Privacy Policy

Last Updated: December 26, 2025

SubPrivy ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and services.

1. Information We Collect

1.1 Information You Provide

• Account Information: When you create an account, we collect your email address and create a unique forwarding email address for you.
• Subscription Data: Information about your subscriptions that you manually add or that we extract from forwarded emails, including:
  • Service names (e.g., "Netflix," "Spotify")
  • Subscription amounts and currency
  • Billing cycles (weekly, monthly, quarterly, yearly)
  • Renewal dates
  • Trial periods and trial end dates
  • Cancellation URLs
  • Notes you add to subscriptions

1.2 Information Collected Automatically

• Email Processing Data: When you forward emails to your SubPrivy address, we process:
  • Email content (to extract subscription information)
  • Email metadata (subject line, sent date)
  • Service name extracted from emails
  • Timestamp of when emails were forwarded
• Device Information: We may collect information about your mobile device, including device type, operating system version, and unique device identifiers for push notification delivery.
• Usage Data: Information about how you use the app, such as:
  • Subscription creation and update timestamps
  • Notification preferences
  • Categories assigned to subscriptions

2. How We Use Your Information

We use the information we collect to:

• Provide and Maintain Services: Process forwarded emails, extract subscription details using AI, and manage your subscription data.
• Send Notifications: Deliver push notifications about upcoming renewals and trial endings based on your preferences.
• Improve Our Services: Analyze usage patterns to enhance the app's functionality and user experience.
• Customer Support: Respond to your questions and provide technical support.
• Security: Detect, prevent, and address technical issues and fraudulent activity.

3. AI and Email Processing

SubPrivy uses artificial intelligence (Claude by Anthropic) to automatically extract subscription information from forwarded emails. Here's how it works:

• When you forward an email to your unique SubPrivy address, the content is sent to our secure servers.
• We use Claude AI to parse the email and extract relevant information (service name, amount, billing cycle, renewal date, trial information).
• The extracted data is saved to your account and synced to your device.
• Original email content is not permanently stored; only the extracted subscription details are retained.
• Email forwarding logs (service name and timestamp) are kept for your reference and troubleshooting.

4. Data Storage and Security

4.1 Where Your Data is Stored

• Local Storage: Subscription data is primarily stored on your device using SwiftData.
• Cloud Backup: Your subscription data is securely backed up to Supabase (hosted on AWS) to enable sync across devices and data recovery.
• Geographic Location: Our servers are located in the United States (AWS us-east-1 region).

4.2 Security Measures

We implement industry-standard security measures to protect your data:

• All data transmitted between your device and our servers is encrypted using HTTPS/TLS.
• Passwords are never stored; we use secure authentication through Supabase Auth.
• Database access is protected with row-level security policies.
• Email forwarding endpoints require authentication to prevent unauthorized access.

5. Data Sharing and Third Parties

We do not sell, trade, or rent your personal information to third parties. We may share information with:

5.1 Service Providers

• Supabase: Database and authentication services (privacy policy: https://supabase.com/privacy)
• Anthropic (Claude AI): Email parsing and subscription data extraction (privacy policy: https://www.anthropic.com/legal/privacy)
• SendGrid: Email forwarding infrastructure (privacy policy: https://www.twilio.com/legal/privacy)
• Apple: Push notification delivery through Apple Push Notification Service

5.2 Legal Requirements

We may disclose your information if required by law or in response to valid requests by public authorities.

6. Your Rights and Choices

You have the following rights regarding your data:

6.1 Access and Portability

• View all your subscription data within the app.
• Request a copy of your data by contacting support@subprivy.app.

6.2 Correction and Deletion

• Edit or update subscription information directly in the app.
• Delete individual subscriptions at any time.
• Request complete account deletion by contacting support@subprivy.app. Upon deletion, all your data will be permanently removed within 30 days.

6.3 Notification Preferences

• Control push notification settings in the app's Settings screen.
• Choose reminder frequency (7 days, 3 days, 1 day before renewal).
• Set preferred notification time.
• Disable notifications entirely through iOS Settings.

6.4 Email Forwarding

• Stop forwarding emails to your SubPrivy address at any time.
• View email forwarding history in the app.

7. Data Retention

• Active Subscriptions: Stored as long as your account is active.
• Cancelled Subscriptions: Retained until you delete them or delete your account.
• Email Forwarding Logs: Retained for 90 days for troubleshooting purposes.
• Deleted Accounts: All data permanently deleted within 30 days of account deletion request.

8. Children's Privacy

SubPrivy is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately.

9. International Users

If you are accessing SubPrivy from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States. By using our services, you consent to the transfer of your information to the United States.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by:

• Posting the new Privacy Policy on this page
• Updating the "Last Updated" date
• Sending a notification through the app for significant changes

We encourage you to review this Privacy Policy periodically for any changes.

11. California Privacy Rights

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA):

• Right to know what personal information we collect, use, and disclose
• Right to request deletion of your personal information
• Right to opt-out of sale of personal information (we do not sell personal information)
• Right to non-discrimination for exercising your privacy rights

12. European Users (GDPR)

If you are in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR):

• Right to access your personal data
• Right to rectification of inaccurate data
• Right to erasure ("right to be forgotten")
• Right to restrict processing
• Right to data portability
• Right to object to processing

Our legal basis for processing your data is your consent and the performance of our contract with you.

13. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

• Email: support@subprivy.app
• Website: https://subprivy.app