Privacy Policy

Overview

THEPROTOCOL ("we", "us", "our") operates the THEPROTOCOL mobile application and website. This policy describes how we collect, use, and protect your information.

Data We Collect

• Email address
• Protocol modules (the habits you define)
• Daily compliance logs
• Streak data
• Push notification tokens (Expo)
• Device information

How We Use Your Data

• Providing and maintaining the service
• Sending protocol signals (push notifications)
• Improving the app experience

Data Storage

Your data is stored on Supabase cloud infrastructure in US regions. Local device data is stored via AsyncStorage on your device.

Push Notifications

When signals are enabled, we store your Expo push token to deliver scheduled protocol reminders. You can disable signals at any time in your app settings.

Third Parties

• Expo — push notification delivery
• Supabase — database and authentication
• Vercel Analytics — landing page only (not the app)

Data Retention

Account data is retained until you request deletion. You can delete your account in Settings, which permanently removes all data via our delete_account process.

Your Rights

You have the right to access, correct, and delete your data. We are compliant with GDPR and CCPA regulations.

Children

THEPROTOCOL is not directed at children under the age of 13. We do not knowingly collect data from children under 13.

Changes

We may update this privacy policy from time to time. Check this page for the latest version.

Contact

For privacy-related inquiries, contact us at support@theprotocol.one