Legal

Privacy Policy

Effective Date: April 19, 2026 · Last Updated: April 19, 2026 · Data Controller: Divesting The Domestic LLC, Wisconsin, USA

Who We Are
Information We Collect
How We Use Your Information
Legal Basis for Processing (GDPR)
How We Share Information
Children's Privacy (COPPA)
Data Retention
Security
Your Rights
Jurisdiction-Specific Disclosures
Third-Party Services
Changes to This Policy
Contact Us

    Plain-language summary: Divesting the Domestic is a household management app. We collect only what we need to make the app work for your family. We do not sell your data, share it with advertisers, or use it to build profiles for third parties. Your household data belongs to your household.
  

1. Who We Are

Divesting the Domestic ("we," "us," "our," or the "App") is a household management application developed and operated by Divesting The Domestic LLC, a limited liability company organized under the laws of the State of Wisconsin, United States.

Divesting The Domestic LLC is the data controller under the European Union General Data Protection Regulation (GDPR) and the UK GDPR, and the business under the California Consumer Privacy Act (CCPA/CPRA). For Australian users, Divesting The Domestic LLC is the APP entity responsible for handling personal information under the Privacy Act 1988 (Cth).

Our registered address and principal place of business is in the State of Wisconsin, United States. Contact details are provided in Section 13.

2. Information We Collect

We collect only the information necessary to provide the App's features. We practice data minimization — we do not collect information we do not need.

2.1 Information You Provide Directly

Category	Examples	Purpose
Account information	Email address, password (hashed), name	Authentication and account management
Household profile	Household name, member names, avatars, member roles	Personalizing the household experience
Member profiles	Name, avatar, color preference, chore capacity settings, waking hours, arrival time	Chore assignment and scheduling
Chore data	Chore names, schedules, points, completion records, skip logs, missed records	Core app functionality
Wellness check-in data	Self-reported sleep quality, energy level, daily habit completion, day rating	Personalizing chore capacity and providing household insights
Tasks and responsibilities	Personal task names, due dates, priority, notes	Personal task management
Calendar event data	Event titles, times, durations, color codes from connected Google Calendars	Capacity planning and scheduling optimization

2.2 Information Collected Automatically

Device and browser information: Browser type, operating system, device type (for app compatibility)
Usage data: Features used, pages visited within the app, actions taken (for debugging and improvement)
Log data: IP address, timestamps, error logs (for security and performance monitoring)
Authentication tokens: Session tokens managed by our authentication provider (Supabase)

2.3 Information from Third-Party Services

Google Calendar: When you connect a Google Calendar account, we access calendar events within the scope you authorize. We read event titles, times, durations, and color codes. We do not access email, contacts, Drive files, or any Google service beyond Calendar. You may disconnect Google Calendar at any time from your account settings.
Google OAuth: If you sign in with Google, we receive your email address and display name from Google to create your account. We do not receive your Google password.

2.4 Information We Do NOT Collect

Payment card numbers or financial account details (payments processed by Stripe — we receive only a subscription status token)
Precise real-time location data
Biometric data
Government ID numbers
Health or medical records
Content of emails or messages outside the App

3. How We Use Your Information

We use your information for the following specific purposes:

3.1 Providing and Operating the App

Creating and managing your household account
Assigning chores based on member availability, capacity, and schedules
Generating household analytics, reports, and insights
Syncing data across devices used by household members
Processing Google Calendar data to optimize scheduling
Sending in-app notifications and reminders

3.2 Improving the App

Analyzing aggregated, anonymized usage patterns to improve features
Debugging errors and resolving technical issues
Testing new features with consenting users

3.3 Communicating with You

Sending transactional emails (account creation, password reset, subscription receipts)
Sending product updates, new features, and important service notices
Responding to support requests

3.4 Security and Compliance

Detecting and preventing fraud, abuse, and unauthorized access
Complying with applicable legal obligations
Enforcing our Terms of Service

      We do not: sell your personal information, share it with advertisers, use it to serve you third-party advertisements, use it to train AI models without your explicit consent, or use it for purposes unrelated to providing the App.
    

4. Legal Basis for Processing (GDPR / UK GDPR)

For users in the European Economic Area (EEA), the United Kingdom, and other jurisdictions that require a legal basis for processing personal data, we process your data on the following bases:

Processing Activity	Legal Basis
Creating and managing your account	Performance of a contract (Art. 6(1)(b) GDPR)
Providing core app functionality	Performance of a contract (Art. 6(1)(b) GDPR)
Processing Google Calendar data	Consent (Art. 6(1)(a) GDPR) — you explicitly authorize this connection
Wellness check-in data (health-adjacent)	Explicit consent (Art. 9(2)(a) GDPR) — you provide this voluntarily
App improvement and analytics	Legitimate interests (Art. 6(1)(f) GDPR) — improving the service we provide
Security and fraud prevention	Legitimate interests (Art. 6(1)(f) GDPR)
Legal compliance	Legal obligation (Art. 6(1)(c) GDPR)
Marketing communications	Consent (Art. 6(1)(a) GDPR) — opt-in only

You may withdraw consent at any time. Withdrawing consent does not affect the lawfulness of processing before withdrawal. To withdraw consent for Google Calendar access, disconnect it from your account settings. To withdraw consent for wellness data, you may delete your check-in history from the app.

