Privacy Policy

This is the privacy policy for Dayo, a teen accountability and reward app made up of an iOS app and a parent web dashboard. We wrote this in plain English on purpose. If anything is unclear, email us at hello@dayo.co and we'll fix it.

• Teens use Dayo to set their own screen-time deals. Parents fund those deals with a credit card.
• We collect the minimum we need to make the deal work: a phone number for teens, an email for parents, and the daily minute count for the apps the teen chose to track.
• We never see which specific apps a teen picked. Apple gives us an opaque token, not a list.
• If you use Totem mode (pick a physical object as a key to unlock your apps), the photos stay on your phone. We only ever see a mathematical fingerprint of each photo — it cannot be reversed to reconstruct the image.
• We don't sell your data. We don't run ads. We don't share data with anyone outside the subprocessors listed below.
• Dayo is for users 13 and older. We do not knowingly collect information from anyone under 13.

Dayo is operated by Dayo Technology Inc.. Contact: hello@dayo.co.

From the teen

• Phone number. Used to sign you in via a one-time SMS code. Verified using Twilio.
• Display name. Whatever name you enter after signing up. Your parent sees this.
• Selected apps.When you pick apps to track, Apple gives Dayo an opaque "FamilyActivitySelection" token. We store the token. We cannot read which apps it represents — only Apple's system can.
• Daily usage minutes.Apple's DeviceActivity framework tells our app how many minutes you've used the apps inside your selection on a given day. We store the minute totals against your deal. We never receive per-app usage, app names, websites, or content.
• iOS push token (APNs). So we can send you deal reminders and notifications.

From the parent

• Email address. Used to send a magic-link sign-in (via Resend) and to email you receipts.
• Phone number. If you add one in your parent dashboard profile, we use it to send SMS recaps and deal updates via Twilio.
• Payment method. When you fund a deal, you enter your card on a Stripe-hosted form. Stripe stores the card. We only ever see a Stripe payment_method ID and a Stripe Customer ID — never the raw card number.

Things we generate

• Deal records (amount, duration, daily limit, status).
• Daily usage logs tied to a deal.
• Audit events (e.g. deal created, approved, broken, complete, charge succeeded).
• A per-deal HMAC secret used so the iOS shielding extension can authenticate to our backend.

If you use Dayo's Totem feature — picking a real-world object as a physical "key" to unlock your apps — here is exactly what we collect and where it lives.

• Your photos stay on your phone. When you set up a Totem, the iOS app captures 3 photos of the object you pick. Those photos are never uploaded, stored on our servers, or transmitted anywhere. They live only in iOS memory long enough to be processed on-device, then they're discarded.
• Feature print (image fingerprint).Each photo is run through Apple's on-device Vision framework, which produces a 768-dimensional numerical fingerprint called a feature print. This fingerprint is mathematically derived from the image but is not human-interpretable — it cannot be reversed to reconstruct the photo, and it does not identify a person. We store these fingerprints on our servers so the iOS app can match them against a fresh fingerprint computed at unlock time. Dayo does not perform facial recognition or any biometric identification.
• Anchor location.When you enroll a Totem we capture your device's GPS latitude and longitude at the moment of enrollment. This becomes the "anchor" — to unlock, you must be within ~30 meters of where you enrolled. We store the latitude and longitude on the server. We do nottrack your location at any other time and we don't record location history.
• Unlock sessions. Each lock and unlock attempt creates a session row recording the timestamp, the photo match distance, the GPS distance from the anchor, and the outcome. We use this only to gate the unlock and to show history in the parent dashboard if the parent funded the related deal. Solo users (no parent) have these records visible only to themselves.
• Schedule preferences.The days and times you choose for auto-locking (e.g. "weekdays 9am – 5pm") are stored on our servers so the lock can fire on schedule via iOS's DeviceActivity framework.
• Totem name.Whatever you call it ("Gizmo", "My Mug") — used for display only.

Totem photos and feature prints are deleted when you delete your Dayo account or archive the specific Totem. We do not sell, share, or expose any of this data to anyone outside of the subprocessors listed below (and Vision processing happens entirely on your iPhone, not through any subprocessor).

