Privacy Policy
Effective date: April 2025 · App: Tovi Score
Your privacy matters to us. This policy explains what data Tovi Score collects, how we use it, who we share it with, and what rights you have. We've written it in plain English — no legalese.
📷 Photos you upload are processed by our AI and deleted immediately after scoring. They are never stored permanently and are never used to train AI models.
1. Who We Are
Tovi Score is an iOS application. For any privacy questions, contact us at hello@toviscore.app.
2. What Data We Collect
We collect only what we need to operate the app:
- Account data: If you sign in with Apple, we receive your email address (or an Apple-generated relay address). We never receive your Apple ID password.
- Photos: When you upload a photo for scoring, it is transmitted securely to our backend for AI analysis. The photo is deleted immediately after the score is generated — it is never stored persistently.
- Usage data: Your score history (score values, categories, timestamps), preferences, and in-app settings are stored so you can review your progress over time.
- Score cards: If you generate a shareable score card, an image of that card may be stored temporarily via Cloudinary for sharing purposes.
- Subscription status: We store whether you have an active Pro subscription (managed via RevenueCat) so we can unlock Pro features.
3. Guest Mode
You can use Tovi Score without creating an account. In guest mode, you can complete one score, which is stored in a separate guest table. If you later create an account, your guest score can be claimed and moved to your account. Guest data is deleted if no account is linked within 30 days.
4. How We Use Your Data
- To generate AI scores and return results to you
- To maintain your score history and app preferences
- To manage your subscription status
- To provide customer support if you contact us
- To improve app performance (aggregated, anonymised analytics only)
We do not sell your personal data. We do not use your photos or scores for AI training. We do not serve third-party advertising.
5. Authentication
Authentication is handled via Sign in with Apple, managed through Supabase. We receive your email address or Apple relay address only. We have no access to your Apple ID credentials or any other Apple account information.
6. Subscriptions & Payments
Subscriptions are managed entirely through the Apple App Store. We do not collect or process payment information directly. RevenueCat is used to verify your subscription status server-side. Your payment details remain with Apple at all times.
7. Third-Party Services
We use the following third-party services to operate the app:
- Supabase — Database and authentication (EU servers)
- Render — Backend hosting and API
- Cloudinary — Temporary storage of generated score card images
- RevenueCat — Subscription management and verification
- Anthropic (Claude API) — AI analysis of uploaded photos to generate scores
Each of these services has its own privacy policy. We do not share your data with any other third parties.
8. Data Retention
- Photos: Deleted immediately after scoring. Not stored.
- Score history: Retained until you delete your account.
- Account data: Retained until you delete your account.
- Score card images: Retained until regenerated or your account is deleted.
- Guest data: Deleted after 30 days if no account is linked.
9. Your Rights
You have the right to:
- Access the personal data we hold about you
- Correct inaccurate data
- Delete your account and all associated data
- Export your score history
To delete your account, go to Settings → Delete Account in the app. This permanently removes all your data from our systems. You can also email us at hello@toviscore.app to request deletion.
10. Children's Privacy
Tovi Score is not intended for users under 13 years of age. We do not knowingly collect data from children under 13. If you believe a child under 13 has created an account, please contact us and we will delete the data promptly.
11. Security
All data is transmitted over HTTPS. We use industry-standard security practices including encrypted database storage, access controls, and regular security reviews. No system is perfectly secure, but we take reasonable measures to protect your data.
12. Changes to This Policy
We may update this Privacy Policy from time to time. If we make significant changes, we will notify you via the app. Continued use of the app after changes constitutes acceptance of the updated policy. The effective date at the top of this page reflects when the policy was last updated.
13. Contact
Questions about this policy? Get in touch: hello@toviscore.app