Privacy Policy

At a Glance

• We collect only what you give us and what the app needs to function.
• We do not sell your data. Ever.
• We do not use your data for advertising or build ad profiles.
• Bank connection (via Stripe Financial Connections) is optional and read-only. We never move money.
• Your Vault documents are encrypted end-to-end. Umbrellia cannot read them.
• You control exactly what your household members can see.
• Weekly SMS summaries are opt-in only. You can stop them anytime by replying STOP.

Contents

1. Information We Collect
2. How We Use Your Information
3. Household & Partner Sharing
4. AI Features & Brellie Companion
5. Camera & Documents
6. Financial Information (Stripe Financial Connections)
7. Push Notifications & SMS
8. How We Share Your Information
9. Data Security
10. Data Retention
11. Your Rights & Choices
12. California Privacy Rights (CCPA)
13. Children's Privacy
14. International Users
15. Changes to This Policy
16. Contact Us

1. Information We Collect

1.1 Account & Profile Information

When you create an account, we collect:

• Email address and encrypted password (or Apple Sign-In token)
• Display name and avatar preferences
• Household type (individual, couple, or family)
• Role within the household (admin or member)

1.2 Tasks & Calendar

• Task titles, categories, priorities, due dates, and notes
• Task completion records including timestamps
• Calendar event titles, dates, times, categories, and descriptions
• Assigned household member for tasks and events

1.3 Habits

• Habit names, categories, target frequencies, and pillar assignments (Body, Mind, Soul, Home)
• Daily completion records used to calculate streaks

1.4 Mood Tracking

Mood data is private by default and is never shared with household members unless you explicitly enable sharing.

• Mood zone selection (Radiant, Standard, Low, or Stressed)
• Optional written notes attached to mood entries
• Date and time of each check-in
• Historical mood data used to display your personal trends within the App

1.5 Notes

• Note titles and written content you create
• Privacy setting per note (private or shared with household)

1.6 Household Data

• Household goals — titles, descriptions, target dates, and completion status
• Important dates — names, dates, and categories (anniversary, birthday, etc.)
• Household name and invite codes

1.7 Vault (Secure Document Storage)

The Vault is protected by biometric authentication and end-to-end encryption. We collect:

• Files you upload — images (JPEG, PNG) and PDF documents (max 25 MB per file)
• Document display names, categories (Vital Instruments, Medical Wing, Property Portfolio), and visibility settings (private or shared)
• Upload timestamps

Important: Vault documents are encrypted on your device before upload using end-to-end encryption. Umbrellia servers store only ciphertext. Umbrellia personnel cannot read your Vault documents. Even in the event of a server breach, your documents cannot be decrypted without your PIN and device credentials.

1.8 Kitchen & Meal Planning

• Recipe names, ingredients, prep times, and notes
• Planned meal dates and assigned cook

1.9 Wellness Data (EFS Engine)

The App uses an Executive Function Score (EFS) to personalize your experience. This is computed locally on your device using:

• Sleep quality data (synced from Apple HealthKit or Google Fit, only if you grant permission)
• Hydration logs you manually enter in the App
• Mood zone selection
• Task and event load

EFS is a private score used only to personalize your in-app experience. It is never shared with partners or third parties.

1.10 Financial Information

Connecting a bank account is entirely optional. If you do not connect a bank account, no financial data of any kind is collected. See Section 6 for full details.

1.11 Automatically Collected Information

• Device information — device model, operating system version, and app version
• Usage analytics — features used and screens visited, collected via PostHog. No financial data, mood entries, vault content, or message content is included in analytics events.
• Error and crash reports — anonymized technical error logs via Sentry to identify bugs. Reports do not include financial data, vault document content, mood entries, or personal content.
• Push notification tokens — only if you grant notification permission
• Phone number — only if you opt in to weekly SMS summaries

1.12 Biometric Data

Umbrellia uses your device's built-in biometric system (Face ID or Touch ID on iOS; fingerprint or face unlock on Android) to verify your identity before accessing the Vault and before viewing connected bank accounts. Umbrellia never receives, transmits, stores, or processes raw biometric data. All biometric processing occurs entirely on-device via the operating system. We receive only a pass/fail result.

1.13 Health & Fitness Data

If you grant HealthKit (iOS) or Google Fit (Android) permission, the App reads sleep duration and quality data to calculate your EFS. This data is read-only. Umbrellia does not write to HealthKit or Google Fit. You can revoke this permission at any time from your device's health app settings.

2. How We Use Your Information

We do not use your data for advertising, ad targeting, or to build advertising profiles. We do not sell your personal information.

3. Household & Partner Sharing

Umbrellia is designed for shared household use. You control what household members can see. Nothing is shared beyond your household except as described in Section 8.

