TwineDay is a family calendar app based in the United Kingdom. We take your privacy seriously and want you to understand exactly what data we collect, why we collect it, and how we protect it.
1. What We Collect
Account Information
- Your name and email address
- Password (encrypted, we cannot read it)
- Subscription status
Calendar Data
- Events you create (titles, dates, times, locations, notes)
- Family member names you add
- Children's names you add
- Event assignments
Wellness Data
- Supplements and daily care items
- Microbreak schedules
- Me Time activities
Usage Data
- How you use the app (which features, when)
- Device type and operating system
- Crash reports (to fix bugs)
2. How We Use Your Data
- To provide the service: Your calendar data is stored so you can access it
- To improve the app: Anonymous usage patterns help us make TwineDay better
- To send notifications: Event reminders and daily briefings (if enabled)
- To process payments: Subscription management through Apple/Google
3. Voice and Document Processing (Smart Plan)
If you use voice commands or document scanning:
- Voice recordings are sent to OpenAI (Whisper) for transcription
- Documents are sent to Google (Gemini) for text extraction
- These services process your data temporarily to extract calendar information
- Neither OpenAI nor Google store your data after processing
- We do not store voice recordings or document images
4. Who We Share Data With
We only share data with services that help run TwineDay:
| Service | Purpose | Location |
|---|---|---|
| Supabase | Database hosting | EU |
| OpenAI | Voice transcription | US |
| Document scanning | US | |
| RevenueCat | Subscription management | US |
| Apple/Google | Payment processing | US |
We do not sell your personal information to anyone.
5. Where Your Data Is Stored
- Your primary data is stored in the European Union (Supabase EU region)
- Voice and document processing happens in the US but data is not retained
- Subscription data is managed by Apple/Google in the US
6. How Long We Keep Data
- Active accounts: As long as you use TwineDay
- Deleted accounts: All data permanently removed within 30 days
- Voice recordings: Never stored (processed and discarded immediately)
- Scanned documents: Never stored (processed and discarded immediately)
7. Your Rights
For All Users
You can access, export, or delete your data at any time through Profile → Legal & Data.
UK and EU Residents (GDPR)
- Right to access your data
- Right to correct inaccurate data
- Right to delete your data
- Right to export your data (portability)
- Right to restrict processing
- Right to object to processing
- Right to withdraw consent
- Right to complain to the ICO (ico.org.uk)
California Residents (CCPA)
- Right to know what data we collect
- Right to delete your data
- Right to opt-out of sale (we don't sell data)
- Right to non-discrimination
Australian Residents
- Right to access your data
- Right to correct your data
- Right to complain to the OAIC (oaic.gov.au)
8. Children's Privacy
- TwineDay is for adults (18+) to manage family calendars
- Children's profiles are created by parents, not by children themselves
- We do not knowingly collect data directly from children
- If you believe a child has created an account, contact us immediately
9. Security
- All data is encrypted in transit (HTTPS) and at rest
- Passwords are hashed (we cannot read them)
- Row Level Security ensures you can only access your own data
- Regular security audits
10. Changes to This Policy
We'll notify you of significant changes via email or in-app notification. Continued use after changes means you accept the updated policy.
11. Contact Us
Questions about privacy? Email us at support@twineday.app