Toddl is a small independent app operated as a sole proprietorship ("we", "us").
You can reach us at hello@toddl.family.
What data we collect
Account data
Email address (from Apple/Google OAuth or direct sign-up)
User identifier from the auth provider
Display name / parent title (optional, user-provided)
Avatar choice (emoji, user-selected)
Family content you create
Family name
Children's names and optional birthdays
Captured words: the word, meaning, context, capture mode, date, and any dialogue lines
Favorites, first-word flags
Technical data
Device type and OS version (when app crashes are reported)
Approximate location (only when you explicitly capture it with a word — stored as text, not coordinates, except where you agree)
IP address (processed transiently by our hosting provider for connectivity)
What we do NOT collect
Advertising identifiers (IDFA/AAID)
Third-party tracking cookies
Contacts, photos, camera, or microphone (except features you actively invoke)
Precise GPS location outside the feature you opt into
Why we collect it
Account data — to authenticate you and link your content to your family
Family content — this is the core product you create; stored so you can see it
Technical data — to diagnose crashes (via Sentry) and ensure the service works
We do not sell, rent, or trade your data to anyone.
Where data is stored
Application database & auth: Supabase (Postgres)
Crash reports: Sentry
Media (photos/audio, when introduced in a future version): Cloudflare R2
Each provider operates globally-distributed infrastructure. Data is encrypted in transit and at rest.
Children's data (COPPA / GDPR-K)
Toddl is designed for adults (parents/guardians) capturing content about their own children.
It is not directed at children under 13. We do not knowingly collect personal information
directly from children. The content about children is captured and controlled by the parent/guardian
account holder. If you believe a child has submitted data directly, contact us and we will delete it.
Your rights
Access: request a copy of your data via email
Deletion: in-app via Settings → "Delete account". This permanently removes your family, children, words, and auth record. There is no recovery.
Correction: edit content directly in the app, or contact us
Portability: the Memory Book PDF export provides your content in a readable format; JSON export on request
Withdrawal of consent: stop using the app and/or delete your account
If you are in the EU/UK, you have additional rights under GDPR including the right to lodge a complaint with a supervisory authority.
If you are in California, you have additional rights under CCPA/CPRA.
Data retention
Active accounts: as long as you use the service
Deleted accounts: permanently removed from our live database immediately. Backup copies are purged within 30 days.
Crash reports: 30 days (Sentry free tier default)
Third parties
Vendor
Purpose
Data shared
Supabase
Database, auth
All account + family content
Apple
Sign in with Apple
Email (relay or actual), name (first sign-in only)
Google
Sign in with Google
Email, profile info
Sentry
Crash reporting
Anonymized stack traces, user ID
Cloudflare R2
Media storage (future)
Media you upload
Security
Supabase Row-Level Security restricts data access to your own family
All traffic is TLS (HTTPS) encrypted
Passwords (if used) are hashed by Supabase Auth using industry-standard algorithms
We follow Apple's App Transport Security requirements
Changes
We will post any changes to this policy here and, if material, notify you in the app before they take effect.