Privacy Policy

Effective: April 16, 2026

PairCare ("we", "us") respects your privacy. This policy explains what we collect, why, and how we protect it. The short version: we collect only what we need to run the app, we don't sell your data, and we don't show you in-app ads.

1. What We Collect

Data	Why
Email & name	Account creation and login
Age confirmation (18+)	Required at signup — checkbox only, we do not collect your date of birth
Love language quiz results & attachment style	Personalize quests and Daily Connect questions
Messages & chat	Deliver messages to your partner (visible only to your pair)
Mood logs	Track your emotional check-ins and share with your partner
Community posts & comments	Display in the social feed visible to all users
Photos	Profile avatars, shared couple photos, quest-proof photos, post attachments
Push notification tokens (Web Push, APNs, FCM)	Send quest reminders, partner nudges, and in-app event alerts
Quest & journey activity	Track progress, award PairPoints, maintain streaks
Device info (browser, OS, app version)	Bug reports, crash diagnostics, and platform-specific UX
Event waitlist email (optional)	Only if you submit the waitlist form on /event. Used solely to notify you about the Love & Libations Live event.

2. What We Don't Collect

Precise or background location data
Contact lists
Financial information or payment cards
Advertising identifiers (IDFA, AAID) — native apps do not request these
Date of birth or government ID

3. How We Store Your Data

Your data is stored on Supabase (hosted on AWS). Passwords are hashed with bcrypt. The app is served via Netlify. Photos are stored in Supabase Storage with row-level access controls.

4. Who Can See Your Data

Private data (messages, mood, goals, private photos, Daily Connect answers): Only you and your paired partner.
Community data (posts, comments, reactions): All PairCare users who open the Community tab.
Leaderboard data (display name, avatar, PairPoints, rank, streak): All PairCare users who open the Leaderboard tab.
Admin access: PairCare founders can view flagged or reported content for moderation, and may review limited account activity (recent message count, Daily Connect counts, quest completion counts) to verify contest eligibility and prevent abuse before distributing prizes. Full chat histories are never read for contest verification.

5. Contests & Prize Verification

PairCare runs monthly skill-based challenges with prizes. To protect the integrity of these contests and ensure fair outcomes for all participants, we may review a limited sample of activity from top-ranking couples before distributing prizes. This review is conducted only by PairCare founders, only for contest verification, and is limited to:

Recent message count and a small sample of recent messages (up to 5)
Recent Daily Connect answers (up to 3)
Quest completion counts for the current month

This helps us identify patterns that suggest abuse (automated activity, fake accounts, coordinated manipulation). Accounts found violating contest rules may be disqualified. Contests are not gambling — winners are determined by in-app activity, not chance or purchase.

6. Third-Party Services

We use the following third parties to operate PairCare. Each is listed with the categories of data they receive and the purpose of that data transfer.

Supabase (database, auth, storage, Edge Functions, Web Push) — receives everything stored in your account. Required for the app to function.
Netlify (web hosting) — receives standard web server logs (IP, user agent, page requested). Does not see your in-app content.
Apple Push Notification service (APNs) — native iOS push delivery. Receives the notification title, body, and a device token. Apple does not see your account contents.
Google Firebase Cloud Messaging (FCM) — native Android push delivery. Receives the notification title, body, and a device token. Google does not see your account contents.
Anthropic (Claude API) — generates Daily Connect questions, AI-picked quests, smart nudge copy, and monthly insights. Each request sends a limited context: partner first names, love language values, recent mood values, recent quest completion counts, and the previous week's Daily Connect questions (to avoid repetition). We do not send message contents, photos, or full chat histories. Per Anthropic's commercial terms, data submitted via the API is not used to train Anthropic models.
Meta Pixel — web marketing only. When you use PairCare in a web browser, we fire Meta's standard PageView event and a custom PairingCompleted event for sign-up funnel measurement. Meta Pixel does NOT run inside the native iOS or Android apps. You can block or disable it at the browser level; the app will continue to work normally. We do not use Meta Pixel for ad targeting against your in-app behavior.
Resend — transactional email delivery (quest reminders, approval nudges, weekly digests). Receives your email address and the email contents. Does not receive your password or in-app content beyond what the email itself contains.

We do not sell your personal data. We do not share your personal data with advertisers.

7. Data Retention

We keep your data as long as your account is active. When you delete your account from Settings → About → Delete my account, the following happens within 30 seconds:

Your profile, email, name, avatar, password hash are permanently deleted.
All chat messages you sent or received in your couple are permanently deleted (because the couple relationship is deleted).
Your mood logs, goals, quest history, Daily Connect answers, journey progress, shared photos, badges, PairPoints, streaks, push notification tokens, and notification history are permanently deleted.
Your couple relationship is dissolved; your partner will be unpaired and notified.
Your community posts and comments are anonymized rather than deleted, to preserve conversations for other users. They are reassigned to a "[Deleted User]" placeholder and any identifying metadata is stripped.
Photos attached to anything deleted above are removed from Supabase Storage within the same deletion operation.

Some backend logs (server-level error logs, not account content) may persist up to 90 days for operational reasons.

8. Your Rights

You can:

Access your data — it's all visible in the app.
Update your profile, name, avatar, email, and settings anytime.
Delete your account in-app: Settings → About → Delete my account.
Export — email hello@getpaircare.com and we'll provide a copy of your data within 30 days.
Request deletion outside the app (if you've lost access) — visit getpaircare.com/delete-account or email us.

California residents (CCPA/CPRA), EEA residents (GDPR), and UK residents (UK-GDPR) have additional rights, including the right to portability, correction, and objection to processing. Email us to exercise these rights.

9. Age Requirement

PairCare is only for people 18 or older. You must confirm you are 18+ when you create an account. We do not knowingly collect data from anyone under 18. If we learn a minor has created an account, we will delete it and notify the email on file. If you are a parent or guardian and believe your child has signed up, email hello@getpaircare.com.

10. Cookies & Local Storage

Web only: We use essential cookies and localStorage entries for Supabase authentication and for remembering UI preferences (theme, onboarding-seen flag). We use Meta Pixel cookies for sign-up funnel measurement as described in §6. No other tracking cookies.

Native apps: We use Capacitor's Preferences plugin (local device storage) for the same authentication and UI-preference purposes. No tracking cookies run in native.

11. Security

All connections use HTTPS/TLS. Passwords are hashed. Supabase Row Level Security policies enforce that users can only read their own data and data their partner has shared. Push notification tokens are stored server-side and never exposed to other users. If you suspect a security issue, email hello@getpaircare.com.

12. Changes

We may update this policy. Significant changes will be communicated in-app with an effective-date update at the top of this page. Continued use after changes means you accept the updated policy.

13. Contact

Privacy questions, data requests, or concerns? Email hello@getpaircare.com.

PairCare is built by Jeremiah in Texas. Your data stays between you and your person.