Privacy Policy
The short version: Your object data lives on your device. If you sign in, it syncs to your account. We collect your IP address and browser info when you accept our waiver — that record is permanent for legal compliance. When you retire an object, the category, how long you owned it, and your chosen outcome (e.g. "ran it down") are anonymously shared to power community benchmarks. No names, costs, or personal details are ever shared. We don't sell your data or show ads.
1. What We Collect and Why
Object and household data you enter — names, categories, purchase dates, lifespan estimates, usage intensity, notes, repair logs, warranty dates, condition photos, and receipt images. This is what makes the app work. Stored on your device and, if signed in, synced to your account on our servers. This includes condition photos and receipt images you attach to objects — these are stored in compressed form in your account so they restore when you sign in on a new device.
Physical profile (optional) — weight, height, BMI, and activity level if you choose to enter them. Used only to adjust lifespan estimates for footwear and sleep items. Stored on your device and synced to your account.
Account information — if you sign in with Apple, we receive your Apple ID and, if you choose to share it, your email address.
Liability waiver record — when you accept the liability waiver, we record: your IP address, your browser's User-Agent string, the timestamp, and the waiver version accepted. This record is stored in an immutable audit table on our servers and cannot be deleted, even by you, for legal compliance reasons. The raw HTTP headers from the acceptance request (minus your authentication token) are also stored.
Anonymous confession counts — when you retire an object and select how it went ("on time", "ran it down", etc.), an anonymous counter for that category and verdict is incremented in a shared database. No user identifier is attached. These counts are visible to all users of the app via the community stats feature.
Push notification subscription — if you enable push notifications, your browser's push endpoint URL and the cryptographic keys needed to send you encrypted notifications (p256dh and auth keys) are stored on our servers.
Payment information — if you subscribe to Pro, your payment is processed entirely by Stripe. We store only a Stripe customer ID and your subscription status. We never see or store card numbers.
Household data — if you join a household, your display name and full object list are stored in a shared household record readable by anyone who has your household code.
2. Where Your Data Is Stored
| Data | Where | Who can access it |
|---|---|---|
| Objects, profile, notes, history | Your device (localStorage) + Supabase (if signed in) | You only |
| Condition photos & receipt images | Your device + Supabase (compressed, per-object rows) | You only |
| Household objects & score | Supabase households table | Anyone with your household code |
| Liability waiver record | Supabase legal_agreements table (immutable) | DecayApp™ service only (service role) |
| Anonymous confession counts | Shared confessions table (category:verdict → count) | All DecayApp users (no identifier attached) |
| Anonymous lifespan data (category + months owned) | Aggregated lifespan_benchmarks table | All DecayApp users (no identifier attached) |
| Push subscription keys | Supabase push_subscriptions table | DecayApp™ service only |
| Stripe customer ID & Pro status | Supabase users table | You + DecayApp service |
3. AI Features
When you use AI features — photo identification, receipt OCR, or recall checking — the relevant image or object data is sent to Anthropic's Claude API for processing. Your browser's User-Agent string is included in the request headers. Anthropic's Privacy Policy governs how they handle API data. Anthropic does not train on API data by default.
AI requests are routed through our Netlify server functions. We do not log the content of AI requests beyond what is needed to return the response.
4. Third-Party Services
DecayApp™ uses these services to operate:
- Supabase — database, authentication, and file storage. Your signed-in data lives here.
- Stripe — payment processing for Pro subscriptions. Governed by Stripe's Privacy Policy.
- Anthropic — Claude API for AI photo ID, receipt OCR, and recall checking.
- Netlify — hosting and serverless functions. Request logs may be retained per Netlify's standard policies.
- Google Fonts — the landing page loads fonts from Google's CDN. Google may log this request per their standard policies.
We do not use advertising networks, analytics platforms (no Google Analytics, Mixpanel, etc.), or data brokers.
5. How We Use Your Data
- To provide decay tracking and all app features.
- To sync your data across your devices when signed in.
- To process your Pro subscription and verify status.
- To send push notifications about your objects if you have enabled them.
- To maintain a legally compliant record of your waiver acceptance.
- To generate anonymous aggregated statistics shown in the community confession feature.
6. Your Rights and Data Deletion
You can:
- Export your data — download a full CSV of your objects from within the app at any time (Pro feature).
- Delete objects and data — deleting objects removes them from your device and syncs the deletion to your account on the next sync.
- Delete your data — deleting objects removes them from your device and your account on the next sync. To delete your account and all associated data, contact us at support@decayapp.com.
- Request account deletion — contact us at support@decayapp.com to delete your account and all associated data.
Exception: The liability waiver audit record in our legal_agreements table is permanently retained and cannot be deleted. It contains no object data — only the fact that you accepted the waiver, the timestamp, waiver version, IP address, and User-Agent. This record exists solely for legal compliance.
Anonymous confession counts and lifespan benchmark contributions carry no user identifier and cannot be attributed to any individual. However, if you opt out of community data sharing, DecayApp will attempt to remove your previously submitted confession counts from the shared database on a best-effort basis. Aggregated lifespan averages are computed server-side and individual contributions cannot be surgically removed once aggregated, but opting out stops all future submissions immediately.
7. Household Sharing
If you create or join a household, your display name and the names, categories, and decay percentages of all your objects are visible to every other member of that household — anyone who has the household code. Choose your household code carefully and only share it with people you trust. You can leave a household at any time from the profile screen, which removes your data from the shared household record.
8. Push Notifications
If you enable push notifications, your browser generates a unique push subscription containing an endpoint URL and two cryptographic keys (p256dh and auth). These are stored in our database and used only to deliver encrypted push notifications about your objects. You can disable notifications at any time from within the app or your device settings, which will remove your subscription from our servers.
9. Children
DecayApp™ is not directed at children under 13. We do not knowingly collect personal information from children under 13. Contact us at support@decayapp.com if you believe a child has created an account and we will delete it.
10. Changes to This Policy
We will update the "Last updated" date when this policy changes. Continued use of the Service after changes constitutes acceptance of the updated policy. Material changes will be communicated via a notice in the app.
11. Contact
For privacy questions or data deletion requests: support@decayapp.com
DecayApp™ is operated from the United States. By using the Service, you consent to your data being processed in the United States in accordance with this Privacy Policy.