Privacy Policy

Our Privacy Commitment

Dame is built for families. We understand that the data you trust us with—your tasks, schedules, conversations, and daily routines—is deeply personal. That's why we've designed Dame with privacy as a core principle, not an afterthought.

Our commitments to you:

• We will never sell your data. Your information exists solely to make Dame work for your household.
• We will never display advertisements. Dame is and will always be an ad-free experience.
• We encrypt everything we can. Messages are end-to-end encrypted. Data on your device is protected by your device's built-in encryption, and all data in transit is encrypted using TLS.
• We collect only what's necessary. We don't track you, profile you, or collect data for any purpose other than making Dame better for you.

Introduction

Dame (“we,” “our,” or “us”) is a household coordination app operated by Vince Inting, carrying on business as Dame Digital, a sole proprietorship registered in Alberta, Canada. Dame is designed to help families and households manage tasks, chores, events, and communication. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application.

Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the application.

Information We Collect

Information You Provide Directly

Account Information

• Display name
• First and last name (optional)
• Email address (provided via Google or Apple sign-in)
• Profile photo (optional)

Household Data

• Tasks: titles, descriptions, due dates, priority levels, assignees, location reminders, and photo attachments
• Chores: titles, descriptions, schedules, completion records, and assignees
• Events: titles, descriptions, dates, times, locations, attendees, and recurrence patterns
• Messages: text content sent within household or direct conversations

User Preferences

• Visibility settings for tasks, chores, and events
• Notification preferences
• App lock preferences

Information Collected Automatically

Device Information

• Device identifier (generated locally for sync purposes—we do not use hardware identifiers)
• Device type and operating system version
• App version

Usage Data

We collect limited, anonymized usage data solely to improve Dame:

• Sync timestamps and operation logs (for data synchronization)
• Aggregate feature usage patterns (e.g., which features are most popular)
• Crash reports and performance metrics

This data is used exclusively to identify bugs, improve performance, and understand which features matter most to our users. We do not use this data to build profiles, target content, or for any purpose other than improving Dame.

Information From Third-Party Services

Google Sign-In

• Email address
• Display name
• Profile photo URL

Apple Sign-In

• Email address (you may choose to hide your email)
• Full name (provided only on first authentication)

Device Calendar (when permission granted)

• Calendar event titles, dates, times, and locations
• External calendar identifiers for sync purposes

Device Contacts (when permission granted)

• Contact names and email addresses (only when adding event attendees)
• Contact data is not stored on our servers—only the name and email of attendees you explicitly add to events

How We Use Your Information

We use the information we collect exclusively to:

• Provide and maintain the Dame application
• Sync your data across your devices and with your household members
• Send task reminders and notifications you have enabled
• Enable location-based reminders when you arrive at or leave specific places
• Integrate with your device calendar to display and sync events
• Facilitate communication between household members
• Authenticate your identity and secure your account
• Improve app performance and fix bugs
• Understand aggregate usage trends (not individual behavior)

How We Do NOT Use Your Information

• We do not sell, rent, or trade your personal information to anyone, ever
• We do not display advertisements of any kind
• We do not share your data with advertisers or ad networks
• We do not build profiles for marketing or targeting purposes
• We do not use your data to train AI models
• We do not monetize your data in any way

Data Storage and Security

Online-First with Offline Resilience

Dame is an online-first app with offline resilience. Your data writes locally to your device for fast performance, then syncs to the cloud. This means your data remains accessible even without an internet connection.

Data stored locally on your device includes:

• Tasks, chores, and events
• Messages and conversations
• Profile information
• Sync state and preferences

Cloud Synchronization

To sync data across your devices and with household members, we use Supabase (a cloud database service) to store:

• Encrypted sync operations
• Household membership information
• Profile data (master copy)
• End-to-end encrypted message content

Our Encryption Approach

End-to-End Encryption (E2E)

Messages between household members are end-to-end encrypted. They are encrypted on your device before being sent, and only the members of a conversation hold the keys needed to read them. We do not hold those keys, so we cannot read your message content.

Note: to deliver messages to the right people, Dame distributes members' public keys through our servers, and Dame does not yet offer an in-app way for you to independently verify another member's key. End-to-end encryption protects your messages from being read in storage or transit; it relies on the integrity of this key distribution.

Encryption at Rest

Your other household data (tasks, chores, events) is protected as follows:

• On your device, data is protected by your device's built-in (operating system) encryption
• Data stored in our cloud database is encrypted at rest by our infrastructure provider, Supabase
• Cloud data is accessible only to authenticated members of your household

Local Security

• Your PIN is hashed using scrypt and stored securely on your device
• Biometric data (Face ID, fingerprint) never leaves your device—it is stored in your device's secure enclave
• Encryption keys are stored in platform-native secure storage (iOS Keychain, Android Keystore)

Data in Transit

• All data transmitted between your device and our servers is encrypted using TLS 1.3

Security Incidents and Breach Notification

If a breach of your personal information poses a real risk of significant harm, Dame will assess the incident and notify affected users and the applicable privacy commissioner or commissioners (the Office of the Privacy Commissioner of Canada, the Office of the Information and Privacy Commissioner of Alberta, and the Commission d'accès à l'information du Québec, as applicable) as soon as feasible. We keep the records required by law and will tell you what happened, what information was involved, what we are doing in response, and the steps you can take to protect yourself.

