Privacy Policy

1. Introduction

Toured ("we," "us," or "our") is operated by Roofener Development LLC, a limited liability company. This Privacy Policy describes how we collect, use, store, and protect your personal information when you use the Toured mobile application (the "App") and any related services.

By creating an account or using the App, you acknowledge that you have read, understood, and agree to the collection and use of your information in accordance with this Privacy Policy. If you do not agree with any part of this Privacy Policy, do not use the App. If you have already created an account and no longer agree, your sole and exclusive remedy is to delete your account (see Section 8) and stop using the App, which will permanently remove all of your personal data from our servers.

The App is available exclusively in the United States and is intended for users located in the United States.

2. Information We Collect

2.1 Information You Provide

• Account Information: When you create an account, we collect your email address, first name, last name, and account type (student or parent). If you sign in with Apple, we receive your name and email (or an Apple relay email) as authorized by you.
• Profile Information: Graduation year (for students), referral source (how you heard about the App), and any optional profile details you provide.
• Rankings & Preferences: If you rank colleges or set priority weights (your personal importance for categories like academics, campus, dining, etc.), this data is stored in your profile. You may also mark colleges with interest levels (such as love, like, or dislike) to track your preferences; these interest levels are stored in your profile.
• Visit Data: When you log a college visit, we collect your ratings across seven categories (campus beauty, academics, student life, dorms, dining, facilities, location), written notes and category-specific notes, written reflections on any guided prompts you choose from a bank of 25+ questions (organized by themes such as essentials, academics, student life, living and dining, campus surroundings, facilities and athletics, and fit), and visit dates. For planned visits, we store your planned date and optional start/end times. For live visits (started when near campus), we also store check-in and check-out times, paused duration, and timestamped live notes (each with a category, sentiment, and optional photo).
• Collaborative Visit Data: During a live visit, a linked parent may join and contribute notes and photos in real time. Their contributions are stored as part of the visit record, attributed by author name and ID.
• Photos: Photos you take with your camera or import from your photo library during college visits. You choose which photos to capture and upload. You may also add captions and tags to photos.
• Business Cards: If you photograph a business card during a college visit, the photo is uploaded and stored alongside metadata including the associated college and capture date. Business card photos are stored separately from visit photos and can be deleted individually.
• Feedback: Bug reports and feature requests you voluntarily submit through the App, including title, description, category, severity (for bugs), and optional screenshots. If you provide your name, it may be displayed alongside approved submissions on the public Feedback Board. Other users can upvote or downvote approved feedback items. You can delete your own submissions unless they are marked as in progress or done.
• Device Diagnostic Information: When you submit a bug report or feature request, we automatically collect device information to help us diagnose issues. This includes your iOS version, app version and build number, device model (e.g., "iPhone 16 Pro"), device name (e.g., "John's iPhone"), locale, timezone, and screen size. This information is displayed to you in a collapsible "Auto-collected" section before you submit. Device diagnostic information is stored alongside your feedback submission and is not used for any other purpose.
• Payment Information: We do not directly collect or store your credit card number or payment credentials. Payments are processed by Apple (via In-App Purchase) or Stripe, Inc., depending on the platform and subscription type. From Apple In-App Purchase, we receive transaction IDs, product identifiers, purchase dates, and expiration dates. From Stripe, we receive your Stripe customer ID, Stripe subscription ID, plan type, and subscription status.

2.2 Information Collected Automatically

• Location Data: With your permission, we temporarily request precise location (when the App is in use) to detect proximity to college campuses (within approximately 500 meters). We use this to prompt you to start a live visit and to find nearby colleges. Your location is processed in real time and is not stored on our servers or in any database. We do not track your location in the background or when the App is closed.
• Usage Data: We collect basic usage counters for free-tier limits (e.g., number of college detail views per day, number of comparisons per day, whether your free visit log or planned visit slot is used). These are stored as part of your profile and are not shared with third parties.

2.3 Information We Do Not Collect

• We do not use advertising identifiers (IDFA) or participate in ad tracking.
• We do not use third-party analytics, advertising, crash reporting, or tracking SDKs.
• We do not sell, rent, or share your personal information with data brokers or advertisers. (Aggregated, de-identified data that cannot identify any individual user is not considered personal information — see Section 3.1.)
• We do not track you across other apps or websites.
• We do not send push notifications. The App does not use Apple's Push Notification service or any remote notification capability.
• We do not store your location data. Location is used only for real-time proximity detection and is never persisted.

