Last updated: May 28, 2026
This Privacy Policy explains how Creative Adventures Lab ("we", "us", "our") collects, uses, discloses, and protects information in connection with the Tidy: Cleaning Routines for Real Life mobile application (available on the App Store and Google Play, also referred to as "Tidy" or "the App"). It also describes your rights under applicable data protection law, including the EU General Data Protection Regulation ("GDPR") and the California Consumer Privacy Act as amended by the California Privacy Rights Act ("CCPA/CPRA").
Please read this policy carefully. By installing or using the App, you acknowledge that you have read and understood it.
1. Our Core Privacy Principle
Tidy is designed to be private by default and local-first. Your rooms, tasks, cleaning history, streaks, sessions, settings, and widget data are stored exclusively on your device — none of this content is stored on our servers when you use the App on your own.
If you choose to share a household with other people, the minimum data required to keep everyone in sync (the household name, an 8-character invite code, each member's chosen avatar name and avatar emoji, each member's join-request status — pending, approved, or rejected — task definitions, task assignments, completion timestamps, and, if you grant notification permission, your device's push token for household notifications) is stored on our backend so that all members of the same household see the same shared chore board in real time. This server-side storage is opt-in: it only happens after you tap "Create a household" or "Join with invite code".
The App uses anonymous authentication only. We do not offer Sign in with Apple, Sign in with Google, email/password sign-up, or any other identity-based login. Each device receives its own anonymous Supabase user; there is no concept of a Tidy "account" tied to your real-world identity.
Outside of household sharing and subscription verification, we collect the minimum data necessary to provide and protect the subscription service. We do not collect your email address, phone number, postal address, location, IP address, contacts list, photos, browsing history, or any behavioural analytics from your use of the App's core features. We do not run any third-party analytics, telemetry, advertising, or tracking SDK in the App.
When you create or join a household, you choose how you appear to other members. The App offers two options: pick a preset avatar (e.g. "Broomhilda", "Sir Bubbles") or type a custom display name (capped at 30 characters). If you choose the custom-name option, that string is stored on our servers in the household member row and visible to other approved members of the same household. Users who do not want to share their real name can simply pick a preset avatar instead. Section 2.3 below describes this in detail.
2. Data We Collect and Why
2.1 Anonymous Server-Side Session
On first launch on a mobile device, the App silently creates a Supabase anonymous session for your device. This is a randomly generated UUID with no link to your name, email, phone, or any other identifier — Supabase does not know who you are. The session token (a JWT access token plus a refresh token) is stored in your device's secure storage via react-native-encrypted-storage (iOS Keychain / Android EncryptedSharedPreferences backed by the Android Keystore) so that the same identity persists across App launches on the same device.
You never need to provide an email address, password, name, phone number, or third-party identity (such as Apple ID or Google Account) to use the App. The App does not offer any sign-in screen, social-login button, or email/password flow. The anonymous session is required to access the subscription verification endpoint and, if you opt in, the household sharing tables.
2.2 Data Stored on Our Servers — Personal Account & Subscription
The following data is stored in our server-side database (Supabase Postgres). It is the complete list of personal-account data — nothing else about you is stored server-side outside of household sharing (Section 2.3).
| Data Element | Table / Column | Purpose | Basis (GDPR) |
|---|---|---|---|
| Anonymous user UUID | auth.users.id (Supabase Auth) |
Surrogate key for all server-side records. Randomly generated; not linked to any real-world identity. The App never asks for or stores a name, email, password, phone number, or any third-party identity provider. | Contract performance (Art. 6(1)(b)) |
| Last sign-in timestamp | auth.users.last_sign_in_at (Supabase Auth) |
The date and time the App last established an authenticated session with our backend. Recorded automatically by Supabase on every token refresh or re-authentication. Not visible through any App UI; used solely for security auditing and account-deletion request processing. | Legitimate interest — security and fraud prevention (Art. 6(1)(f)) |
| Subscription plan | subscriptions.product_id |
Which Tidy+ plan you purchased: Monthly (auto-renewing, 7-day free trial), Yearly (auto-renewing, 7-day free trial), or Lifetime (one-time purchase, no trial). | Contract performance (Art. 6(1)(b)) |
| Platform | subscriptions.platform |
Either ios or android. |
Contract performance (Art. 6(1)(b)) |
| Subscription status | subscriptions.status |
One of: active, expired, revoked. The canonical record of your subscription state, updated by purchase verification and by webhook events from Apple and Google. |
Contract performance (Art. 6(1)(b)) |
| Subscription expiry timestamp | subscriptions.expires_at |
The date your current subscription period ends. Used to determine whether your access is still active on launch. | Contract performance (Art. 6(1)(b)) |
| Lifetime flag | subscriptions.is_lifetime |
True if you purchased the lifetime tier (one-time, non-renewing). | Contract performance (Art. 6(1)(b)) |
| Trial flag | subscriptions.is_trial |
True if you are currently inside the 7-day intro free trial. | Contract performance (Art. 6(1)(b)) |
| Original transaction identifier | subscriptions.original_transaction_id |
For Apple, the originalTransactionId from the StoreKit 2 receipt. For Google, the purchaseToken. Used for receipt-replay prevention and to allow Apple/Google webhook events to locate the correct user record. |
Legitimate interest — subscription fraud prevention (Art. 6(1)(f)) |
| Environment flag | subscriptions.environment |
sandbox or production — distinguishes test purchases from live ones. |
Contract performance (Art. 6(1)(b)) |
| Last verification timestamps | subscriptions.created_at, subscriptions.updated_at |
When the server first recorded and last updated your subscription state. | Contract performance (Art. 6(1)(b)) |
We do not collect: email address, phone number, postal address, precise or coarse location data, advertising ID, device fingerprints, IP address (beyond transient TLS-layer presence), browsing history, contact lists, photographs, microphone or camera input, health data, crash reports, or behavioural analytics from your use of the App's core features.
We collect a display name only if you opt in to household sharing and choose the custom-name option (Section 2.3). The App never asks for your real-world name outside of that single optional field, and you can avoid providing one by choosing a preset avatar instead.