Data Sharing

Within Your Household

Data you create may be visible to other members of your household based on visibility settings you control:

• Household visibility: All household members can see the item
• Limited visibility: Only assigned members can see the item
• Private visibility: Only you can see the item

With Third-Party Service Providers

We use a minimal set of third-party services, chosen for their privacy practices:

Supabase

• Purpose: Database hosting, authentication coordination, real-time sync
• Data shared: Encrypted sync operations, profile data, household data
• Privacy Policy: https://supabase.com/privacy

Google (Google Sign-In and Maps)

• Purpose: Authentication, location search for events
• Data shared: Authentication tokens, location search queries
• Privacy Policy: https://policies.google.com/privacy

Apple (Apple Sign-In)

• Purpose: Authentication on iOS devices
• Data shared: Authentication tokens
• Privacy Policy: https://www.apple.com/legal/privacy/

Sentry

• Purpose: Crash and error diagnostics
• Data shared: Device information, error logs, app-generated user identifiers, IP address
• Location: United States
• Privacy Policy: https://sentry.io/privacy/

RevenueCat

• Purpose: Subscription and purchase management
• Data shared: Purchase history, subscription status, app-generated user identifiers
• Location: United States
• Privacy Policy: https://www.revenuecat.com/privacy/

Sub-processors

The following sub-processors help us operate Dame. We update this list as our providers change and will notify users of material changes.

We Will Never

• Sell your personal information to third parties
• Share your data with advertisers or ad networks
• Provide your data to data brokers
• Use your data for targeted advertising
• Share your data with anyone except as described in this policy

Advertising Policy

Dame does not and will never display advertisements. We believe ads are incompatible with a family-focused app that handles sensitive household information. Our business model is based on providing value through our app, not monetizing your attention or data.

Device Permissions

Dame requests permissions only when needed for specific features. You can deny any permission and still use Dame—you'll just miss that specific feature.

You can revoke any permission at any time through your device settings.

Data Retention

• Account deletion: Processed immediately. When you delete your account, your profile and account data are removed without a retention delay
• Tasks, chores, and events: Retained until you delete them
• Messages: Retained until you delete them or clear the conversation
• Abandoned or expired household data: Permanently deleted 14 days after a household is abandoned or expires
• Soft-deleted sync records (tombstones): Departed-member and membership records are kept briefly as “tombstones” so every device can complete sync, then compacted and removed after 30 days
• Anonymized analytics: Retained in aggregate form (cannot be linked back to you)

Account Deletion

When you delete your account:

• Your profile is permanently removed from our servers
• Your household membership is terminated
• Your local data is cleared from your device
• Shared data (tasks, events assigned to others) may remain visible to other household members who co-own that data
• Your messages are deleted from our servers (other participants retain their local copies)

After you delete your account, limited records may persist where required: subscription and purchase records held by our app stores and RevenueCat, diagnostic records in Sentry, and routine encrypted backups, which age out on their normal cycle.

You can delete your account at any time from the Settings screen in the app, or by contacting us at privacy@damedigital.ca.

Your Rights and Choices

You have the right to:

• Access: View all your personal data within the app
• Correction: Update your profile information at any time
• Deletion: Delete your account and associated data
• Data portability: You can request a copy of your personal information in a commonly used, machine-readable format by emailing privacy@damedigital.ca; we will provide it within 30 days
• Withdraw consent: Revoke permissions through your device settings
• Opt-out: Disable optional data collection in app settings

To exercise these rights, you can:

• Use the settings within the Dame app
• Contact us at privacy@damedigital.ca

Children's Privacy

Dame is designed for adult household coordination and is not directed at children under 13. All users must be at least 13 years old to use Dame in any capacity. Account creation requires users to be at least 18 years old.

We do not knowingly collect personal information from anyone under 13. If we learn that a user under 13 has accessed Dame or provided personal information, we will promptly delete that information and terminate access.

Users between 13 and 17 may use Dame as household members only when added by a parent or guardian who has accepted the Terms of Service on their behalf. The parent or guardian is responsible for supervising the minor's use of Dame.

If you are a parent or guardian and believe someone under 13 has accessed Dame, please contact us at privacy@damedigital.ca and we will delete their information promptly.

International Data Transfers

Your data is stored primarily in Canada (Supabase, Canada Central region). Some service providers Dame relies on process limited data in the United States, specifically Sentry (diagnostics) and RevenueCat (subscription management). By using Dame you consent to these transfers.

