SSelfPilot

Privacy Policy

How SelfPilot handles user data.

Effective June 3, 2026. This policy explains what data SelfPilot collects, how it is used, who processes it, and how users can request access or deletion.

1. Who operates SelfPilot

SelfPilot is operated by Thomas Schallert. The publisher details on this page are placeholders and must be replaced with the final legal entity and contact details before App Store submission.

2. Data SelfPilot collects

SelfPilot collects data only when it is needed to provide account, sync, capture, planning, review, notification, transcription, support, security, or service operation features.

Account and authentication data

  • Email address, display name where provided, and account identifiers.
  • Supabase user ID and authentication session metadata.
  • Apple Sign In or Google Sign-In identity tokens handled through those providers and Supabase.

User content

  • Notes, pages, goals, tasks, schedules, journal entries, reflections, reviews, settings, and preferences.
  • Captures, uploaded documents, images, audio recordings, and generated transcripts.
  • Free-form text or voice content entered by users, which may include sensitive information if users choose to include it.

Permission-derived and device-related data

  • Camera and photo library content only when the user captures or selects media.
  • Microphone audio and speech recognition content only when the user records or transcribes.
  • Push notification tokens and notification preferences when notifications are enabled.
  • Product interaction, app functionality events, settings, and diagnostics used to operate and improve the service.

3. How SelfPilot uses data

  • Authenticate users and protect accounts.
  • Sync, store, display, and update user-created content across devices.
  • Process captures, uploads, voice recordings, and transcripts.
  • Send requested reminders, notifications, and planning prompts.
  • Provide customer support, debug issues, prevent abuse, and operate the service.
  • Maintain security, reliability, backups, and service performance.

4. Third-party processors

SelfPilot uses third-party providers to deliver core functionality. These providers may process data only as needed to provide their services and are expected to protect user data consistently with this policy.

  • Supabase for authentication, user accounts, storage, and database services.
  • Apple Sign In and Google Sign-In for optional account authentication.
  • Expo and EAS for mobile updates, build infrastructure, and push notification delivery.
  • SelfPilot backend/API hosting and infrastructure providers for application services.
  • Transcription infrastructure used to convert user-submitted audio into text.

5. Advertising, selling, and tracking

SelfPilot does not sell personal data, does not show third-party advertising, and does not use data to track users across apps or websites owned by other companies. If these practices change, this policy and App Store privacy details must be updated before the changed behavior ships.

6. Retention and deletion

SelfPilot retains account data and user content while the account is active or as needed to provide the service. Users can request deletion of their account and associated data by following the account deletion instructions. Some records may be retained temporarily where required for security, backups, legal compliance, dispute resolution, or fraud prevention.

7. User choices and consent

  • Users can revoke camera, photo, microphone, speech recognition, and notification permissions in operating system settings.
  • Users can stop using optional capture, upload, transcription, and notification features at any time.
  • Users can request access, correction, export, or deletion through the Privacy Choices page.
  • Users can revoke Apple or Google account access through those provider account settings where applicable.

8. Children

SelfPilot is not intended for children under 13. The app should not knowingly collect personal data from children. If you believe a child has provided data, contact hello@selfpilot.app so it can be reviewed and deleted where appropriate.

9. International users

Data may be processed in countries where SelfPilot and its service providers operate. Users may have rights under local privacy laws, including rights to access, correct, delete, export, or object to certain processing.

10. App Store privacy label checklist

Internal implementation guidance only, not legal advice. Confirm the final answers in App Store Connect against the shipped app and all active processors.

  • Contact Info: email address and name where provided, linked to the user, used for app functionality.
  • User Content: notes, free-form content, uploaded files, photos/images, audio recordings, and transcripts, linked to the user, used for app functionality and personalization.
  • Identifiers: Supabase user ID/account ID, linked to the user, used for app functionality and security.
  • Usage Data: product interaction and app functionality events where collected, linked to the user if stored with the account, used for app functionality and service improvement.
  • Diagnostics: crash/performance/technical data where collected by app infrastructure, used for app functionality.
  • Tracking: answer no unless advertising, data broker sharing, or cross-company tracking is added later.