rally — privacy policy
Last updated: 2026-04-30
This policy explains what data rally ("we", "the Service") collects, why, and what you can do about it. Plain language; no dark patterns.
1. What we collect
| Category | Why we have it |
|---|
| Email address | Account identity, sign-in, password reset, transactional notifications |
| Username | How friends find and tag you on plans |
| Phone number (optional) | Friends can find you by phone; we never SMS you marketing |
| Profile picture (optional) | Avatar shown on your plans and to your friends |
| Contacts you import | Match phone numbers against rally users so you can find your existing friends. Your contact list is NEVER uploaded in bulk — we hash phone numbers locally and only check matches. |
| Plans, options, votes, reactions you create | The core of the Service. Visible to people you share each plan with. |
| Push notification token | So we can notify you when friends vote or lock in plans |
| Crash + error logs (Sentry) | Diagnose bugs. Logs are tagged with your user ID but contain no plan content, contact data, or messages. |
| IP address + device type | Standard request logs (Supabase + Netlify), retained ~30 days for abuse prevention |
2. What we do NOT collect
- Advertising identifiers (IDFA). rally does not show ads and does not track you across other apps or websites.
- Location data. We never request or read your GPS / coarse location.
- Health data, financial data, biometric templates. Face ID / Touch ID auth happens on your device — we never see the biometric data.
- Microphone or camera content beyond an avatar photo you explicitly upload.
- Your full contact list. We use the system contact picker for individual people, or local hash matching for friend discovery — your address book is not uploaded.
3. Who we share data with
- Other rally users: people you invite to a plan see the plan content + your username + your votes/reactions on shared plans. That's the product.
- Service providers (sub-processors): Supabase (database + auth), Netlify (web hosting), OneSignal (push delivery), Sentry (crash reporting), Twilio (outbound SMS for plan invites). Each only receives the minimum data needed to do their job.
- Law enforcement: only when legally compelled by valid process. We will notify you unless prohibited.
- Nobody else. We do not sell your data. We do not share with advertisers. We do not use your plan content to train AI.
4. Your rights and controls
- Delete your account: Profile → "delete account & all data". This permanently removes your auth row, profile, plans, votes, reactions, friend connections, and uploaded avatar. Cannot be undone.
- Block other users: Profile → safety card lists everyone you've blocked, with one-tap unblock.
- Report content: Tap "report this plan" on the live plan screen, or use the ⋯ menu on a friend row. Reviewed within 24 hours.
- Push notifications: turn off in iOS Settings → Notifications → Rally.
- Access / export: email rallysartplanning@gmail.com and we'll send you everything we hold on you within 30 days.
- Correction: edit your username, phone, or avatar from Profile.
5. Children
rally is not directed at children under 13. If you believe a child under 13 has created an account, email rallysartplanning@gmail.com and we'll delete it.
6. Data retention
Account data is retained until you delete the account. Crash logs and request logs are retained for ~30 days. Reports submitted via the safety card are retained as long as needed to enforce the Terms.
7. International transfers
rally's database is hosted by Supabase. Data may be processed in the US and EU. By using rally, you consent to this transfer.
8. Changes
If we materially change this policy, we'll surface the change in-app and email registered users at least 7 days before it takes effect.
9. Contact
Privacy questions: rallysartplanning@gmail.com