We ensure your data remains protected by using encryption in transit and at rest, and by working only with service providers who maintain appropriate security standards.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by:

• Posting the new Privacy Policy in the app and on our website
• Updating the “Last Updated” date at the top of this policy
• Sending you an in-app notification for significant changes
• Requiring acknowledgment for material changes that affect your rights

We encourage you to review this Privacy Policy periodically. Your continued use of Dame after changes are posted constitutes your acceptance of the revised policy.

Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: privacy@damedigital.ca

Privacy Officer: Vince Inting is our Privacy Officer, the person responsible for the protection of personal information across PIPEDA, Alberta's PIPA, and Quebec's Law 25. You can reach the Privacy Officer at privacy@damedigital.ca.

We aim to respond to all privacy-related inquiries within 30 days.

Additional Information for California Residents

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

• Right to Know: You can request information about the categories of personal information we collect and how we use it
• Right to Delete: You can request deletion of your personal information
• Right to Correct: You can request correction of inaccurate personal information
• Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights
• Right to Opt-Out of Sale: We do not sell personal information, so this right does not apply

To exercise these rights, contact us at privacy@damedigital.ca.

Categories of Personal Information Collected

In the past 12 months, we have collected the following categories of personal information:

• Identifiers (name, email address, device identifiers)
• Internet or network activity (app usage data, sync logs)
• Geolocation data (when permission granted, for location-based reminders)
• Audio/visual information (photos you upload)
• Inferences drawn from the above (household membership, preferences)

We do not sell personal information. We have not sold personal information in the preceding 12 months.

Additional Information for European Users (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR):

Data Controller

Vince Inting, carrying on business as Dame Digital, is the data controller responsible for your personal information. Contact: privacy@damedigital.ca

Legal Basis for Processing

• Contract: Processing necessary to provide you with Dame services (account management, sync, core features)
• Consent: Processing based on your explicit consent (location permissions, calendar access, contacts access)
• Legitimate Interests: Processing for our legitimate interests where not overridden by your rights (security, fraud prevention, improving the app)

Your GDPR Rights

• Right to access your personal data
• Right to rectification of inaccurate data
• Right to erasure (“right to be forgotten”)
• Right to restrict processing
• Right to data portability
• Right to object to processing
• Right to withdraw consent at any time
• Right not to be subject to automated decision-making

International Transfers

International transfers of EEA and UK data to Canada rely on Canada's adequacy status for commercial organizations. Transfers to our United States service providers (Sentry and RevenueCat) are protected by appropriate safeguards such as standard contractual clauses.

EU Representative

An EU representative under Article 27 of the GDPR will be designated if and where required.

Data Protection Authority

You have the right to lodge a complaint with your local data protection authority if you believe we have violated your privacy rights.

Additional Information for Canadian Users (PIPEDA)

If you are located in Canada, your personal information is protected under the Personal Information Protection and Electronic Documents Act (PIPEDA). You have the right to:

• Access your personal information held by us
• Challenge the accuracy and completeness of your information
• Withdraw consent for certain processing activities

To exercise these rights or file a complaint, contact us at privacy@damedigital.ca or the Office of the Privacy Commissioner of Canada.

Additional Information for Quebec Residents (Law 25)

If you are located in Quebec, your personal information is also protected under Quebec's Act respecting the protection of personal information in the private sector, as amended by Law 25.

• Person responsible: Our Privacy Officer, Vince Inting (privacy@damedigital.ca), is the person responsible for the protection of personal information.
• Confidentiality incidents: If a confidentiality incident (a breach) poses a risk of serious injury, we will notify the affected individuals and the Commission d'accès à l'information du Québec (CAI).
• Automated decision-making: Dame does not use automated decision-making that produces legal or similarly significant effects about you.
• Minors: For users under 14 years of age in Quebec, consent is given by the parent or guardian.

You may also file a complaint with the Commission d'accès à l'information du Québec (CAI).

Additional Information for Alberta Residents (PIPA)

If you are located in Alberta, the collection, use, and disclosure of your personal information is also governed by Alberta's Personal Information Protection Act (PIPA).

• Responsible individual: The individual responsible for our compliance with PIPA is Vince Inting (privacy@damedigital.ca).
• Breach notification: Where a breach poses a real risk of significant harm, we will notify the Office of the Information and Privacy Commissioner of Alberta and the affected individuals.

You may contact the Office of the Information and Privacy Commissioner of Alberta at oipc.ab.ca.

Marketing Communications (CASL)

Dame sends service and transactional messages (for example, trial reminders, billing notices, and security and account messages) as needed to operate your account.

Dame sends marketing or promotional messages only with your consent. Every marketing message identifies the sender and includes an unsubscribe link, and you can withdraw your consent at any time using that link or by emailing support@damedigital.ca.