Privacy Policy

• Account: email address, an encrypted password (or your OAuth provider id).
• Your data: the tingles, projects, sessions, and log entries you create.
• Operational logs: minimal request logs (IP, user-agent, route) kept up to 14 days for security.

• No third-party advertising trackers.
• No behavioural profiling, no fingerprinting.
• No selling, renting or sharing your data with anyone.
• No model training on your tingles. Ever.

So the app works across devices, so we can show you your own data when you log back in, and so we can investigate abuse or security incidents. That's it.

Data is stored on managed cloud infrastructure (currently Supabase on AWS, EU region by default). It is encrypted at rest and in transit.

• Access & export: download all your data as JSON from Settings.
• Correction: edit anything inside the app.
• Deletion: delete your account from Settings — wipes data within 30 days.
• EU/UK GDPR: you can lodge a complaint with your local data authority.

We use only the cookies needed to keep you signed in. No analytics cookies, no advertising cookies, no banner you have to dismiss.

99tingles is not directed at children under 13. We don't knowingly collect data from them. If you believe we have, please tell us and we'll delete it.

We'll announce any material change inside the app before it takes effect.

Privacy questions or data requests: privacy@99tingles.com.