WhimscopeWhimscope← Back to home

Privacy Policy

Effective date: May 1, 2026 · Last updated: May 29, 2026

1. Introduction

Whimscope ("we," "our," or "us") operates the Whimscope mobile application and website (collectively, the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

By accessing or using Whimscope, you agree to this Privacy Policy. If you do not agree with the terms of this policy, please do not use the Service.

2. Information We Collect

2.1 Information you provide directly

  • Account information: When you create an account, we collect your name, email address, and authentication credentials. You may also sign in through third-party providers (such as Google or Apple), in which case we receive your name and email from that provider.
  • Profile information: Any optional profile details you choose to provide, such as a display name or profile photo.
  • User-generated content: Whims (micro-adventure ideas), journal entries, checklists, photos, and any other content you create, upload, or share through the Service.
  • Community interactions: Posts, comments, and reactions you contribute to the community feed, as well as content you save from other users.
  • Communications: Information you provide when contacting support, submitting feedback, or participating in surveys.

2.2 Information collected automatically

  • Device information: Device type, operating system version, unique device identifiers, and app version.
  • Usage data: How you interact with the Service, including features used, screens viewed, session duration, and frequency of use.
  • Log data: IP address, browser type, access times, and referring URLs when you access our website.
  • Push notification tokens: If you opt in to push notifications, we collect your device push token to deliver notifications.

3. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and maintain the Service.
  • Create and manage your account, including authentication and security.
  • Enable you to create, store, and share whims, journal entries, photos, and other content.
  • Power community features such as the community feed, allowing you to discover and interact with content from other users.
  • Send you push notifications, email reminders, and other communications related to your activity (with your consent).
  • Analyze usage patterns to improve the Service, fix bugs, and develop new features.
  • Ensure the safety and integrity of the Service, including detecting and preventing abuse, fraud, or violations of our Terms of Use.
  • Respond to your support requests and communications.

4. How We Store and Protect Your Information

4.1 Infrastructure

Your data is stored using Supabase, which provides PostgreSQL-based database services and secure file storage. User authentication is handled through Supabase Auth with support for email/password, Google, and Apple sign-in methods. All data is protected by row-level security policies ensuring that users can only access their own data.

4.2 Security measures

We implement appropriate technical and organizational measures to protect your personal information, including:

  • Encryption of data in transit using TLS/SSL.
  • Row-level security at the database level to isolate user data.
  • Secure token-based authentication (JWT) for API access.
  • Regular security reviews of our infrastructure and codebase.

While we strive to protect your personal information, no method of electronic transmission or storage is 100% secure, and we cannot guarantee absolute security.

5. Sharing Your Information

We do not sell your personal information. We may share your information in the following limited circumstances:

  • Community features: Content you voluntarily share to the community feed is visible to other Whimscope users. You control what you share publicly.
  • Service providers: We work with third-party providers who assist in operating the Service (such as hosting, analytics, email delivery, and push notifications). These providers only access data necessary to perform their functions and are contractually obligated to protect it.
  • Legal requirements: We may disclose information if required by law, legal process, or governmental request, or when we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
  • Business transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

6. Third-Party Services

We use the following categories of third-party services:

  • Supabase: Authentication, database, and file storage.
  • Analytics providers: To understand usage patterns and improve the Service. Analytics data is aggregated and does not identify individual users.
  • Email delivery: For transactional emails, push notifications, and communications.
  • AI services: We may use AI providers to generate content suggestions (such as image prompts or checklists). User-generated content may be sent to these providers for processing but is not stored by them for training purposes.

7. Your Rights and Choices

7.1 Access and portability

You can access your personal data through the app at any time. Upon request, we will provide an export of your data in a portable format.

7.2 Correction

You can update your profile information and content directly within the app.

7.3 Deletion

You may request deletion of your account and all associated data by contacting us at support@whimscope.com. Upon receiving a verified request, we will delete your personal data within 30 days, except where retention is required by law.

7.4 Notifications

You can opt out of push notifications through your device settings at any time. You can manage email communication preferences through the app settings or by using the unsubscribe link in our emails.

7.5 Cookies and tracking

Our website may use cookies and similar technologies for analytics and functionality. You can manage cookie preferences through your browser settings.

8. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you with the Service. If you delete your account, we will delete your data within 30 days, except for data we are required to retain for legal, accounting, or compliance purposes.

Anonymized and aggregated data that cannot be used to identify you may be retained indefinitely for analytics and service improvement.

9. Children's Privacy

Whimscope is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If we learn that we have collected personal information from a child under 13, we will take steps to delete that information promptly. If you believe a child under 13 has provided us with personal information, please contact us at support@whimscope.com.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your own. These countries may have data protection laws that differ from those in your jurisdiction. By using the Service, you consent to the transfer of your information to such countries. We take steps to ensure your data is treated securely and in accordance with this Privacy Policy.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make changes, we will update the "Last updated" date at the top of this page. For material changes, we will notify you through the app or by email. Your continued use of the Service after any changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us at:

Whimscope
Email: support@whimscope.com