Privacy Policy

1. Introduction

TeaOnMyBoo ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and related services (collectively, the "Service").

Please read this Privacy Policy carefully. By using the Service, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, do not use the Service.

2. Information We Collect

2.1 Information You Provide

• Account Information: Name, email address, and authentication credentials
• Profile Information: Display name (which we sanitize to "First L. from City, State" format), profile photos, and location information
• Verification Information: Government-issued identification documents submitted through Stripe Identity (we do not store or access this information directly)
• Content: Posts, comments, and other content you create on the platform
• Communication: Messages sent through the Service or to our support team

2.2 Information Collected Automatically

• Usage Data: Information about how you access and use the Service
• Device Information: Device type, operating system, unique device identifiers, and mobile network information
• Log Data: IP address, browser type, pages visited, time and date of visits, and other diagnostic data
• Analytics: Aggregated, anonymized data about user behavior and engagement

2.3 Information from Third Parties

We receive verification status from Stripe Identity, but we do not receive or store your actual identification documents. Stripe Identity handles all identity verification processes independently.

2.4 Sensitive and Biometric Data

Identity Verification: When you complete identity verification through Stripe Identity, you may be required to submit sensitive personal information, including government-issued identification documents (such as driver's licenses or passports) and, in some cases, biometric data (such as facial recognition scans or selfie photos for verification purposes).

Important: TeaOnMyBoo does not directly collect, store, or process your sensitive identification documents or biometric data. All identity verification is handled exclusively by Stripe Identity, a third-party service provider that is compliant with applicable data protection laws. We only receive your verification status (approved, pending, or rejected) from Stripe Identity, not the actual documents or biometric data you submit.

Stripe Identity's collection and processing of your sensitive and biometric data is governed by Stripe's own privacy policy and terms of service. We encourage you to review Stripe's privacy practices at stripe.com/privacyto understand how they handle your identification documents and biometric information.

3. Tracking Technologies and Analytics

We use various tracking technologies and analytics tools to understand how you use our Service and to improve your experience:

• Firebase Analytics: We use Firebase Analytics (provided by Google) to collect usage information and analyze user behavior. Firebase Analytics collects aggregated, anonymized data about how you interact with the Service, such as which features you use, how long you spend in the app, and general usage patterns. This data is used solely for improving our Service and is not used to track you across other apps or websites.
• Cookies and Similar Technologies: Our website may use cookies and similar tracking technologies to enhance your browsing experience, analyze website traffic, and understand user preferences. These technologies help us provide personalized content and improve our services.
• SDKs and Third-Party Tools: We integrate various software development kits (SDKs) from service providers (such as Firebase, Stripe, and Azure) to enable core functionality of the Service. These SDKs may collect technical information necessary for the services they provide.

Analytics and Opt-Out: The analytics data we collect is aggregated and anonymized, meaning it cannot be used to identify you personally. We use Firebase Analytics in a privacy-preserving manner that does not involve cross-app or cross-website tracking. While we do not currently offer an in-app analytics opt-out setting, you can manage your privacy preferences through your device settings. For iOS devices, you can control app tracking through Settings → Privacy & Security → Tracking. Note that disabling tracking may affect some app functionality.

We do not use analytics data for advertising purposes or share it with third parties for their marketing purposes. All analytics are used solely for improving our Service and understanding user needs.

4. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve the Service
• Verify user identities through Stripe Identity
• Moderate content using Azure AI Content Safety to ensure community safety
• Process payments and manage subscriptions
• Communicate with you about the Service, including customer support
• Send you updates, security alerts, and administrative messages
• Detect, prevent, and address technical issues, fraud, or abuse
• Comply with legal obligations and enforce our Terms of Service
• Analyze usage patterns to improve user experience (using anonymized, aggregated data)

5. Zero-Knowledge Architecture

Important: TeaOnMyBoo uses a zero-knowledge architecture for user-generated content. This means that your posts and comments are encrypted in such a way that we cannot read them. Even if we wanted to access your content, the encryption prevents us from doing so.

Content moderation is performed through automated systems (Azure AI Content Safety) that analyze content without human review of the decrypted content. We never "see" your posts in readable form.

6. Data Sharing and Disclosure

5.1 We Do Not Sell Your Data

We never sell, rent, or trade your personal information to third parties for their marketing purposes.

5.2 Service Providers

We share information with trusted service providers who perform services on our behalf:

• Stripe Identity: For identity verification (we only receive verification status, not your ID documents)
• Microsoft Azure: For content moderation, cloud infrastructure, and security services
• Firebase (Google): For authentication, database, and storage services
• Apple: For in-app purchase processing and authentication
• Analytics Providers: For usage analytics (using anonymized, aggregated data)

All service providers are contractually bound to maintain the confidentiality and security of your information.

5.3 Legal Requirements

We may disclose your information if required by law, regulation, legal process, or governmental request, or to protect the rights, property, or safety of TeaOnMyBoo, our users, or others.

5.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity, subject to the same privacy protections.

7. Data Security

We implement industry-standard security measures to protect your information:

• Encryption: All data is encrypted in transit (using TLS/SSL) and at rest (using AES-256 encryption)
• Zero-Knowledge Architecture: User content is encrypted so we cannot access it
• Secure Key Management: Encryption keys are managed through Azure Key Vault
• Access Controls: Limited access to personal information on a need-to-know basis
• Regular Security Audits: Continuous monitoring and periodic security assessments
• SOC 2 Compliance: Our infrastructure meets enterprise security standards

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security.

8. Your Privacy Rights

You can exercise the privacy rights described below through your account settings in the TeaOnMyBoo mobile application or by contacting us directly at info@teaonmyboo.com. We will respond to your requests in accordance with applicable law and within the timeframes required by your jurisdiction.

8.1 Access and Portability

You have the right to access, update, or correct your personal information through your account settings or by contacting us. You may also request a copy of your data in a portable format.

8.2 Deletion

You may request deletion of your account and personal information at any time. We will delete your information in accordance with applicable law, subject to certain exceptions for legal compliance, dispute resolution, or enforcement of our agreements.

8.3 Opt-Out

You can opt out of non-essential communications through your account settings or by contacting us. You cannot opt out of essential service communications.

8.4 GDPR Rights (European Users)

If you are located in the European Economic Area (EEA), you have additional rights under GDPR:

• Right to access your personal data
• Right to rectification of inaccurate data
• Right to erasure ("right to be forgotten")
• Right to restrict processing
• Right to data portability
• Right to object to processing
• Right to withdraw consent

8.5 CCPA Rights (California Users)

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA):

• Right to know what personal information we collect and how we use it
• Right to delete your personal information
• Right to opt-out of the sale of personal information (we do not sell personal information)
• Right to non-discrimination for exercising your privacy rights

9. Data Retention

We retain your personal information only for as long as necessary to provide the Service, comply with legal obligations, resolve disputes, and enforce our agreements. When you delete your account, we will delete or anonymize your personal information, subject to retention requirements for:

• Legal compliance and regulatory requirements
• Dispute resolution and enforcement of our Terms of Service
• Prevention of fraud and abuse
• Anonymized, aggregated data used for analytics (which cannot identify you)

10. Children's Privacy

The Service is not intended for users under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected information from a child under 18, we will delete that information immediately. If you believe we have collected information from a child under 18, please contact us immediately.

11. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from those in your country. We ensure that appropriate safeguards are in place to protect your information in accordance with this Privacy Policy, including through standard contractual clauses and other legal mechanisms.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. We may also notify you via email or through the Service for significant changes.

Policy Updates: We are committed to keeping this Privacy Policy current with evolving privacy laws and regulations, including new state privacy laws in the United States (such as those effective in 2025 and 2026) and international data protection frameworks. When we make material changes, we will provide appropriate notice as described above.

Your continued use of the Service after any changes constitutes acceptance of the updated Privacy Policy. If you do not agree with the changes, you may discontinue use of the Service and request deletion of your account as described in Section 8.2.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us at:

Email: info@teaonmyboo.com
Website: teaonmyboo.com/contact