Privacy Policy
Last Updated: July 9, 2026 · Provided by Adam Dreyfuss
This Privacy Policy explains how we collect, use, disclose, and protect information when you use the Clearly: Privacy Companion mobile application and related services (the "App"). By using the App, you agree to this Policy. If you do not agree, please do not use the App.
Clearly is a personal privacy-awareness and education tool. It is not a security scanner, an identity-protection service, or a legal service.
Summary
- Your app reviews, notes, and settings are stored on your device by default.
- Some features you choose to turn on — creating an account, breach monitoring, push alerts, AI chat, and syncing across devices — send the data they need to our servers and a small number of service providers.
- We do not sell your personal information, do not show ads, and do not use third-party advertising or tracking SDKs.
- You can delete your account and all server data at any time from Settings.
- Breach and AI information is provided for awareness and education only and may be incomplete or inaccurate.
This summary is for convenience only; the full Policy below governs.
What Clearly Does Not Do
- Does not scan your installed apps or read your device's system permission states
- Does not monitor other apps or your app usage
- Does not track you across other apps or websites
- Does not sell your personal information or show advertising
- Does not use advertising or third-party analytics/tracking SDKs that identify you
Everything the App shows about your apps is based on information you choose to enter and review. This reflects Apple's iOS privacy model, within which the App operates.
Information We Collect
Information you provide by creating an account
An account is optional and required only for breach monitoring, push alerts, and cross-device sync:
- Email address, name, and a securely hashed password (handled by our authentication provider)
- The apps, companies, and watchlist items you choose to track or monitor, and any notes you add
- Support or feedback communications you send us
Information collected automatically to operate features
- Subscription and trial status and related identifiers (via RevenueCat and Apple)
- A device push token, if you enable notifications (via Expo)
- Minimal, content-free usage counts for AI chat (to prevent abuse)
- Basic technical/diagnostic information necessary to deliver the service. We do not build advertising or behavioral profiles.
Information stored only on your device
- Your app reviews, notes, watchlist, education progress, and app/UI settings
- Your recent AI chat history
Information we do not collect
- Your device contacts, photos, microphone/audio, precise location, or system settings
- Data from other apps on your device
How We Use Information
- Provide and operate the features you enable (breach and class-action monitoring, push alerts, AI chat, cross-device sync)
- Create and manage your account and subscription
- Respond to your requests and provide support
- Maintain security, prevent abuse and fraud, and enforce our Terms
- Comply with legal obligations
We do not use your information for advertising, and we do not sell it.
Legal Bases for Processing (EEA/UK)
Where the EU/UK GDPR applies, we process personal data on these bases:
- Contract — to provide the App and features you request
- Legitimate interests — to secure the service, prevent abuse, and improve reliability
- Consent — where required (e.g., push notifications); you may withdraw it at any time
- Legal obligation — to comply with applicable law
AI Features
Clearly's AI chat sends the questions you type to our own servers, where they are processed by a third-party AI provider (currently OpenAI). We do not send your device contacts, photos, microphone, or system settings to any AI provider, and your chat questions are not linked to your tracked-apps profile. AI outputs are educational and may be inaccurate or incomplete; they are not legal, security, financial, or other professional advice, and you should independently verify important information. A content-free usage count is kept briefly on our servers to prevent abuse.
Breach and Legal Information
Breach and class-action information in the App is not AI-generated. It is drawn from public sources — the Have I Been Pwned breach catalog and publicly filed class actions and privacy news — refreshed on our servers periodically and matched against the app names you choose to monitor. This information is provided for awareness and education only, does not mean your personal data was affected, may be incomplete or inaccurate, and includes class-action items describing unproven allegations summarized from third-party sources and not verified by us. Nothing in the App is legal advice, and no attorney-client relationship is created.
How We Share Information
We share personal information only as described here, and never for advertising. Service providers (only to operate features you enable):
- Supabase — database, authentication, and backend functions
- RevenueCat — subscription and entitlement management
- Apple — payment processing for subscriptions
- Expo — push-notification delivery
- OpenAI — processes AI chat questions you send (via our servers)
- Have I Been Pwned — public breach catalog we match against
We may also disclose information if required by law or to protect the rights, safety, or property of users, the public, or us, and in connection with a merger, acquisition, or sale of assets (with notice as required by law). We do not sell your personal information and do not share it for cross-context behavioral advertising.
International Data Transfers
Some of our service providers are located in the United States and other countries. If you use server-backed features, your information may be transferred to and processed in countries whose data-protection laws differ from your own. Where required, we rely on appropriate safeguards (such as Standard Contractual Clauses).
Data Retention
- Account data (email, name, subscription status): retained while your account is active
- Breach monitors, alerts, and push token: retained while active or until you delete your account
- AI chat history: stored on your device; a content-free usage log is kept briefly on our servers for rate limiting
- Breach/news feeds: refreshed periodically; older cached data is overwritten
- Deleted account data: permanently removed from our active systems within 30 days of account deletion, except where retention is required by law
Security
We use industry-standard measures — including encryption in transit and at rest, access controls, and row-level security — to protect your information. No method of transmission or storage is completely secure, and we cannot guarantee absolute security. You are responsible for keeping your account credentials confidential. If we become aware of a breach affecting your personal data, we will notify you and authorities as required by applicable law.
Your Rights and Choices
Regardless of location, you can access, correct, export, or delete your data — including your entire account and all associated server data — from Settings, or by contacting us.
EEA/UK (GDPR)
You have the rights to access, rectification, erasure, restriction, portability, and objection, and the right to withdraw consent. You may also lodge a complaint with your local supervisory authority.
California (CCPA/CPRA)
You have the rights to know what personal information we collect and how we use it, to access and delete it, to correct it, and to not be discriminated against for exercising your rights. In the past 12 months we have collected the categories described above (identifiers, account information, and commercial/subscription information) for the business purposes described above. We do not sell or share your personal information as those terms are defined under California law, and we do not knowingly sell or share the personal information of minors.
To exercise these rights, use the in-app controls or email info@clearlyprivacy.app. We will verify your request through your account and respond within the time required by law.
Cookies and Local Storage
The App does not use advertising cookies. It stores data locally on your device (for example, your reviews, settings, and cached content) so the App functions and performs well. You can clear this by deleting the App or using in-app data controls.
Third-Party Links
The App may link to third-party websites (for example, breach disclosures or public records). We are not responsible for the privacy practices or content of those sites. Review their policies before providing information.
Children's Privacy
The App is not directed to children. You must be at least 16 years old (or the minimum age of digital consent in your country) to create an account. We do not knowingly collect personal information from children. If you believe a child has provided us information, contact us and we will delete it.
Changes to This Policy
We may update this Policy as the App evolves or as required by law. Material changes will be indicated by updating the "Last Updated" date above and, where appropriate, additional notice. Your continued use of the App after changes take effect constitutes acceptance.
Contact
Questions, requests, or complaints about this Policy:
Adam Dreyfuss · info@clearlyprivacy.app