Dayo uses Apple's Family Controls, DeviceActivity, and ManagedSettings frameworks. These are the system APIs that allow Dayo to shield apps and read minute-level usage on the teen's own device.

• Dayo is set up for personal productivity / individual use: the teen authorizes Family Controls themselves on their own device. We are not pretending to be a parent-installed monitoring tool.
• The system shows an iOS authorization prompt the first time. You can revoke that permission at any time in iOS Settings → Screen Time.
• We use the data we receive from these frameworks (a selection token plus daily minute counts) only to run your deal — to know when to shield apps and to calculate any overage penalty.
• If you use Totem mode, Dayo also calls Apple's Vision frameworkon-device to compute the image fingerprint from your photo. Vision is built into iOS; it does not call out to Apple servers or any cloud service — fingerprints are computed locally on your iPhone's neural engine. Your photos do not leave the phone.
• Totem also uses iOS's Core Locationframework to read your GPS at two moments only: when you first enroll a Totem (to set the anchor) and when you try to unlock it (to verify you're near the anchor). It does not run in the background.

We use these third-party services to run Dayo. Each one only sees the slice of data it needs to do its job.

• Supabase (US-hosted) — database, authentication, and edge functions. Stores deal records, profiles, and usage logs.
• Stripe— payment processing. Handles card collection, vaults the card, and runs charges. Subject to Stripe's privacy policy at stripe.com/privacy.
• Twilio — sends SMS messages (phone OTP for teens, parent SMS notifications).
• Resend — sends transactional email (magic links, receipts), via our verified domain mail.dayo.co.
• Vercel — hosts the parent web dashboard.
• Apple APNs — delivers push notifications to your iOS device.
• Apple Family Controls / DeviceActivity / ManagedSettings — runs on-device shielding and provides usage data to the Dayo iOS app.

We don't share your data with any other third parties, and we don't sell or rent it.

We host on Supabase in the US and rely on Supabase's standard infrastructure security and Stripe's PCI-DSS certified vault for card data. We use TLS for data in transit between your devices and our servers. We try to be conservative about what we store, and we keep production access limited to the people who need it.

We are a small team. We are not making strong claims like "military-grade encryption" because we don't run that infrastructure ourselves — we rely on our hosting providers. If you want specifics about a particular subprocessor's security posture, write to us and we'll point you to their documentation.

Dayo is intended for users 13 and older. We do not knowingly collect personal information from anyone under 13. If you are under 13, please do not sign up. If you believe a child under 13 has signed up, email hello@dayo.co and we will delete the account and any associated data.

We do not currently support Apple's Family Sharing managed Apple IDs for children, which is the path Apple requires for under-13 use.

Regardless of where you live, you can:

• Access your data.Email hello@dayo.co and we'll send you a copy of what we have on file.
• Delete your account. Email hello@dayo.co or use the in-app delete option (when available). We will delete your profile, deals, usage logs, and audit events. Some records that we are legally required to retain (for example, payment receipts for tax purposes) may be kept by Stripe under their retention rules.
• Opt out of SMS or email. Toggles live in your Dayo settings. You can also reply STOP to any SMS to stop further messages from that sender.
• Revoke Family Controls authorization. Go to iOS Settings → Screen Time at any time. Dayo will stop receiving usage data and stop shielding apps. Any active deal will end without penalty calculation if usage data stops flowing.

If you delete the Dayo iOS app from your device, the app stops collecting usage. Your account and any open deals stay on our servers until you ask us to delete them or until the deal completes.

Dayo sends SMS messages to two groups of users via Twilio. By providing a phone number during sign-up (teen) or by allowing a teen to fund a deal in your name (parent), you consent to receive these messages. Standard message and data rates from your carrier may apply. Frequency varies based on deal activity, typically 1–10 messages per active deal per week.

Teens receive:

• One-time SMS verification codes during sign-in.
• Account-related transactional messages (deal funded, completed, broken).

