Privacy Policy

1. Introduction

Sudo Ego, Inc. ("Company," "we," "us," or "our") operates the SUDO EGO mobile application ("App" or "Service"). This Privacy Policy explains how we collect, use, store, and protect personal information from users ("you" or "User") of the App.

Operator Information

Age Restriction

SUDO EGO is available to users aged 18 and older only. We require age verification during account registration. If we learn that a user is under 18, we will immediately delete that account and all associated data.

Scope

This Privacy Policy applies to all personal information processed through the SUDO EGO App, our website at https://sudoego.app, and all related services. Third-party services linked within the App are governed by their own privacy policies, which we do not control.

2. Information We Collect

We collect only the minimum personal information necessary to provide the Service. Items we do not collect are expressly identified below.

A. Account Data

Data we do not collect: Raw passwords (Supabase Auth hashes passwords and we have no direct access), full legal name, phone number, physical address.

B. Identity Card Data

C. Voice Data

How Voice Processing Works:

SUDO EGO does not collect, store, or transmit raw voice audio. When you use Voice Mode for Ritual authentication, your voice is processed in real time by your device's operating system speech recognition engine — Apple's SFSpeechRecognizer on iOS and Google Speech Services on Android. We receive only the transcribed text result from the OS. That text is compared against your pre-set affirmation phrase and then immediately discarded from memory. The transcribed text is never transmitted to our servers.

For information about how Apple and Google process your voice, please review their respective privacy policies. For Illinois residents, see Section 15 (Illinois Biometric Information Notice).

D. App Usage Data

E. Ritual Activity Data

F. Social / Pulse Data

G. Technical Data

Data we do not collect: Precise or approximate location data, contacts, photo library (except images you explicitly upload for a card), Bluetooth identifiers, analytics SDK data (Amplitude, Mixpanel, and similar tools are not used), advertising identifiers (IDFA/GAID).

H. Payment Data

Data we do not collect: Credit card numbers, card expiration dates, CVV codes, or any other payment instrument details. Payment processing is handled entirely by Apple App Store or Google Play Store. We have no direct access to that information.

3. Sensitive Information

3.1 Sensitive Content in Identity Cards

Affirmation phrases users enter into Identity Cards may, depending on what the user writes, contain sensitive personal information, including:

• Religious beliefs or worldview
• Health conditions or medical information
• Sexual orientation or gender identity
• Political opinions
• Other sensitive personal matters

We do not analyze, classify, or use the content of these phrases for any purpose other than performing the matching function required to unlock the Ritual. You are solely responsible for the content you enter. If you set a card to Public, that content will be visible to other users of the App. We strongly recommend keeping cards that contain sensitive content set to Private.

Under applicable US state privacy laws — including Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), and others — we obtain your opt-in consent before processing sensitive data in Identity Cards. Under GDPR Article 9, processing of special category data (including data revealing religious or philosophical beliefs, health data, or data concerning sexual orientation) requires your explicit consent; this consent is obtained in-app and can be withdrawn at any time through your account settings.

3.2 Voice Data Processing

Raw voice audio is never collected. Please see Section 2, Category C (Voice Data) for a full explanation of how voice authentication is processed. For Illinois residents, see also Section 15 (Illinois Biometric Information Notice).

4. App Usage Data & System Permissions

4.1 Android System Permissions

PACKAGE_USAGE_STATS (App Usage Statistics)

• Why we need it: To detect when an app on your locked-app list has been launched, so that we can display the lock screen overlay.
• What we access: We check only whether a specific app you have configured is running in the foreground. We do not collect usage duration, usage frequency, or any other statistics.
• Server transmission: None. All processing occurs on your device.
• What we do not access: Usage data for any app not on your locked-app list, screen content, typed text.

AccessibilityService (Android)

• Why we need it: To detect in real time when a locked app moves to the foreground, allowing us to display the lock screen immediately rather than relying on polling.
• What we access: We monitor only whether a specific app you have configured has become the active foreground app.
• What we do not access: Screen content, typed text, passwords, any content from apps not on your locked-app list.
• Server transmission: None. All processing occurs on your device.

We configure canRetrieveWindowContent=false, explicitly disabling any ability to read screen content.

SYSTEM_ALERT_WINDOW (Draw Over Other Apps)

• Why we need it: To display the lock screen overlay on top of the blocked app when its launch is detected.
• What we access: This permission is used solely to render the overlay UI. We do not use it to read or interact with underlying app content.

FOREGROUND_SERVICE

• Why we need it: To keep the app-lock detection service running while the App is in the background, so that the lock screen appears even when SUDO EGO is not in the foreground.
• Notification: The operating system requires a visible notification while this service is active. A persistent notification will be displayed in your notification tray.

4.2 iOS System Permissions

Family Controls / Screen Time API

• Why we need it: To restrict access to the apps you have selected until your daily Ritual is complete.
• What we access: Only the apps you select through the FamilyActivityPicker interface.
• Server transmission: None. The entire process is handled locally within Apple's Screen Time framework.
• What we do not access: Actual usage time, usage frequency, or any other Screen Time statistics for any app.

Microphone Permission (NSMicrophoneUsageDescription)

• Why we need it: To receive your voice input when you use Voice Mode for Ritual authentication.
• How it is processed: Audio received through the microphone is immediately converted to text by the device OS (SFSpeechRecognizer). The raw audio is never stored. See Section 2, Category C for full details.

5. Third-Party Sharing

We do not sell your personal information to third parties. We do not share your personal information with third parties for targeted advertising purposes. We share personal information with service providers only to the extent necessary to operate the Service.

5.1 Service Providers

5.2 Other Circumstances for Disclosure

We may disclose personal information in the following limited circumstances:

• Legal obligations: In response to a court order, subpoena, government request, or other legal process, or to comply with applicable law.
• Protection of users: When disclosure is necessary to protect the life, safety, or property of any person.
• Business transfers: In connection with a merger, acquisition, asset sale, or similar transaction, subject to prior notice to you and subject to any acquirer being bound by terms no less protective than this Privacy Policy.

6. International Data Transfers

6.1 Transfers from the United States

Our servers are located in the United States (Virginia, AWS us-east-1, operated by Supabase). If you access the App from outside the United States, your personal information will be transferred to and processed in the United States. US privacy laws may differ from the laws of your country of residence.

6.2 Transfers from the EU/EEA (GDPR, Chapter V)

For users located in the European Economic Area, transfers of personal information from the EU/EEA to the United States are made pursuant to Standard Contractual Clauses (SCCs) incorporated into our Data Processing Agreement with Supabase. For information on whether Supabase has obtained EU-US Data Privacy Framework certification, please see Supabase's privacy page.

6.3 Transfers from Other Jurisdictions

For users located in the Republic of Korea, personal information is transferred internationally as described in the table below.

You have the right to refuse consent to international transfer; however, if you do so, you will not be able to use the Service.

7. Data Retention & Deletion

7.1 Retention Periods

7.2 Account Deletion Procedure

When you request deletion of your account, we process the request as follows:

1. Submit request: Via in-app Settings → Account → Delete Account, or by emailing contact@sudoego.app.
2. Processing time: All personal information is deleted within 30 days of receiving your request.
3. Scope of deletion: Account, Identity Cards, uploaded images, Ritual records, social activity records, technical data.
4. Exceptions: Data that we are legally required to retain, or the minimum data necessary to resolve an ongoing dispute, is retained until the applicable obligation or dispute is resolved.
5. Supabase backup: After we process your deletion request, Supabase's internal backup systems will fully purge your data within an additional maximum of 7 days.

7.3 Voice Data Automatic Disposal Policy

Raw voice audio is not collected. STT transcribed text is discarded from memory immediately after the matching check is complete and is never sent to any server. There is no retention period because there is no stored data.

8. Your Rights

8.1 Rights Available to All Users

Regardless of where you live, you may exercise the following rights with respect to your personal information:

8.2 Additional Rights for EU/EEA Users (GDPR)

If you are located in the EU or EEA, you also have:

• Right to Object (Art. 21): You may object to processing based on our legitimate interests. We will cease processing unless we can demonstrate compelling legitimate grounds.
• Right to Object to Automated Decision-Making (Art. 22): We do not make decisions with legal or similarly significant effects about you based solely on automated processing.
• Right to Withdraw Consent (Art. 7(3)): Where processing is based on your consent, you may withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing prior to withdrawal.
• Right to Lodge a Complaint: You have the right to file a complaint with the data protection supervisory authority of your EU/EEA member state. A list of EU DPAs is available at edpb.europa.eu.

8.3 US State-Specific Rights

Rights Available to Residents of Virginia, Colorado, Connecticut, Texas, Delaware, New Hampshire, New Jersey, Tennessee, Minnesota, Nebraska, Indiana, Kentucky, Rhode Island, Iowa, Montana, Oregon, Utah, and Other States with Enacted Privacy Laws

• Right to access personal data we hold about you
• Right to correct inaccurate personal data
• Right to delete personal data
• Right to data portability
• Right to opt out of the sale of personal data — We do not sell your personal data
• Right to opt out of targeted advertising — We do not engage in targeted advertising
• Right to opt out of profiling in furtherance of decisions that produce legal or similarly significant effects — We do not engage in such profiling
• Right to opt in before we process sensitive personal data (applicable in Virginia, Colorado, Connecticut, and other states with opt-in requirements for sensitive data)

Global Privacy Control (GPC): We recognize the Global Privacy Control signal as required by Colorado (CPA), Oregon (OCPA), and other laws that mandate recognition of a Universal Opt-Out Mechanism (UOOM). If we receive a GPC signal from your browser or device, we will treat it as a request to opt out of the sharing of your personal information.

Response Time: We will respond to rights requests within 45 days of receipt. If we require additional time (up to 45 additional days), we will notify you in advance.

Appeals: If we deny your request, you may appeal by contacting us at contact@sudoego.app. We will respond to your appeal within 60 days.

Maryland (MODPA) — Data Minimization: In compliance with Maryland's data minimization requirements, we collect only data that is reasonably necessary to provide the Service. We do not collect location data, contacts, photo libraries (beyond images you explicitly select for a card), Bluetooth identifiers, or advertising identifiers.

9. Children's Privacy

9.1 Age Restriction

SUDO EGO is available only to users who are 18 years of age or older. We do not knowingly collect personal information from anyone under the age of 18.

9.2 Age Verification

We require age verification during account registration. Users who cannot confirm they are 18 or older will not be permitted to create an account.

9.3 Handling of Minor Data

If we become aware that personal information has been collected from a user under the age of 18, we will delete that information without delay. If you believe a minor's personal information has been collected by our Service, please contact us immediately at contact@sudoego.app.

9.4 Applicable Law

• COPPA (US): The Children's Online Privacy Protection Act applies to services directed at children under 13. Because SUDO EGO restricts users to age 18 and above and implements age verification, COPPA does not apply; however, our age verification mechanism is designed to prevent collection of data from any child.
• California AADC: The California Age-Appropriate Design Code applies to services likely to be accessed by children under 18. Because we restrict the Service to users 18 and older, this law does not apply to our Service.

10. Cookies & Similar Technologies

10.1 Mobile App

The SUDO EGO mobile App does not use third-party tracking cookies or advertising identifiers (IDFA / GAID). We store a Supabase authentication token in your device's secure storage to maintain your login session. This token is deleted when you log out or delete your account.

10.2 Website (sudoego.app)

Our website at sudoego.app uses only essential functional cookies required for basic site operation (e.g., session management). We do not use advertising cookies or cross-site tracking cookies. A cookie notice is presented separately when you visit the website.

11. Security Measures

We implement technical and organizational measures to protect your personal information against unauthorized access, loss, alteration, or destruction.

11.1 Technical Safeguards

11.2 Organizational Safeguards

• Access to personal information is restricted to personnel who need it to perform their job functions.
• Personnel handling personal information receive regular security training.
• Internal procedures governing the handling of personal information are established and maintained.

11.3 Data Breach Response

In the event of a personal data breach:

• Within 72 hours: We will notify the relevant supervisory authority (where required under GDPR or applicable US state law) if the breach is likely to result in a risk to the rights and freedoms of individuals.
• Without undue delay: We will notify affected users directly if the breach is likely to result in a high risk to their rights and freedoms.
• Notification channel: Notification will be sent to the email address associated with your account, and/or via in-app notice.

