Privacy Policy

The short version. Shared task content is encrypted on your device before it is stored in sync systems. Push notifications use generic placeholders. No tracking. No ads. No data sales. Private tasks are never shared with your partner or stored on our servers.

How your data is stored

Tasks are stored locally using Core Data. iCloud backup syncs to your personal iCloud account. Your data, your iCloud, your control.

We use Supabase for sync. It stores:

Authentication sessions — anonymous or Sign in with Apple
Optional display names, profile photos, and profile photo URLs if you add them
Group metadata: group IDs, user IDs, pairing status
Invite codes (6-character, with expiry)
Task data as AES-256-GCM encrypted ciphertext
Activity logs between group members
Device tokens for push notifications
Sync diagnostics (off by default, can be enabled in Settings)

Private tasks stay private. Never synced to your partner. Never broadcast. Never stored on our servers. If iCloud backup is enabled, private tasks are included in your encrypted iCloud backup.

Task content is encrypted. Titles and notes are encrypted on your device with AES-256-GCM before they go anywhere. Only you and the other person in your group hold the key.

What we collect

The minimum required to make Halves work:

A Halves account ID — anonymous by default, with optional display names if you use Sign in with Apple
Group metadata: IDs, pairing status, timestamps
Invite codes you create or redeem
Encrypted task data for paired groups
Activity log entries between group members
Device tokens for push notifications
Optional profile photos and sync diagnostics (off by default)

We do not store plaintext shared task titles or notes in sync storage. Private tasks are never sent to our servers or your partner. If iCloud backup is on, all local data — including private tasks — is included in your encrypted iCloud backup. We do store the account and service metadata needed to operate Halves, including display names, profile photo URLs, device tokens, and diagnostics.

Real-time sync

Task data syncs via Supabase Realtime. Titles and notes are encrypted on-device before transmission. All connections use TLS.

Presence tracks only whether the other person is connected. No location, no IP, no usage data.

Push notifications use generic placeholders — actual titles are only visible in-app after decryption.

Third-party services

Supabase — auth, sync, activity logs, push delivery
Apple — Sign in with Apple, APNs, iCloud backup

No analytics SDKs. No ad networks. No tracking pixels. No cookies.

Security

AES-256-GCM client-side encryption with HKDF-SHA256 key derivation
TLS for all server connections
iOS Data Protection for local storage
Apple encryption for iCloud backup
Push notifications never contain task content
Soft-deleted tasks removed after 30 days

Data sharing

We don't sell your data. We don't share it. Task data and activity logs are shared only between members of a paired group.

Data retention and deletion

Deleting the app removes on-device data from that device. iCloud backups follow Apple's retention policies until you delete the backup.

Invite codes expire and are pruned daily
Soft-deleted tasks permanently removed after 30 days
In-app Delete Account removes your Halves account data, synced metadata, and auth record

Your rights

Depending on your location, you may have the right to access, correct, delete, or port your data.

Local data: delete the app. Halves account data: use in-app Delete Account or email hello@halves.app.

Children's privacy

Halves is not intended for users under 13.

Contact

hello@halves.app