Parents receive:

• Deal lifecycle notifications when a deal you fund begins, completes, or breaks.
• Daily and weekly progress recaps about deals you fund.
• Pending-deal reminders if you haven't reviewed a funded deal.
• One-time SMS verification codes for parent dashboard sign-in.

You can opt out of non-OTP SMS at any time by replying STOP to any message, or by toggling SMS preferences in your parent dashboard settings at parent.dayo.co/parent/settings. Reply HELP to any message for assistance, or email hello@dayo.co. We never share your phone number with third parties for marketing purposes.

If you live in California, the California Consumer Privacy Act (as amended by the CPRA) gives you specific rights on top of the ones above:

• Right to know.You can ask us what categories of personal information we collect, the sources, the business purpose, and who we share it with. The "What we collect, and why" and "Subprocessors" sections above already lay this out, but you can email hello@dayo.co to confirm specifics for your account.
• Right to delete. Same as the deletion right above — email hello@dayo.co.
• Right to correct.Email us if any data we have is wrong and we'll fix it.
• Right to opt out of sale or sharing. We do not sell your personal information and we do not share it for cross-context behavioral advertising. There is nothing to opt out of, but you can confirm in writing by emailing us.
• Right to limit use of sensitive personal information. We collect phone numbers (which CA classifies as sensitive) only to operate the service. We do not use them for inferences about you and do not need a separate limit-of-use mechanism.
• No discrimination. Exercising these rights will not change the service we provide you.

To exercise any of these, email hello@dayo.co. We may need to verify your identity (typically by confirming the phone or email tied to your account) before acting.

If you are in the EU, the UK, or another jurisdiction with similar law, you have these rights:

• Access, rectification, erasure — same as above, email hello@dayo.co.
• Restriction and objection— you can ask us to limit or stop certain processing. We'll comply unless we have an overriding legal reason.
• Portability— we'll send your account data in a structured machine-readable format (JSON) on request.
• Withdraw consent— where processing is based on consent (e.g., SMS notifications), you can withdraw it via the in-app toggles or by emailing us. This doesn't affect the lawfulness of processing before withdrawal.
• Lodge a complaint with your local Data Protection Authority.

Lawful basis. We process your information based on (a) the contract you enter into when you sign up and use Dayo, (b) your consent for things like SMS / push notifications, and (c) our legitimate interests in keeping the service secure and running.

International transfers.Our subprocessors (Supabase, Stripe, Twilio, Resend, Vercel, Apple) are primarily US-based. When data leaves your country, we rely on the relevant subprocessor's standard contractual clauses or equivalent safeguards. Stripe and Apple in particular publish their own GDPR compliance pages.

Retention. We keep your account data for as long as your account is active and for a reasonable time after closure to handle disputes, comply with our legal obligations, and enforce our agreements. Stripe retains payment records under its own schedule (typically 7 years for tax/audit reasons).

Data protection contact.For GDPR-specific questions, email hello@dayo.co with subject "GDPR request" and we will respond within 30 days.

• You delete the app mid-deal.The shielding stops. Without usage data we cannot bill an overage. Any pre-funded amount the parent already authorized may be released or partially released, depending on what we've already recorded.
• The parent revokes their payment method. New deals cannot be funded. An already-active deal will run to completion based on what we recorded, and we will attempt to charge the saved card. If that fails, we will email the parent and the deal will be marked broken.
• You revoke Family Controls. Same as deleting the app — usage stops, shielding stops.
• You uninstall the app while a Totem is locking. The shielding stops (iOS unlocks the apps once Dayo is gone). The Totem's saved fingerprints and anchor stay on our servers, so if you reinstall and sign back in, your Totem is still there. If you want them gone, delete your account.
• You enrolled a Totem at one place and moved. The anchor stays where it was — you'll need to delete and re-enroll the Totem from the new location to unlock there.

If we change this policy in a meaningful way, we'll update the effective date above and email parents who have an account with us. Continued use of Dayo after a change means you accept the new version.

Questions, requests, complaints: hello@dayo.co.