Privacy Policy

Effective date: March 6, 2026

1. Introduction

This Privacy Policy describes how Tenere LLC ("we," "us," or "our") collects, uses, stores, and shares information when you use the SnapJournal mobile application ("App") and related services. By using the App, you agree to the practices described in this policy.

2. Information We Collect

2.1 Account Information

When you sign in with Apple or Google, we collect the following from your authentication provider:

  • Email address
  • Display name (if provided by your sign-in provider)
  • Profile picture URL (Google only)
  • Authentication provider identifier

OAuth tokens from Apple and Google are verified once during sign-in and are not stored on our servers.

2.2 Photos and Images

The App requests access to your device's camera to capture photos of your handwritten planner or journal pages. Images are compressed and uploaded to our servers for AI-powered schedule extraction. Photos are also stored locally on your device.

2.3 Calendar Data

With your permission, the App connects to your calendars to create, update, and delete events extracted from your planner photos. We support:

  • Apple Calendar — via the iOS EventKit framework
  • Google Calendar — via the Google Calendar API (scope: calendar.events)
  • Outlook Calendar — via the Microsoft Graph API (scopes: Calendars.ReadWrite, User.Read)

Calendar data sent to these services includes event title, date, start and end time (with timezone), description, and reminder settings.

2.4 Device and Technical Data

We automatically collect:

  • IP address (used for rate limiting and security; not used for tracking)
  • Device push notification token (APNs)
  • Basic request metadata (user agent, request path, response time)

Sensitive fields such as email addresses, tokens, and API keys are automatically redacted from our server logs.

3. How We Use Your Information

3.1 AI-Powered Schedule Extraction

When you upload a photo, the image is sent to Google Gemini (a third-party AI service provided by Google) for analysis. The AI extracts schedule entries (dates, titles, times) from your handwritten text. The full image is sent to Google for processing.

Important: Any content visible in your uploaded photos — including personal notes, names, or other handwritten text — will be processed by Google's AI service subject to Google's API Terms of Service. We recommend only uploading pages that contain scheduling information.

3.2 Calendar Synchronization

Extracted events are synced to your connected calendars. You review and confirm all events before they are added to your calendar.

3.3 Push Notifications

We send two types of push notifications:

  • Transactional: notifying you when AI extraction is complete or when no entries were found
  • Marketing: news, feature updates, and tips — only if you opt in

You can disable marketing notifications at any time in the App's settings. You can disable all notifications in your device's system settings.

3.4 Error Monitoring

We use Sentry to collect crash reports, error logs, and performance data to diagnose and fix issues in the App.

4. iCloud Sync

You may optionally enable iCloud sync in the App's settings. When enabled, your schedule entries and calendar connection records are synced across your Apple devices via Apple's iCloud service.

Photos and AI extraction results are not synced to iCloud — they remain on your local device only.

iCloud sync is governed by Apple's iCloud Terms.

5. Data Storage and Security

5.1 On Your Device

  • Authentication tokens and credentials are stored in the iOS Keychain (encrypted, hardware-protected)
  • Photos, extraction results, and sync records are stored in a local database that never leaves your device
  • Preferences (notification settings, default calendar) are stored in local app storage

5.2 On Our Servers

  • User accounts, image metadata, and extracted schedule entries are stored in Supabase (managed PostgreSQL database)
  • Uploaded images are stored in Cloudflare R2 (cloud object storage)

5.3 Security Measures

All communication between the App and our servers uses HTTPS encryption. API access is authenticated using JSON Web Tokens (JWT). Each request is verified to ensure users can only access their own data. We apply rate limiting to prevent abuse.

6. Third-Party Services

The App relies on the following third-party services, each with their own privacy policies:

  • Google — sign-in, Gemini AI image analysis, Google Calendar integration
  • Apple — sign-in, push notifications (APNs), iCloud sync, Apple Calendar
  • Microsoft — Outlook Calendar integration
  • Supabase — database hosting
  • Cloudflare — image storage (R2)
  • Sentry — error and crash monitoring
  • Canny — in-app feedback and feature requests
  • Upstash — rate limiting

7. Data Retention

  • Account data, uploaded images, and extracted schedule entries are retained on our servers for as long as your account exists.
  • Push notification tokens are retained until you unregister or the token becomes invalid.
  • Local data (photos, extraction results, tokens) is deleted from your device when you log out of the App.
  • Rate limiting data expires automatically within 60 seconds.

8. Account Deletion

You may request deletion of your account and all associated data by contacting us at snapjournal@snap-journal.app. Upon receiving your request, we will delete your account data, uploaded images, and extracted schedule entries from our servers within 30 days.

When you log out of the App, all local data on your device (photos, tokens, preferences, and sync records) is automatically and permanently deleted.

9. Your Rights

Depending on your location, you may have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data
  • Request a copy of your data in a portable format
  • Opt out of marketing communications

To exercise any of these rights, contact us at snapjournal@snap-journal.app. We will respond within 30 days.

10. Children's Privacy

The App is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If we learn that we have collected personal information from a child under 13, we will delete that information promptly. If you believe a child under 13 has provided us with personal information, please contact us at snapjournal@snap-journal.app.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by updating the effective date at the top of this page. Your continued use of the App after changes are posted constitutes your acceptance of the updated policy. We encourage you to review this page periodically.

12. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at:

Tenere LLC
Email: tenere@hellotenere.com