Legal

Privacy Policy

Effective date: April 25, 2026

Toatre (“we”, “our”, or “us”) operates the Toatre application and the website at toatre.com(collectively, the “Service”). This Privacy Policy explains what information we collect, why we collect it, how we use and protect it, and your rights over it — including our use of data obtained through Google Sign-In and other Google APIs.

1. Information We Collect

1.1 Information you provide directly

Account information — your chosen @handle when you sign up.
Voice captures — audio recordings you make inside the app, which are sent to our servers for transcription and extraction.
Text input — text you type as an alternative to voice.
Toats — the structured timeline items (tasks, events, meetings, etc.) created from your captures.

1.2 Information received from Google Sign-In

When you authenticate with Google, we receive the following data from Google’s OAuth 2.0 service:

Email address — used as your primary account identifier and to send transactional messages (e.g., magic-link sign-in emails).
Display name — shown in your profile and used to personalise the experience.
Profile photo URL — displayed as your avatar inside the app.
Google User ID (sub) — used internally to uniquely identify your account and prevent duplicate registrations.

We request only the openid, email, and profile scopes. We do not request access to your Google Drive, Gmail, Calendar, Contacts, or any other Google product data.

1.3 Information collected automatically

Session data — a secure session cookie (toatre_session) stored as an httpOnly, Secure cookie with a 14-day expiry.
Usage analytics— anonymised product events (e.g., “capture started”, “toat created”) collected via PostHog with IP addresses masked. No advertising profiles are built.
Error diagnostics — crash reports collected via Sentry, which may include device type, OS version, and a stack trace. No user content is included in crash reports.
Server logs — standard request logs (IP address, user-agent, HTTP status) retained for 30 days for security and debugging.

2. How We Use Your Information

We use the information collected solely for the following purposes:

Data	Purpose
Email address	Account creation, sign-in authentication, transactional emails (e.g., magic links, Ping notifications)
Display name & photo	Personalising your in-app experience; shown only to you
Google User ID	Linking your Google account to your Toatre account; preventing duplicate accounts
Voice audio	Transcribed server-side via OpenAI Whisper to produce a text transcript; audio is deleted from our servers within 60 seconds of transcription
Transcript & toats	Processed by an AI model to extract structured timeline items; stored in your personal account for retrieval
Analytics events	Understanding feature usage to improve the product; no advertising use
Error reports	Diagnosing and fixing bugs; improving reliability

We do not use Google user data to train AI or machine-learning models, to build advertising profiles, or to target you with third-party advertising.

3. How We Share Your Information

We do not sell, rent, or trade your personal data. We share data only with the following categories of sub-processors, strictly to operate the Service:

Sub-processor	Role	Data shared
Google Firebase (Firebase Auth)	Authentication provider	Email, display name, Google User ID
MongoDB Atlas (AWS eu-west-1)	Primary database	All account and toat data — stored encrypted at rest
DigitalOcean App Platform	Web and API hosting	Request logs; no persistent user data stored on compute instances
OpenAI	Speech-to-text and AI extraction	Raw audio (Whisper) and transcript text (GPT). Data is not used to train OpenAI models under our enterprise agreement
Sentry	Error monitoring	Crash reports — no user-generated content included
PostHog	Product analytics	Anonymised usage events — IP is masked before storage
Resend	Transactional email	Your email address and email content (e.g., magic-link emails)
Twilio	SMS Pings (optional)	Your phone number if you opt into SMS notifications

We may disclose information if required by law, court order, or to protect the rights, property, or safety of Toatre, our users, or the public.

4. Data Storage and Protection

All data in transit is encrypted using TLS 1.2 or higher.
All data at rest in MongoDB Atlas is encrypted using AES-256.
Session cookies are flagged httpOnly, Secure, and SameSite=Lax, making them inaccessible to JavaScript and protected against CSRF.
Firebase Auth tokens are short-lived (1 hour) and exchanged for a server-managed session cookie; raw Firebase ID tokens are never stored server-side.
Voice audio is processed in memory and purged from temporary storage within 60 seconds of transcription completion; it is never written to persistent storage.
Access to production systems is restricted to authorised personnel using multi-factor authentication and least-privilege IAM roles.
We perform regular dependency audits and follow the OWASP Top 10 guidance for our web application.

5. Data Retention and Deletion

5.1 Retention periods

Data type	Retention period
Account profile (email, name, handle)	Until account deletion
Toats and captures	Until deleted by you or account deletion
Voice audio	Maximum 60 seconds after transcription; then purged
Session cookies	14 days from last sign-in, or until sign-out
Server request logs	30 days
Anonymised analytics events	Up to 24 months
Error/crash reports	90 days

5.2 How to delete your data

You can delete your Toatre account and all associated personal data at any time:

Open the Toatre app → Settings → Account.
Tap “Delete my account” and confirm.

Upon deletion, your account record, toats, captures, and handle are permanently removed from our database within 30 days. Anonymised analytics events (which contain no personal identifiers) may persist for up to 24 months.

You may also email us at [email protected] to request deletion and we will process your request within 30 days.

6. Google API Services User Data Policy

Toatre’s use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically, data received from Google APIs:

Is used only to provide and improve the Toatre application for the authenticated user.
Is not transferred to third parties except as necessary to provide the Service, subject to confidentiality obligations.
Is not used for serving advertisements or building advertising profiles.
Is not used to train generative AI or machine-learning models.
Is not sold or made available to data brokers.

7. Your Rights

Depending on your jurisdiction, you may have the following rights:

Access — request a copy of the personal data we hold about you.
Rectification — request correction of inaccurate data.
Erasure — request deletion of your data (see §5.2 above).
Portability — request your toats and captures in a machine-readable format.
Objection — object to certain processing activities.
Withdrawal of consent — revoke Google account access at any time via your Google Account permissions page. This will not delete your Toatre account or data, but will prevent future Google Sign-In until re-authorised.

To exercise any of these rights, email [email protected].

8. Children's Privacy

The Service is not directed to individuals under 13 years of age. We do not knowingly collect personal data from children under 13. If you believe we have inadvertently collected such data, please contact us immediately at [email protected].

9. Changes to This Policy

We may update this Privacy Policy periodically. When we make material changes, we will update the effective date above and, where required by law, notify you via email or an in-app notice. Your continued use of the Service after the effective date constitutes acceptance of the updated policy.

10. Contact Us

For privacy questions, data requests, or concerns, please contact:

Toatre
Email: [email protected]
Website: toatre.com