5. How We Share Information

5.1 Within Your Household

Members of your household can see shared household data: chore assignments, completion records, schedules, and shared analytics. Wellness check-in data (sleep quality, energy level, personal habits) is private to each individual member and is not visible to other household members, including household administrators, unless you choose to share it.

5.2 Service Providers

We share data with trusted service providers who help us operate the App. All service providers are bound by data processing agreements and may only use your data as directed by us:

Provider	Purpose	Data Shared	Location
Supabase	Database hosting and authentication	All app data	AWS US East (Virginia)
Vercel	App hosting and delivery	Usage logs, IP addresses	USA / Global CDN
Google	Authentication (OAuth) and Calendar access	Email, display name, calendar events	Global
Stripe	Payment processing	Email, subscription status	USA / Global

5.3 Legal Requirements

We may disclose your information if required to do so by law or in response to valid legal process (such as a court order or government request), or when we believe disclosure is necessary to protect the rights, property, or safety of Divesting The Domestic LLC, our users, or the public.

5.4 Business Transfers

If Divesting The Domestic LLC is acquired, merges with another company, or sells substantially all of its assets, your information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice in the App prior to any such transfer, and you will have the opportunity to delete your account before the transfer takes effect.

5.5 We Do Not Sell Your Data

We do not sell, rent, or trade your personal information to any third party for monetary or other valuable consideration. This applies to all users, including California residents under the CCPA/CPRA.

6. Children's Privacy (COPPA and International Children's Protections)

Important — please read carefully if your household includes children.

The App is a household management tool designed for use by families, including households with children. We comply with the Children's Online Privacy Protection Act (COPPA) and applicable international children's privacy laws.

6.1 Children Under 13 (United States — COPPA)

We do not knowingly collect personal information directly from children under 13 years of age. Children under 13 may be added to the App as household members by a parent or guardian (an adult account holder), but:

A child's profile is created and managed by the parent or guardian account administrator
Children under 13 do not create their own accounts or provide their own personal information
We collect only the minimum information necessary to provide chore management for the child (name, avatar, chore assignments)
Parents and guardians may review, modify, or delete their child's profile information at any time from the household settings
We do not use children's information for advertising or behavioral tracking

If you believe a child under 13 has provided personal information without parental consent, please contact us immediately at privacy@divestingthedomestic.app and we will promptly delete the information.

6.2 Children Ages 13–17

Teen household members (ages 13–17) may use the App under parental supervision. We recommend that parents review this Privacy Policy with teen members of their household. Teen wellness check-in data is treated as private and is not visible to other household members.

6.3 Australian Children's Privacy

We are committed to compliance with Australia's Children's Online Privacy Code as it is developed and implemented under the Privacy Act 1988 (Cth). We apply high-privacy defaults for all users who may be minors and will update our practices as the Code is finalized by December 2026.

6.4 Parental Rights

As a household administrator, you have the right to:

Review all data associated with your child's household profile
Request deletion of your child's data by submitting a request to privacy@divestingthedomestic.app
Opt out of any data collection beyond what is necessary for core app functionality

7. Data Retention

We retain your personal information for as long as your account is active or as needed to provide the App's services. Specific retention periods:

Data Type	Retention Period	Basis
Account and profile data	Duration of active account + 30 days after deletion request	Service provision
Chore history and completion records	Duration of active account	App analytics and reporting features
Wellness check-in data	Duration of active account; may be deleted in-app at any time	User-controlled
Google Calendar tokens	Until you disconnect Calendar access or delete your account	User-controlled
Payment records	7 years (US tax law requirements)	Legal obligation
Security and server logs	90 days	Security monitoring
Backup data	Up to 30 days in encrypted backups after account deletion	Operational recovery

When you delete your account, we will delete or anonymize your personal data within 30 days, except where retention is required by law (such as payment records for tax purposes) or where data has already been anonymized as part of aggregate analytics.

8. Security

We implement industry-standard security measures to protect your personal information:

Encryption in transit: All data transmitted between your device and our servers is encrypted using TLS 1.2 or higher
Encryption at rest: All data stored in our database is encrypted at rest
Authentication: Passwords are hashed using bcrypt and never stored in plain text. We support multi-factor authentication
Access controls: Row-level security ensures household data is accessible only to members of that household. Staff access to production data is limited and audited
Third-party security: Our infrastructure providers (Supabase, Vercel) maintain SOC 2 Type II compliance

No method of transmission over the internet or electronic storage is 100% secure. While we use commercially reasonable means to protect your information, we cannot guarantee absolute security. In the event of a data breach that affects your personal information, we will notify you in accordance with applicable law, including Wisconsin Statute § 134.98, within 72 hours of becoming aware of the breach where required.

9. Your Rights

Depending on your location, you have the following rights regarding your personal information. To exercise any of these rights, contact us at privacy@divestingthedomestic.app.

