Privacy Policy
Last updated: May 8, 2026
TaskCove is operated by CoveloTech LLC ("we", "us"). This policy explains what data we collect, how we use it, and your rights. We try to be plainspoken — no dark patterns, no buried disclosures.
Plainspoken summary: We collect your email and a hashed password so you can sign in. Your tasks, asset details, and photos stay on your iPhone. When you use Pro AI features, the specific text or image you send goes to OpenAI or Google Gemini for processing — but never your full data, never persisted on our servers. You can delete your account and all our data anytime from Settings.
1. Information we collect
Account information
- Email address. Required for sign-in, password recovery, account management.
- Password (hashed). Stored as a bcrypt hash — never as plaintext. We cannot read your password.
- Display name (optional). If you choose to enter one during onboarding.
Subscription information
- Pro subscription status. A boolean flag (Pro / Free) and the date your Pro period started, if applicable.
- Daily AI usage counters. How many AI calls you've made today, used for rate limiting. Resets daily.
What stays on your iPhone
- Task titles, notes, due dates, completion history
- Asset names, photos, vendor info, custom fields
- Asset triggers (warranty / renewal dates)
- Subtasks, activity log, achievement progress
None of this leaves your device unless you explicitly use a Pro AI feature that requires it.
What we send to AI partners (only when you trigger Pro features)
- OpenAI — receives the specific text you type for parsing, OCR text from documents you scan, or your asset registry summary (asset names + categories only — no notes, no photos) for Q&A.
- Google Gemini — receives photo bytes for object identification when you tap "Snap to identify".
OpenAI and Google process the data per their respective API privacy policies. Per OpenAI's API policy, data is not used to train their models. Same for Google Gemini API. We do not persist these requests on our servers.
Conversation history
If we add conversational AI features, your messages are persisted on our database for 7 days for context continuity, then automatically deleted. You can clear your chat history anytime from Settings.
2. How we use your data
- To provide TaskCove's features (sync your account state, gate Pro features, run cloud AI calls you trigger).
- To send you account-related emails (password recovery, security alerts).
- To enforce daily AI usage caps so the service stays affordable.
- We do not use your data for advertising. We don't sell it. We don't share it with marketers or analytics providers.
3. Where data is stored
- Database: Supabase (AWS infrastructure, US-East region). AES-256 encryption at rest, TLS 1.2+ in transit.
- Authentication: Supabase GoTrue. Passwords hashed with bcrypt.
- Row-level security: Every database query is scoped to the authenticated user. No user can read another user's data, even via a malicious query.
- iOS device: SwiftData (local SQLite) stores your tasks, assets, photos. Encrypted at rest by iOS Data Protection.
4. Your rights
- Access — view all your data via the iOS app.
- Correction — edit anytime in the app.
- Deletion — Settings → Delete account and all data wipes your account and all server-side rows immediately. To delete the local copy on your iPhone, also tap "Delete all data" in Settings.
- Portability — Settings → Export to JSON gives you a complete dump of your data.
- EU/UK users (GDPR): you have the rights above plus the right to lodge a complaint with your local data protection authority.
- California users (CCPA): you have rights to know, delete, and opt out of any sale of personal information. We do not sell personal information.
5. What TaskCove is NOT for
TaskCove is for everyday household memory — appliances, vehicles, subscriptions, warranties, services. It is NOT designed for, and you should not use it to store:
- Government IDs (passport, driver's license, social security cards)
- Medical records or health data
- Financial account numbers, credit cards, banking statements
- Login credentials for other services
For those, use Apple iCloud Keychain, a dedicated password manager, or a secure document vault.
6. Children's privacy
TaskCove is intended for users 13 and older. We do not knowingly collect personal information from children under 13.
7. Changes to this policy
We may update this policy as TaskCove evolves. Material changes (new data collection, new third parties) will be flagged in the iOS app at next sign-in.
8. Contact
Questions or requests: contact@covelotech.com
CoveloTech LLC · Made with care for indie users.