Privacy Policy

Last updated: May 13, 2026

dooly is built for two people who want a private space — no feeds, no groups, no public profiles, no ads. This Privacy Policy explains what information we collect, how we use it, and what choices you have.

We’ve tried to write this in plain language. If anything is unclear, email us at hello@getdooly.com.

1. Summary

• We collect only the information needed to run the app for you and your partner.
• Messages are end-to-end encrypted — we cannot read them.
• We do not sell your data, do not show ads, do not share your information with brands or advertisers.
• We do not use your messages, photos, or personal answers to train AI models.
• You can delete your account at any time. Your data is purged within 30 days.

2. Information We Collect

Account information (required to use the app)

• Email address — used for sign-in and account recovery.
• Password — stored as a one-way hash; we never see your plain-text password.
• First and last name — used to identify you to your partner.
• Birthday — used to confirm you are 18 or older and to celebrate your birthday in-app.

Onboarding personalization (you choose what to share)

• Relationship status (Dating / Engaged / Married).
• Relationship start date (powers the day counter on the home screen).
• How you and your partner met.
• Your love languages (ranked top three).
• A nickname you want to call your partner.
• Optional private reflections (fondest memory, what you love most about your partner, a shared goal). These fields are visible only to YOU on this device — not to your partner.

Profile photos

• A small circular avatar (shown in chat and the home header).
• A larger photo for the home screen mood tile.

Both are uploaded by you and stored in our hosted storage. Either is optional.

Messages and shared content

• Text messages — end-to-end encrypted on your device before being sent to our servers. We store only the ciphertext.
• Photos shared in chat — stored in our hosted storage and shared between you and your partner.
• Photo memories you save to the Memories tab.
• Calendar events, milestones, and reminders you create.
• Mood/status updates you set (these expire automatically after 24 hours).
• Message reactions and bookmarks (saved messages).

Device and notification data

• A push-notification token issued by Apple Push Notification Service (iOS) or Firebase Cloud Messaging (Android), used to send you notifications.
• Your public encryption key (the matching private key never leaves your device’s secure storage).

Approximate location (optional)

If you grant location permission, we use your device’s coarse coordinates one time to fetch current weather conditions from an external weather service. We discard the coordinates immediately after the call. We persist only the resulting weather code, temperature, and city-level name (e.g. “Brooklyn”). We never share your coordinates with your partner or any third party.

Information your partner provides

When your partner pairs with you, their account information (name, avatar, weather, mood, etc.) becomes visible to you, and yours to them.

3. How We Use Your Information

We use the information we collect to:

• Operate the Service — let you sign in, send messages, share photos, set reminders, etc.
• Pair you with your partner and keep your shared content in sync.
• Send you push notifications about new messages, photos, calendar events, mood updates, and milestone countdowns.
• Detect and prevent abuse, fraud, and security threats.
• Comply with legal obligations.

We do NOT use your information to:

• Build advertising profiles.
• Train AI models.
• Sell to data brokers.
• Share with marketing partners.

4. Information Sharing

We do not sell, rent, or share your personal information with third parties for their own purposes. We share information only with:

(a) Your partner — the entire point of the app. The information your partner can see is described in Section 2.

(b) Service providers (“sub-processors”) who help us operate the Service. These providers process data on our behalf under contractual obligations to protect it:

• Supabase — hosted database, authentication, file storage, real-time syncing, and serverless functions.
• Expo — push notification delivery and (for Android) the production build infrastructure.
• Apple Push Notification Service (iOS) and Firebase Cloud Messaging (Android) — push notification routing on each platform.
• Resend — transactional email delivery (sign-up verification, password reset).
• Open-Meteo — weather forecast lookups. We send coarse coordinates one time per refresh and receive weather data back. We do NOT send any account identifiers to Open-Meteo.

(c) Legal obligations — if required by law (e.g. valid subpoena), we may disclose information. Because messages are end-to-end encrypted, we cannot produce decrypted message content even if compelled to.

We do not sell your data. We do not show ads. We do not share your information with advertisers, data brokers, or analytics partners.

5. Security

We use industry-standard security practices to protect your information:

• End-to-end encryption for messages. Each user has a curve25519 key pair generated on their device; the private key is stored in the device’s secure enclave (iOS Keychain / Android Keystore) and never leaves the device. Messages are encrypted with XSalsa20-Poly1305 using a shared key derived between you and your partner.
• Passwords are stored as one-way bcrypt hashes — we never see your plaintext password.
• All data in transit is encrypted with HTTPS / TLS.
• Row-level security on our database ensures one couple’s data is inaccessible to another couple’s account.

No system is 100% secure. We do our best, but we cannot guarantee absolute security.

6. How Long We Keep Your Information

• Account data — retained as long as your account is active.
• Messages and memories — retained as long as you and your partner have active accounts.
• Mood/status updates — automatically expire after 24 hours.
• Cached weather data — overwritten on each refresh (no historical weather log).
• Push tokens — replaced each time you install or re-install the app.
• Deleted accounts — fully purged within 30 days of deletion. Before that, the account is marked deleted and inaccessible.

7. Your Rights and Choices

You can:

• Access your data — most of it is visible in the app. Email us for a full export.
• Update your information — most fields are editable in the profile screen and onboarding flow.
• Delete your account — from the profile screen, or by emailing hello@getdooly.com.
• Withdraw location permission — in your device’s Settings → dooly → Location.
• Withdraw notification permission — in your device’s Settings → dooly → Notifications.

Depending on your location, you may have additional rights under privacy laws like the EU’s GDPR or California’s CCPA, including the right to access, correct, or delete your data, and the right to know what categories of information are collected. To exercise these rights, email hello@getdooly.com.

We do not “sell” personal information as defined under the CCPA.

8. International Users

dooly is operated from the United States. If you are accessing the Service from outside the US, your information will be transferred to, stored, and processed in the US. By using the Service, you consent to this transfer.

9. Children’s Privacy

dooly is intended for adults aged 18 and older. We do not knowingly collect personal information from anyone under 18. If you believe a child has provided us with personal information, please email hello@getdooly.com and we will delete the data and the associated account.

10. Changes to this Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you in-app and update the “Last Updated” date below. Continued use of the Service after a change constitutes acceptance of the updated policy.

11. Contact

Questions, requests, or concerns about your privacy? Email us at hello@getdooly.com.

Last updated: May 13, 2026