3. How We Use Your Information

We use the information we collect for the following purposes:

• Provide and operate the App: To create and manage your account, log visits (including live visits and planned visits), store your photos and notes, generate side-by-side comparisons and personalized rankings with Fit Scores, and deliver all App features.
• Linked accounts: To enable parents and counselors to view student visit data, as authorized by the student through account linking. This includes enabling co-parent connections.
• Collaborative visits: To allow linked parents to join a student's live visit in real time and contribute notes and photos together.
• Live Activities: To display your active live visit status on your device's Lock Screen and Dynamic Island (for students and parents). This data stays on your device.
• Proximity detection: To detect when you are near a college campus (within approximately 500 meters) and offer to start a live visit.
• Subscription management: To process your subscription, verify premium access (including access granted by a parent's Family Plan or a counselor's plan), and manage billing through Apple In-App Purchase or Stripe, depending on the platform.
• Communication: To send account verification emails (OTP), password reset emails, and account deletion confirmation codes. We do not send marketing emails or push notifications.
• Feedback Board: To display approved bug reports and feature requests on the public Feedback Board, allowing users to upvote and downvote submissions and track their status.
• Improve the App: To respond to bug reports and feature requests you submit. Device diagnostic information attached to feedback helps us reproduce and fix issues specific to your device configuration.
• App configuration: To deliver maintenance mode notices, version update prompts, and announcements via our remote configuration system.
• Legal compliance: To comply with applicable laws, regulations, and legal processes.

3.1 Aggregated and De-Identified Data

We may create aggregated, de-identified data derived from user activity and content — for example, aggregate statistics about how colleges are rated or visited across all users. This data is stripped of all personally identifiable information and cannot reasonably be used to identify any individual user.

Aggregated, de-identified data is not personal information. We may use, analyze, and share such data for any lawful purpose, including research, analytics, business intelligence, and industry insights. This use may continue even after you delete your account, because the data cannot be traced back to you.

4. How We Store and Protect Your Data

4.1 Data Storage

Your data is stored using the following services:

• Supabase: Your account information, profile, visit data, linked accounts, invite codes, feedback submissions, and subscription records are stored in a database hosted by Supabase, Inc. on infrastructure provided by Amazon Web Services (AWS) in the United States.
• Supabase Storage: Photos you upload during visits, business card photos you capture, and optional screenshots attached to feedback submissions are stored in cloud storage provided by Supabase, hosted in the United States.
• Local Offline Cache: The App caches visits, college data, profile information, rankings, and linked account data locally on your device to enable offline functionality. This data is automatically refreshed when you are online.
• Offline Sync Queue: When you use the App without an internet connection, actions such as saving visit notes, uploading photos, updating rankings, or modifying visit data are queued locally on your device. Queued actions are automatically synced with our servers when connectivity is restored. Failed operations are automatically retried before being discarded.
• Local Photo Storage: Photos taken or imported during visits while offline are temporarily stored on your device until they can be uploaded to our servers. These temporary files are cleaned up after successful upload.
• Photo Cache: Photos you have previously viewed are cached on your device for faster loading. This cache may be automatically purged by iOS when device storage is low. Cached photos are not transmitted to our servers.
• Secure Local Storage: Visit log drafts (in-progress visit entries) are securely stored on your device to prevent data loss. Drafts are automatically discarded after a period of inactivity. This data is never transmitted to our servers.
• Local Preferences: Settings such as theme preference (light, dark, or system), shake-to-report toggle, save-photos-to-camera-roll toggle, recent college searches (up to 12), onboarding progress, and cached display information (name, account type, premium status) are stored locally on your device. These are never transmitted to our servers.

4.2 Security Measures

We implement reasonable and appropriate security measures to protect your personal information, including:

• All data transmitted between the App and our servers is encrypted using TLS (Transport Layer Security).
• Database access is protected by access control policies, ensuring users can only access their own data.
• Authentication tokens are managed securely.
• Payment processing is handled by Apple's In-App Purchase system (for iOS app subscriptions) and Stripe, a PCI DSS Level 1 certified payment processor (for web-based subscriptions).
• Account deletion requires re-authentication via email-based OTP (one-time password) verification and is processed server-side.

While we take reasonable precautions, no method of electronic storage or transmission over the Internet is 100% secure. We cannot and do not guarantee the absolute security of your data. You acknowledge that you provide your personal information at your own risk.

