DailyGrasp Privacy Policy
Last updated: June 1, 2026
This policy describes what DailyGrasp ("we", "the app") collects, why, and what you can do about it. We've tried to write it in plain English. If anything is unclear, email us at the address at the bottom.
What we collect
When you first open the app, we create an anonymous account for you on our backend (Supabase). That account is a random ID โ we don't ask for your name, phone number, or email until you choose to provide one.
Specifically, we store:
| Data | When | Why |
|---|---|---|
| Anonymous user ID | First app launch | Identifies your account on our server so we know which preferences and reading history belong to you. |
| Timezone | First app launch | So we deliver your daily article at your local time, not a server's clock. |
| Topic preferences + reading level | When you set them in onboarding or Topics | So we pick articles you'll find interesting at the right depth. |
| Daily delivery time + read length | Onboarding + Settings changes | So the daily notification fires when you want it. |
| Push notification token | When you grant notification permission | So we can send you the daily article notification. We delete dead tokens automatically when Apple/Google tells us a device is gone. |
| Reading history (which articles delivered, opened, favorited) | As you use the app | So your Library shows your past reads and we don't repeat articles. |
| Email address | Only if you choose to "Save your library" in Settings | So you can sign back in on a new device and recover your account. We never use it for marketing. |
We do not collect:
- Your name or birth date
- Your contacts or location (beyond timezone)
- Browsing activity outside the app
- Anything for advertising
- Any data for resale
How we use it
- To deliver your daily article: we run a server job that, at your chosen time, picks a Wikipedia article that fits your topics and level, summarizes it, and sends you a push notification.
- To remember your library: every delivered article and your favorites are stored so you can revisit them in the Library tab.
- To improve the app: when the app or our server crashes, we get a stack trace via Sentry (see below). We do not look at this data for any other purpose.
Who we share it with
We use these third-party services to run the app. Each one is bound by their own privacy terms and processes only the minimum data needed:
| Service | What it sees | Why |
|---|---|---|
| Supabase (database, auth, push) โ privacy policy | Your anonymous user ID, email (if linked), preferences, reading history, push token | Hosts our backend. |
| Sentry (error tracking + session replay) โ privacy policy | Crash reports, optional session replays (10% sample rate, all text/images masked by default) | So we can fix bugs before too many users hit them. |
| Expo Push Service โ privacy policy | Your push token, the notification title and body we want to deliver | Routes our notifications to Apple's APNs / Google's FCM. |
| Google Gemini API โ privacy policy | The Wikipedia article text we send for summarization. Does not see your user data or preferences. | Generates the AI summary. |
| Apple / Google (when you eventually subscribe to Pro) | Subscription transaction info | Processes the in-app purchase. |
We do not:
- Sell your data to anyone
- Share it with advertisers
- Combine it with data from other services
Your rights
You can, at any time:
- See what we have: open the app, the Library tab shows everything we know about your reading history. Topics + Settings show your preferences.
- Change anything: edit your topics, level, delivery time, and read length from inside the app.
- Delete your account: Settings โ "Delete my account". This is permanent and immediate. Your anonymous user ID, all your preferences, your library, and your push tokens are removed from our database. We cannot recover them after.
- Reset just your local state without deleting: Settings โ "Reset onboarding" โ drops the device's session and starts you over as a fresh anonymous user. Your old data remains in our database (you can sign back in via email if you'd linked one).
- Export your data: email us and we'll send you a JSON dump of everything we have on your account within 30 days.
If you're in the EU/UK and want to invoke GDPR rights (rectification, restriction, objection, etc.), email us โ we'll respond within 30 days.
How long we keep your data
- Active accounts: as long as you keep using the app.
- Inactive accounts (no app activity for 18 months): we may delete the account and all associated data automatically. We'll send a heads-up email first if you've linked one.
- After "Delete my account": removed immediately. Backups are purged within 30 days.
Children's privacy
DailyGrasp is not directed to children under 13 (or the equivalent minimum age in your jurisdiction). We don't knowingly collect data from children under that age. If you believe we have, contact us and we'll delete it.
International transfers
Our backend (Supabase) and error tracking (Sentry) are hosted on servers that may be in the US or the EU depending on the region you signed up in. When you use the app, your data may be transferred outside your country. We rely on Supabase's and Sentry's standard contractual clauses (or equivalent mechanisms) for these transfers.
Changes to this policy
We may update this policy. If we change anything material (what we collect, who we share it with, how it's used), we'll show a notice in the app the next time you open it. Continued use after changes means you accept the new policy.
The version history of this document is public โ every change is tracked in git at https://github.com/jamesalbuquerque/dailygrasp/commits/main/docs/PRIVACY.md.
Contact
Questions, requests, or complaints: [CONTACT_EMAIL โ replace before publishing]
We aim to respond within 7 days; for formal data requests (export, deletion, GDPR) within 30 days as required by law.