Last updated: June 1, 2026
This Privacy Policy explains what information itsme (“the app”, “we”, “us”) collects, how it’s used, who it’s shared with, and the choices you have. It’s written to be clear and plain. If anything is confusing, email tobypenk@gmail.com and we’ll explain.
itsme is a personal identity-verification app for family and trusted-circle use. It is operated as a sole-proprietorship by the developer, contactable at tobypenk@gmail.com.
itsme is currently offered only in the United States.
To create your account: - Your phone number — used to send the one-time login code and to identify your account. Stored by our auth provider (Supabase), hashed at rest. - Your display name and how you describe yourself within your circle (e.g. “Daughter”, “Mom”) — entered by you during onboarding.
Optional, only if you provide it: - A profile photo — uploaded by you and stored in Supabase Storage. - An Expo push notification token — required to deliver verification requests and safe-signal alerts to your device. Stored in our database keyed to your account.
Generated through use: - Verification events — a calm timeline of who you verified, who you pinged, and how the request was resolved. Each event records the participants, the circle, the result, and a timestamp. - Daily phrases — automatically rotated short word pairs (e.g. “Sage Anchor”) generated by our server for each circle.
Subscription information (if you upgrade): - The fact that you have an active subscription, its type (monthly/annual), and renewal status. The actual purchase is processed by Apple In-App Purchase; we never see your card information.
Anonymous diagnostics: - Crash reports (via Sentry) — when itsme crashes or hits an error, a stack trace is sent so we can fix it. Personally identifying details (name, phone number, content) are stripped. - Anonymous usage events (via PostHog) — which features get used (e.g. “a verify was started”, “a ping was sent”). We do not collect the phrase content, member names, or what was said during a verification. IP addresses are not stored.
What we do NOT collect: - We do not collect your location. - We do not record audio, photos, or video beyond the optional profile photo you upload. - We do not collect your contacts or address book. - We do not track you across other apps or websites. - We do not use advertising SDKs. - We do not sell your data.
We use what we collect only to operate the service — sending you OTP codes, showing you your circle’s daily phrase, delivering push notifications to the people you ask, and recording your verification history so you can look back on it.
We do not profile you or use your data for any purpose unrelated to the app’s core function.
itsme relies on third-party services to operate. They have access only to what they need:
| Provider | Used for | Where the data lives |
|---|---|---|
| Supabase (US) | Database, auth, storage, edge functions | United States |
| Twilio (US) | SMS one-time codes for sign-in | United States |
| Expo / Apple Push Notification Service | Delivering push notifications | United States |
| RevenueCat (US) | Subscription management for Apple In-App Purchases | United States |
| Apple | App distribution, in-app purchase processing | United States |
| Sentry (US) | Crash reporting and error diagnostics. Configured with PII disabled — we send error stack traces and a hashed user ID, never your name, phone number, or content. | United States |
| PostHog (US) | Anonymous product analytics — which features are used, where people get stuck. Configured with IP-address collection and session recording disabled. We send event names (e.g. “verify_matched”) and a hashed user ID, never your name, phone number, photo, or circle content. | United States |
Each provider has its own privacy policy; together with this one they describe the full data flow.
We keep your data for as long as your account is active. If you delete your account (Settings → Privacy → Delete my account), we permanently remove:
This is irreversible and happens within 30 days at the latest; most deletions are immediate.
Verification events where you were the recipient (not initiator) may be retained on the initiator’s account history; we do not delete other users’ history when you leave.
Regardless of where you live, you have the following rights in itsme:
If you live in California, you have additional rights under CCPA, including the right to know what we collect and not be discriminated against for exercising your rights. The exports and deletion flows above satisfy these.
itsme is intended for users 13 and older. We do not knowingly collect information from anyone under 13. If you believe a child under 13 has created an account, email tobypenk@gmail.com and we will delete it.
We use TLS in transit for all network traffic. Database access is restricted via Row-Level Security so users can only read and write data within their own circles. Auth tokens are stored in the device’s secure keychain. No security is perfect, but we keep what we collect minimal so there is less to expose.
If we change this policy, we will update the “Last updated” date and notify active users in-app at next sign-in. Material changes will be announced more prominently.
Email tobypenk@gmail.com for any privacy question, including data access, correction, deletion, or complaint.