You further acknowledge that we rely on third-party service providers (including Supabase, Stripe, Apple, and AWS) for data storage, processing, and transmission, and that the security of your data while in the custody of these providers is governed by their own security practices, over which we have no control. We are not responsible or liable for any security breach, unauthorized access, or data loss that occurs at any third-party provider's systems or infrastructure.

5. Third-Party Services

We use the following third-party services to operate the App. Each service has its own privacy policy governing how it handles your data:

Service	Purpose	Data Shared
Supabase	Backend infrastructure and services	Account info, visit data, photos, feedback submissions (including device diagnostic info and screenshots), profile data, linked account data
Stripe	Payment processing for web-based subscriptions (e.g., Counselor plans)	Email address, subscription plan selection; Stripe handles all payment credentials
Apple	Sign In with Apple authentication; In-App Purchase payment processing for Student and Family subscriptions (monthly and annual billing options)	Name and email (as authorized by you); transaction IDs, product identifiers, and purchase/expiration dates for In-App Purchases

Privacy policies for these services:

• Supabase: supabase.com/privacy
• Stripe: stripe.com/privacy
• Apple: apple.com/privacy

We do not use any analytics, advertising, crash reporting, or behavioral tracking services. The only third-party services processing your data are those listed above.

5.1 Third-Party Liability Disclaimer

The third-party services listed above are independently owned and operated and are not under our control. Each third-party provider is solely responsible for its own security practices, data protection measures, and compliance with applicable laws and regulations.

We are not responsible or liable for any data breach, data leak, security incident, unauthorized access, data loss, data corruption, service outage, or other failure at any third-party service provider, including but not limited to Supabase, Stripe, Apple, Amazon Web Services (AWS), or any of their subcontractors or infrastructure providers.

In the event of a data breach or security incident at a third-party provider that may affect your personal information:

• We will make commercially reasonable efforts to notify affected users promptly upon learning of the incident, to the extent required by applicable law.
• Your sole recourse for any harm arising from such incident is against the responsible third-party provider under its own terms of service and privacy policy.
• We disclaim all liability for the actions, omissions, or negligence of any third-party service provider, regardless of whether we selected, integrated, or recommended the use of such provider.

By using the App, you acknowledge that your data is processed and stored using third-party infrastructure, and you voluntarily assume all risks associated with the transmission and storage of your data through these services.

6. Linked Accounts and Data Sharing Between Users

The App allows students to link their accounts with parents and/or counselors using single-use invite codes (which expire after 7 days). When you link your account:

• Students: By linking to a parent or counselor, you authorize them to view your college visit data, planned visits, rankings, and profile information. You control the access level: "View All" (everything including photos) or "View Limited" (everything except photos).
• Parents: You can view your linked children's visit data. You can invite a co-parent who will share the same view of your linked students. Parents with a Family Plan subscription grant premium access to linked students. Parents may join a student's live visit to collaboratively add notes and photos in real time. Parents may also recommend colleges to their linked students; recommendations include the college, the recommending parent's identity, and a status (e.g., active or dismissed).
• Counselors: Counselors may link to students through a separate platform. Counselors with an active plan grant premium access to their linked students. Counselors may also recommend colleges to their linked students.

Profile data shared between linked accounts: When accounts are linked, only basic profile information is shared: name, account type, graduation year (for students), and account creation date. Your personal preferences, priority weights, college rankings, and referral source are not shared with linked accounts.

You can unlink accounts at any time through the App's settings, which immediately revokes data access.

7. Children's Privacy

The App is designed for high school students planning college visits. We recognize that some users may be under the age of 18.

• The App is not directed at children under the age of 13. Users must be at least 13 years old to create an account.
• If we become aware that we have collected personal information from a child under 13 without verifiable parental consent, we will take steps to delete that information promptly.
• For users between the ages of 13 and 17, we encourage parental involvement. The App's linked account feature allows parents to connect to and monitor their student's college visit activity.
• If you are a parent or guardian and believe your child under 13 has provided us with personal information, please contact us at the email address below.

We comply with the Children's Online Privacy Protection Act (COPPA) and do not knowingly collect personal information from children under 13.