Household members can only read data shared with them. They cannot modify or delete your private content.

4. AI Features & Brellie Companion

Umbrellia includes AI-powered features, including the Brellie companion and AI suggestions. All AI features are powered by Google Gemini, accessed via Umbrellia's own backend service (our ai-router). Your data is never sent directly from your device to Google.

4.1 Brellie AI Companion

When you interact with Brellie, the App sends a context summary to our AI service. This may include:

• Your overdue or upcoming tasks and events
• Your habit streak and recent completion data
• Your household meal plans
• Your subscription activity (count and renewal alerts)
• Your most recent mood zone (not written notes), if you have mood sharing enabled or for your own private use

Brellie conversation context is stored in your account to maintain continuity across sessions.

4.2 What We Never Send to AI

• Vault document contents or files (except when you explicitly tap “Share with Brellie” — see below)
• Full bank transaction histories or account numbers
• Account balances
• Raw mood journal notes
• Your partner's private data

4.3 Share with Brellie (Vault Documents)

You may choose to share a specific Vault document with Brellie on a per-session basis. When you do:

• The document is decrypted on your device only
• The plaintext is transmitted to our AI service via encrypted connection (TLS 1.3)
• The session expires automatically after 10 minutes
• Plaintext is never stored server-side after the session ends
• A confirmation modal is displayed before any document is shared

Note: Do not enter sensitive personal information (Social Security numbers, passwords, bank account numbers) into Brellie chat prompts. Treat Brellie like any AI assistant.

4.4 AI Training

Your data and conversations are not used to train AI models.

5. Camera & Documents

5.1 Camera Access

Umbrellia requests camera access only when you initiate one of these actions:

• Vault uploads — photographing a document to add to your secure vault
• School Hub — photographing a school flyer or document for OCR processing (Family plan only)
• Profile avatar — taking a photo for your profile picture

Camera is never accessed in the background. You can deny camera permission and still use all other App features.

5.2 Photo Library Access

Umbrellia requests photo library access so you can select existing images for the Vault or your profile. We only access photos you explicitly select. We do not scan, index, or upload your photo library in the background.

5.3 Uploaded Files

Files uploaded to the Vault are encrypted on your device before transmission and stored in a private, encrypted cloud storage bucket. They are accessible only to you and household members you choose to share with. Files are never used for AI training and are never accessed by Umbrellia personnel except as required by law.

5.4 OCR / Vision AI (School Hub)

If you use the School Hub school flyer scanning feature (Family plan), images are processed by Google Vision AI via our backend service to extract text. The image is not stored after OCR processing is complete. Extracted text is stored in your account as a school document record.

6. Financial Information (Stripe Financial Connections)

Connecting a bank account is entirely optional. If you do not connect a bank account, no financial data of any kind is collected or stored.

6.1 How Bank Connection Works

1. You are presented with Stripe Financial Connections — a secure interface hosted entirely by Stripe
2. You authenticate with your bank directly through Stripe's interface — Umbrellia never sees or stores your bank login credentials
3. Stripe provides Umbrellia with read-only access to your transaction and account data
4. All financial data requests are routed through Umbrellia's secure backend — never from your device directly to Stripe

Umbrellia's access is read-only. We cannot and do not initiate transfers, payments, or any financial transactions on your behalf.

6.2 Financial Data We Collect

• Bank account metadata — institution name, account type, and last 4 digits of account number
• Transaction history — merchant name, amount, date, and category
• Account balance — current and available balance
• Recurring transaction detection — to identify active subscriptions (Ghost Hunter feature)

6.3 What We Do Not Collect

• Full account numbers or routing numbers
• Bank login credentials
• Social Security or tax ID numbers
• Wire transfer or ACH origination details

6.4 How Financial Data Is Used

Financial data is used solely to power Umbrellia's Money features — displaying subscription spending, detecting recurring charges, and showing household budget summaries. It is not used for advertising, credit decisions, underwriting, or any other purpose.

6.5 Disconnecting Your Bank

You can disconnect any bank account at any time from Settings → Bank Connections. This immediately revokes access and stops all future syncing. Contact privacy@umbrellia.app to request deletion of stored financial data.

Stripe's handling of your data is also governed by Stripe's Privacy Policy.

7. Push Notifications & SMS

7.1 Push Notifications

With your permission, Umbrellia may send push notifications for:

• Task and event reminders
• Household activity updates
• Subscription renewal alerts
• Habit streak reminders
• Brellie companion check-ins and insights
• Evening Archive daily summary (9 PM local time, if enabled)

You can disable all push notifications at any time via your device's system settings (iOS: Settings → Notifications → Umbrellia).

7.2 SMS (Weekly Household Summary)

Umbrellia Pro subscribers may opt in to receive a weekly household summary via SMS, delivered at 10:00 AM local time every Sunday via Twilio.