12. Changes to This Policy

12.1 How We Notify You

We will notify you of changes to this Privacy Policy as follows:

• Minor changes: Update the "Last Modified" date at the top of this document, with a notice posted within the App.
• Material changes: Email notice to the address associated with your account plus an in-app pop-up notice, provided at least 30 days before the changes take effect.
• Examples of material changes: Adding new categories of data collected, adding new third-party service providers, or changing the purposes for which data is used.

12.2 Continued Use

If you continue to use the Service after a revised policy takes effect, that constitutes your acceptance of the revised policy. For material changes, we will request your affirmative consent before the change takes effect. If you do not consent, you may stop using the Service or delete your account.

13. Contact Information

13.1 Privacy Officer / Data Protection Officer

For questions about this Privacy Policy, to exercise your privacy rights, or to submit a complaint, please contact:

We will respond to privacy rights requests within 45 days of receipt. For GDPR requests, we will respond within the one-month period required by applicable law (extendable by two additional months for complex requests, with prior notice).

13.2 Supervisory Authorities

If you are not satisfied with our response to your privacy concern, you have the right to contact the applicable supervisory authority:

14. California Privacy Notice (CCPA/CPRA)

14.1 Categories of Personal Information Collected — CCPA Mapping

14.2 Sale or Sharing of Personal Information

SUDO EGO does not sell California residents' personal information and does not share California residents' personal information with third parties for cross-context behavioral advertising purposes.

Because we do not sell or share personal information as defined under CCPA/CPRA, a "Do Not Sell or Share My Personal Information" opt-out link is not legally required. Nonetheless, to ensure you can exercise your rights, you may submit any opt-out request at any time by emailing contact@sudoego.app.

14.3 California Residents' Rights

14.4 Automated Decision-Making Technology (ADMT)

The SUDO EGO app-lock feature operates based solely on conditions you configure in advance (your list of locked apps and your Ritual schedule). We do not use algorithmic profiling to analyze your behavior and make automated decisions. Users retain full control over their settings at all times.

14.5 How to Exercise Your California Rights

California residents may submit up to two free requests per 12-month period. To exercise your rights:

• Email: contact@sudoego.app
• In-app: Settings → Account (for deletion and certain other rights)

We will verify your identity before processing your request and respond within 45 days. If additional time is needed (up to a 45-day extension), we will notify you.

15. Illinois Biometric Information Notice (BIPA)

15.1 Non-Collection of Biometric Data

SUDO EGO does not collect, capture, purchase, receive through trade, or otherwise obtain biometric identifiers or biometric information as defined under BIPA.

When you use the Voice Mode feature for Ritual authentication, your voice is processed entirely by your device's operating system speech recognition engine — Apple's SFSpeechRecognizer on iOS and Google Speech Services on Android. The App receives only the text result produced by the OS; it does not directly access, record, or store your raw voice audio. Accordingly, the App does not collect "biometric identifiers" (including voiceprints or retina or iris scans) or "biometric information" as those terms are defined in BIPA.

Because we do not collect biometric data, we do not have a written policy governing its retention and destruction schedule as described in 740 ILCS 14/15(a), as that provision applies only to entities that do collect such data.

15.2 Texas Biometric Data Notice (CUBI)

For users in Texas, with respect to the Texas Capture or Use of Biometric Identifier Act (CUBI, Tex. Bus. & Com. Code § 503.001 et seq.): because we do not capture or use any biometric identifier (including voice prints or retina or iris scans), CUBI does not apply to our processing activities.

15.3 Other State Biometric Laws

The same principle applies to users in Washington State (RCW Chapter 19.375), Arkansas (Ark. Code Ann. § 4-110-103), and any other jurisdiction with laws governing biometric data: we do not collect raw voice audio or any other biometric identifier, so those laws' collection, consent, and retention requirements are not triggered.

15.4 Contact for BIPA Inquiries

For any questions related to this notice or BIPA compliance, please contact us at contact@sudoego.app.

Appendix: Data Category Summary