8. Your Rights

8.1 All Users

Regardless of where you are located, you have the following rights:

• Access: You can view all of your personal information within the App at any time, including your profile, visits, photos, rankings, and linked accounts.
• Correction: You can edit your profile information, visit notes, ratings, and other data directly within the App.
• Deletion: You can permanently delete your account and all associated data through Settings > Profile > Delete Account. This process requires re-authentication via email OTP and is irreversible. Upon deletion, we remove your profile, visits, photos, feedback submissions, linked account connections, subscription records, and all other personal data from our servers.
• Portability: You can view all of your data within the App, including your profile, visits, notes, ratings, and linked accounts. Visit photos can be saved to your device's photo library. We do not currently offer a bulk data export feature.
• Withdraw Consent: You can revoke location, camera, and photo library permissions at any time through your device's Settings. You can unlink accounts to revoke data sharing. You may withdraw your consent to our collection and processing of your personal data entirely by deleting your account, which will permanently remove all of your personal information from our servers within 30 days.

8.2 California Residents (CCPA / CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA):

• Right to Know: You have the right to request that we disclose the categories and specific pieces of personal information we have collected about you, the categories of sources, the business purposes for collection, and the categories of third parties with whom we share it.
• Right to Delete: You have the right to request deletion of your personal information, subject to certain exceptions. You can exercise this right through the in-app account deletion feature.
• Right to Opt-Out of Sale: We do not sell your personal information. We do not share your personal information for cross-context behavioral advertising. (Aggregated, de-identified data that cannot identify any individual user is not personal information under the CCPA — see Section 3.1.)
• Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights.

To exercise any of these rights, you may use the in-app features described above or contact us at the email address provided below.

8.3 Other State Privacy Laws

If you are a resident of Virginia, Colorado, Connecticut, Utah, or another state with consumer privacy legislation, you may have similar rights to access, correct, delete, and opt out of the sale of your personal information. To exercise these rights, please contact us at the email address below.

9. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you with the App's services. We currently retain all user data at no additional cost for the lifetime of your account; however, we reserve the right to introduce data retention limits or require a paid subscription for long-term or indefinite data storage in the future. If we make such a change, we will provide reasonable advance notice and will not delete any existing data without giving you the opportunity to take action.

Specifically:

• Account data: Retained until you delete your account.
• Visit data, photos, and business cards: Retained until you delete the individual item or your account.
• Subscription records: Retained for as long as required by applicable tax and financial regulations (typically up to 7 years after the subscription ends).
• Feedback submissions: Retained until you delete them or until you delete your account. Approved feedback that appears on the public Feedback Board remains visible until deleted. Device diagnostic information is retained with the feedback submission and deleted when the submission is deleted.

When you delete your account, we will permanently delete or de-identify your personal information within 30 days, except where we are required by law to retain certain records. Specifically:

• Your profile, visit data, photos, business cards, college interest tracking, recommendations, feedback submissions, linked account connections, invite codes, and all other personal data stored in Supabase will be permanently deleted.
• Your Stripe customer record (if applicable) and payment method data will be deleted. Subscription and payment records may be retained by Apple, Stripe, and/or by us for up to 7 years as required by applicable tax, accounting, and financial regulations.
• Data cached locally on your device — including offline data, cached content, drafts, and preferences — will no longer sync and can be removed by uninstalling the App. Signing out of the App also clears local caches and queued data.

After account deletion, we will have no further ability to access, recover, or restore your personal data. Any aggregated, de-identified data that was derived from your activity prior to deletion (as described in Section 3.1) is not personal data, cannot be traced back to you, and may be retained.

10. Device Permissions

The App may request the following device permissions. All permissions are optional and can be managed through your device's Settings:

• Location (When In Use): Used to detect when you are near a college campus (within approximately 500 meters) to offer live visit features. Precise location is temporarily requested for reliable proximity detection. Location is only accessed while the App is open and in use — never when the App is closed, in the background, or not actively on screen. Your location is never stored on our servers.
• Camera: Used to take photos during college visits. Photos are only captured when you actively choose to take a photo.
• Photo Library (Read): Used to import existing photos into visit logs.
• Photo Library (Write): Used to save visit photos to your device's camera roll (controlled by a toggle in Settings; enabled by default).

The App does not request permission for push notifications, microphone, contacts, Bluetooth, or any other device capabilities.

Denying any permission will not prevent you from using the App, though certain features may be limited.

11. Changes to This Privacy Policy

We reserve the right to update this Privacy Policy at any time, for any reason, at our sole discretion. When we make changes, we will update the "Last Updated" date at the top of this page. We may, but are not obligated to, provide additional notice of changes through the App or via email.

It is your sole responsibility to review this Privacy Policy periodically for changes. Your continued use of the App after any changes are posted constitutes your acceptance of the updated Privacy Policy. If you do not agree with any changes to this Privacy Policy, you must stop using the App and delete your account through Settings > Profile > Delete Account, which will permanently remove all of your personal data from our servers.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: