Privacy Policy

Effective date: May 20, 2026  ·  Applies to: Nomi iOS & Android apps

1. Who We Are

Nomi is developed and operated by Sunflower Mori Studio ("we", "us", "our"). You can reach us at support@sunflowermori.com.

2. What Data We Collect

We collect only what is necessary to provide the app:

• Account data: email address and password (via Supabase Auth), or OAuth token if you sign in with Google or Apple.
• Profile data: display name and username you choose during onboarding.
• App usage data: tasks you create, focus sessions you complete, daily check-ins, and streaks.
• Device data: push notification token (if you grant permission), operating system, and app version — used only to send reminders you requested.
• Purchase data: subscription status via RevenueCat. We never see your full payment card details — those are handled by Apple/Google.

We do not collect: location, contacts, camera, microphone, browsing history, or advertising identifiers.

3. How We Use Your Data

• To operate the app and sync your data across devices.
• To send daily check-in reminders (only if you enable them).
• To manage your subscription and unlock Pro features.
• To diagnose crashes and fix bugs (via anonymized error logs).

We do not use your data for advertising, do not build behavioral profiles for third-party sale, and do not use AI/ML to make automated decisions about you.

4. How We Store Your Data

Your data is stored on Supabase, a SOC 2-compliant cloud database hosted on AWS (us-east-1). Data is encrypted in transit (TLS 1.2+) and at rest (AES-256). We retain your data for as long as your account exists. If you delete your account, all data is permanently deleted immediately (see Section 7).

5. Third-Party Services

Nomi uses the following third-party services, each with their own privacy policies:

• Supabase — database, authentication
• RevenueCat — subscription management
• Expo / EAS — push notifications (Expo Push Service)
• Google — Google Sign-In (optional)
• Apple — Sign in with Apple (optional), App Store payments

We do not share your personal data with any other third parties.

6. Age Requirement

Nomi is intended for users aged 18 and older. We do not knowingly collect personal information from minors under 18. If you are a parent or guardian and believe your child has provided us with personal data, please contact us at support@sunflowermori.com and we will delete it promptly.

7. Your Rights & Data Deletion

You have the right to:

• Access: request a copy of the data we hold about you.
• Correct: update your display name and email in-app at any time.
• Delete: permanently erase your account and all associated data. Go to Profile → Delete Account in the app. Deletion is instant and irreversible.
• Portability: contact us for a data export in JSON format.
• Opt out of notifications: disable reminders in Profile → Notifications or via your device settings.

If you are in the European Economic Area (EEA), UK, or California, you may also have additional rights under GDPR or CCPA. Contact us to exercise any of these rights.

8. International Transfers

Your data is stored in the United States. If you are located outside the US, your data is transferred to and processed in the US. By using Nomi, you consent to this transfer. We rely on Supabase's standard contractual clauses for GDPR compliance.

9. Security

We apply industry-standard security measures: encrypted connections, hashed passwords (managed by Supabase Auth), and row-level security policies that ensure users can only access their own data. No method of transmission or storage is 100% secure, but we do our best to protect your information.

10. Changes to This Policy

We may update this policy from time to time. When we do, we will update the "Effective date" above and, for material changes, notify you via an in-app notice. Continued use of Nomi after changes take effect constitutes acceptance of the updated policy.

11. Contact

If you have questions, concerns, or data requests, please contact us:

• Email: support@sunflowermori.com
• Website: sunflowermori.com