TCPA Consent Notice: By entering your phone number and opting in, you agree to receive weekly home summaries from Umbrellia by text. Message & data rates may apply. Reply STOP at any time to unsubscribe. Reply HELP for assistance.

• SMS is opt-in only. It is never sent without your explicit consent.
• Your phone number is stored securely in our database and is never sold or shared with third parties for marketing.
• Replying STOP immediately unsubscribes you. No further messages will be sent.
• SMS is a Pro-only feature. Free users receive push notifications only.

SMS delivery is powered by Twilio. Your phone number and message content are processed by Twilio in accordance with their privacy policy.

8. How We Share Your Information

We do not sell your personal information. We do not share it for advertising purposes. We share data only as follows:

8.1 Within Your Household

Data you choose to share is visible to your invited household members through the App, as described in Section 3.

8.2 Service Providers

8.3 Legal Requirements

We may disclose your information if required to do so by law, court order, or governmental authority, or when we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

8.4 Business Transfers

If Umbrellia is acquired by or merged with another company, your information may be transferred to the acquiring entity. We will notify you via email or App notification before your data becomes subject to a materially different privacy policy.

9. Data Security

We implement technical and organizational measures to protect your data:

• In transit: All data is transmitted over TLS 1.3 encrypted connections
• At rest: All data stored in Supabase is encrypted at rest (AES-256)
• Vault encryption: Documents are encrypted end-to-end using Argon2id key derivation, AES-256-GCM encryption, and X25519 key exchange. Only you — and household members you explicitly share with — can decrypt your Vault. Umbrellia cannot read Vault contents.
• Authentication: Supabase handles authentication with industry-standard session token management. Biometric authentication is available for Vault and bank connections.
• Secrets management: API keys and credentials are managed via Doppler secrets management and never hardcoded in the App.

No method of data transmission or storage is 100% secure. We encourage you to use a strong, unique password and enable biometric lock.

10. Data Retention

When you delete your account, all personal data is deleted from our active databases within 30 days. Anonymized analytics data may be retained in aggregated form.

11. Your Rights & Choices

You have the following rights with respect to your data:

• Access: You can view all data you've entered in the App at any time.
• Correction: You can edit your profile, tasks, habits, and all other content directly in the App.
• Deletion: You can delete individual items in the App, or delete your entire account from Settings → Account → Delete Account. Account deletion removes all personal data within 30 days.
• Export: To request a copy of your data, email privacy@umbrellia.app. We will respond within 30 days.
• Opt out of SMS: Reply STOP to any summary message, or go to Settings → Notifications → SMS.
• Opt out of push notifications: Via your device's system settings.
• Disconnect bank: Settings → Bank Connections → Disconnect.
• Revoke HealthKit / Google Fit: Via your device's health app settings.

To exercise any right, contact us at privacy@umbrellia.app.

12. California Privacy Rights (CCPA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA):

• Right to Know: You may request disclosure of the categories and specific pieces of personal information we have collected about you.
• Right to Delete: You may request that we delete personal information we have collected from you, subject to certain exceptions.
• Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.
• Right to Opt Out of Sale: We do not sell your personal information. No opt-out is necessary.

To submit a request, email privacy@umbrellia.app with the subject “CCPA Request.” We will respond within 45 days.

13. Children's Privacy

Umbrellia is designed for adults managing households. The App is not directed at children under the age of 13 and we do not knowingly collect personal information from children under 13.

Family plan accounts may include household members who are minors. In this case, a parent or guardian (the account administrator) creates and manages the minor's household profile. Parents/guardians are responsible for supervising minors' use of the App.

If we become aware that we have inadvertently collected personal information from a child under 13 without verified parental consent, we will delete that information promptly. Contact us at privacy@umbrellia.app if you believe this has occurred.

14. International Users

Umbrellia is operated from the United States. If you are accessing the App from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States where our servers are located and our central database is operated.

By using the App, you consent to the transfer of your information to the United States and the processing of your information in the United States in accordance with this Privacy Policy.

15. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by:

• Posting the updated policy at umbrellia.app/privacy
• Updating the “Last Updated” date at the top of this page
• Sending an in-app notification for significant changes

Your continued use of the App after changes are posted constitutes your acceptance of the updated policy. If you do not agree to the updated policy, please discontinue use of the App and delete your account.

16. Contact Us

For privacy-related questions, requests, or concerns, please contact us:

• Email: privacy@umbrellia.app
• Mailing address: Umbrellia LLC, Wyoming, USA
• Response time: We aim to respond to all privacy requests within 10 business days.

For TCPA / SMS-related concerns specifically, reply STOP to any message or email us with the subject “SMS Opt-Out.”