Privacy Policy
Last updated: May 24, 2026
This Privacy Policy explains what data Diffr collects, why we collect it, how we use it, and the choices you have. It reflects exactly what we have declared in Apple's App Store Privacy Nutrition Labels — what you see here matches what Apple shows on our App Store listing.
If you have any question after reading, write us at diffr@truake.com.
1. Who we are
Diffr (“we”, “us”) is a brand-discovery and shopping-companion iOS app operated by truake LLC (Apple Developer Team ID UH7D745P6G). This policy applies to the Diffr iOS app and the truake.com/diffr website.
2. What we collect, and why
Everything below is linked to your account identity — there is no anonymous data path in Diffr. We do not sell any of it, and we do not track you across other apps or websites.
| Data | Source | Why we collect it |
|---|---|---|
| Email address | Sign in with Apple (you can hide it via Apple's relay) | Account identification; you can sign back in even after reinstalling. |
| Name | Sign in with Apple (optional — you may omit) | Shown on your Profile, comments, and tier lists. |
| User ID | Derived from your Apple identifier (one-way hash → UUID) | Server-side data isolation. Your data is keyed by this ID across all of our tables. |
| Photos | You explicitly upload them via the Verification screen | Verify your purchase to award Diffr Credits. We never request access to your photo library — Apple's PhotosPicker shows the system gallery and only the photos you tap are shared with Diffr. |
| User-generated content | Your tier lists, scenes, brand ratings ("crowns"), comments | Store and display your content; aggregate ratings inform Top Picks; your patterns feed personalised recommendations (PSY-Match). |
| Product interaction | Brand pages you open, scenes you save, "Buy on …" buttons you tap | Improve sorting and recommendations; understand which categories are healthy enough to surface. |
| Purchase history | Which affiliate buttons you tapped (we do not see the actual purchase amount or your retailer account) | Credit your account after verification; sharpen your PSY-Match profile over time. |
We do not collect: precise location, contacts, calendar, health data, financial account numbers, browsing history outside the app, or device-level identifiers used for advertising.
3. How we use what we collect
In Apple's Privacy Label vocabulary, the purposes are:
- App Functionality — every data type above. Without it, account, content, or core features wouldn't work.
- Analytics — User Content, Product Interaction, Purchase History. We look at aggregated patterns to improve which brands rank well, which categories are healthy, and how the recommendation engine should evolve.
- Product Personalization — User Content, Product Interaction, Purchase History. Your PSY-Match profile (your declared style, ratings, and shopping patterns) is what makes the recommendations yours rather than a generic Top 100.
We do not use any data for:
- Third-party advertising
- Developer marketing or promotional messages (we don't send promotional email; account-related messages only, on your request)
- Other purposes outside what's listed here
4. What we explicitly do not do
- ❌ We do not display third-party ads.
- ❌ We do not share data with ad networks, data brokers, or attribution platforms.
- ❌ We do not sell data.
- ❌ We do not track you across other apps or websites.
- ❌ We do not embed Meta Pixel, Google AdMob, TikTok Pixel, Adjust, AppsFlyer, Branch, or any similar SDK.
5. Third-party services we use
Diffr is built on top of a small number of vendors. Each handles a slice of your data under their own privacy policy:
| Vendor | What it processes | Where |
|---|---|---|
| Apple — Sign in with Apple | Authentication, the email + name you grant | apple.com/legal/privacy |
| Supabase | Primary database (your account, content, ratings, follows, etc.) | supabase.com/privacy |
| Cloudflare R2 / Amazon S3 / Cloudinary | Stores the photos you upload for verification + brand/product imagery | cloudflare.com/privacypolicy/, aws.amazon.com/privacy/, cloudinary.com/privacy |
| Apple — StoreKit | If you subscribe to Diffr Pro, Apple handles all billing | apple.com/legal/privacy |
| OpenAI or Anthropic (only if you use the Pro “AI Coach” feature) | We send the transcribed text of your spoken intent (not audio) and your PSY vector. The transcription itself happens on your device via Apple's on-device speech recognition, so the audio never leaves your phone. | openai.com/policies/privacy-policy, anthropic.com/legal/privacy |
We do not share data with Google, Meta, TikTok, or any advertising platform.
6. Account deletion
You can delete your Diffr account from Profile → Delete Account inside the app. When you confirm, we immediately cascade-delete every row keyed to your User ID across our database — including but not limited to:
- Profile and preferences
- Tier lists and tier items
- Scenes and pack tasks
- Brand ratings (“crowns”), comments, likes, saves
- Achievement unlocks and loyalty progress
- Verification photos (storage entries are unlinked; raw images age out within 30 days on the storage provider's backup retention)
- Credit transaction history
- Follow / follower relationships in both directions
After this, your data is gone from our production database. Note: Apple's “Sign in with Apple” credential is a separate grant — to fully sever it, visit your phone's Settings → Apple ID → Sign in with Apple → Diffr → Stop Using Apple ID. We cannot revoke it for you because Apple's revocation API requires a server-side signing key.
If you want a copy of your data before deleting, email diffr@truake.comat least 7 days before and we'll send you a JSON export.
7. Data retention
| What | How long |
|---|---|
| Active account data | While your account exists |
| Deleted account data — production DB | Removed within minutes of you tapping Delete |
| Deleted account data — backups | Naturally aged out within 30 days (rolling backups overwrite) |
| Verification photo files in storage | Linked while account active; unlinked on deletion; physically purged on the next storage provider lifecycle pass (≤30 days) |
| Email logs (account-related transactional only) | Up to 12 months |
8. Your rights
Wherever you live, you can:
- Access — email diffr@truake.com asking for a JSON export of everything tied to your User ID.
- Delete — use the in-app “Delete Account” button. Or email diffr@truake.com if you can't sign in.
- Correct — most fields are editable in app. For anything that isn't, email us.
- Object / restrict — email us; we will stop processing and either delete or anonymise within 30 days.
If you are in the EU, UK, or California (GDPR / UK GDPR / CCPA), you also have the right to lodge a complaint with your local data-protection authority. We do not sell personal information under CCPA's definition.
9. Children
Diffr is rated 4+ on the App Store but the feature set (brand reviews, shopping recommendations) is built for adults and older teens. We do not knowingly collect data from children under 13. If you believe a child has signed up using their parent's Apple ID, email diffr@truake.com and we will delete the account.
10. International data transfers
Your data may be processed in the United States and the European Union depending on the vendor (Supabase, AWS, Cloudflare regions). Where applicable we use the EU Standard Contractual Clauses to cover the transfer.
11. Changes to this policy
If we materially change what we collect or how we use it, we will update this page and, where required by law, notify you in the app before the change takes effect. Minor wording changes (“clarified definition of …”) will just be reflected in the Last updated date at the top.
12. Contact
For questions, data requests, deletion help, or anything else about how we handle your data.