Right	Description	Applies To
Access	Request a copy of the personal information we hold about you	All users
Correction	Request correction of inaccurate or incomplete data	All users
Deletion	Request deletion of your personal information ("right to be forgotten")	All users
Portability	Receive a copy of your data in a machine-readable format (JSON/CSV)	EEA, UK, Australian users; CA users
Objection	Object to processing based on legitimate interests	EEA and UK users
Restriction	Request restriction of processing in certain circumstances	EEA and UK users
Opt out of sale	Opt out of the sale of personal information (we do not sell data)	California users (CCPA)
Non-discrimination	Exercise your privacy rights without receiving discriminatory treatment	California users (CCPA)
Withdraw consent	Withdraw previously given consent at any time	All users where consent is the legal basis
Automated decision-making	Not be subject to solely automated decisions with significant effects without human review	EEA, UK, Australian users (from Dec 2026)

We will respond to rights requests within 30 days (or 45 days with notice if additional time is needed). We do not charge fees for rights requests. We may need to verify your identity before processing your request.

10. Jurisdiction-Specific Disclosures

🇺🇸 California (CCPA/CPRA) We do not sell personal information. We do not share personal information for cross-context behavioral advertising. California residents have the rights described in Section 9. To submit a rights request: privacy@divestingthedomestic.app.

🇪🇺 European Union (GDPR) Our legal bases are described in Section 4. Our data is transferred to the USA under Standard Contractual Clauses (SCCs). You have the right to lodge a complaint with your national supervisory authority. Our EU representative can be contacted at privacy@divestingthedomestic.app.

🇬🇧 United Kingdom (UK GDPR) We comply with the UK GDPR and the Data Protection Act 2018. You have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk. International transfers use UK-approved transfer mechanisms.

🇦🇺 Australia (Privacy Act 1988) We comply with the 13 Australian Privacy Principles (APPs). You may request access to or correction of your personal information. You have the right to complain to the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au. We will respond to complaints within 30 days.

🇺🇸 Wisconsin (Wis. Stat. § 134.98) In the event of a data breach affecting Wisconsin residents' personal information, we will notify affected individuals as required by Wisconsin's data breach notification law. Notification will be made in the most expedient time possible and without unreasonable delay.

🌍 Other Jurisdictions We are committed to complying with applicable privacy laws in all jurisdictions where our users reside. Where local law provides additional rights beyond those described here, we will honor those rights.

International Data Transfers

Your personal information is stored and processed in the United States (AWS US East — Northern Virginia). If you are located outside the United States, your information is transferred to the US under appropriate safeguards, including Standard Contractual Clauses (SCCs) approved by the European Commission for EEA/UK users, and equivalent mechanisms for other jurisdictions.

11. Third-Party Services and Links

The App integrates with the following third-party services. Your use of these services is governed by their own privacy policies:

Google Calendar API: policies.google.com/privacy
Supabase: supabase.com/privacy
Vercel: vercel.com/legal/privacy-policy
Stripe: stripe.com/privacy

The App may in the future integrate with additional third-party services (such as recipe APIs, price comparison services, or AI services). When new integrations are added that affect data sharing, we will update this Privacy Policy and notify you.

Anthropic Claude API (AI Features)

Future versions of the App may use the Anthropic Claude API to provide AI-powered features (such as meal planning suggestions or household insights). When this feature is activated:

We will clearly identify which features use AI
Data sent to the Anthropic API will be minimized — we will not send personally identifiable information when household data can be anonymized or aggregated
Anthropic does not use API data for model training by default
Anthropic's privacy policy is available at anthropic.com/privacy

12. Changes to This Privacy Policy

We will update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:

Update the "Last Updated" date at the top of this page
Send an email notification to all active account holders at least 30 days before the changes take effect
Display a prominent notice in the App
For material changes affecting how we process sensitive data or children's data, we will obtain fresh consent where required by law

We review this Privacy Policy at least annually, as required by the CCPA. The most current version is always available at divestingthedomestic.app/privacy.

Your continued use of the App after changes take effect constitutes your acceptance of the updated Privacy Policy, subject to any additional consent requirements under applicable law.

13. Contact Us

If you have questions about this Privacy Policy, want to exercise your rights, or have a privacy concern, please contact us:

Divesting The Domestic LLC

📧 Privacy inquiries: privacy@divestingthedomestic.app

📧 General support: hello@divestingthedomestic.app

🌐 Website: divestingthedomestic.app

📍 State of Wisconsin, United States

We will acknowledge receipt of your inquiry within 72 hours and provide a substantive response within 30 days (or 45 days with notice if the request is complex or numerous). For urgent data breach concerns, please mark your subject line "URGENT — DATA BREACH."

Supervisory Authorities

If you are not satisfied with our response, you have the right to lodge a complaint with the relevant supervisory authority:

EEA users: Your national data protection authority (list at edpb.europa.eu)
UK users: Information Commissioner's Office — ico.org.uk
Australian users: Office of the Australian Information Commissioner — oaic.gov.au
US users: Federal Trade Commission — ftc.gov