We do not sell your data. We do not show ads. You can delete every record you have ever logged with one button. That button is at the top of your account settings.The rest of this policy explains what we collect, why, and what your rights are.

1. Who we are
Talyq ("we", "us", "our") is a daily score-tracking application.
Privacy Policy applies to talyq.com, the Talyq mobile and web applications, and any other service we operate that links to this policy (together, the "Service").


2. What we collect
We collect the minimum information needed to run the Service.

-  2.1 Information you give us
Email address. Used to identify your account and to send transactional emails.
Payment information. When you pay for a subscription or founding-member access, payment details are collected and processed by Stripe (and, for some Indian users, Razorpay). We do not store your card number, CVV, or full bank details. We store only metadata such as the last four digits of your card and the payment status.
Logs you create. The virtues, vices, weights, and daily entries you create are stored to provide the Service to you.
Optional accountability partner email. If you choose to enable an accountability partner, we store their email address solely to deliver them your daily score.

-  2.2 Information collected automatically
Basic technical metadata required to deliver the Service, including device type, operating system, app version, and timestamps of logins and logs.
Aggregated, anonymized usage data used to improve the product. This data cannot identify you individually.

-  2.3 What we explicitly do not collect
We do not collect mood entries, free-text journal notes, photos, voice recordings, or contacts. These features do not exist in Talyq.
We do not use third-party advertising trackers, Facebook Pixel, Google Ads tags, or similar.
We do not access your device's microphone, camera, contacts, location, or health data.


3. How we use your information
We use your information only to:
- Provide the Service (calculate your score, store your history, deliver subscription features).
- Send transactional emails (welcome, payment receipts, password reset, account deletion confirmations).
- Respond to your support requests when you email us.
- Improve the product through aggregated, anonymized analysis.
- Comply with legal obligations.
We do not use your data for advertising, ad targeting, or to build behavioral profiles for sale or licensing to third parties.


4. Sensitive personal data
The behaviors you log on Talyq may include sensitive personal information about substance use, sexual habits, mental health-adjacent behaviors, or other private matters. We treat all logged data as sensitive personal information regardless of how you label it.
We will never share, sell, license, or analyze your individual log data with any third party for any purpose other than:
- Providing the Service to you (e.g., calculating your score on our servers).
- Generating aggregated, anonymized statistics that cannot be traced back to you.
- Responding to a valid legal order, when we are legally required to comply.


5. Who we share information with
We share information only with the following service providers, only to the extent necessary to operate the Service:Service Provider Purpose Data Shared Supabase Database hosting All account and log data Stripe / Razorpay Payment processing Email, payment information Postmark / Resend / Mailerlite Transactional emails Email address, transactional content Vercel / Webspacekit Web hosting Standard server-level metadataEach of these providers is contractually obligated to protect your data and use it only to perform services for us.We do not share your data with advertisers, marketers, data brokers, or analytics platforms outside of those listed above.


6. International data transfers
Talyq is operated from India. Some of our service providers (Stripe, Supabase, etc.) operate servers in the United States, European Union, and other regions. By using the Service, you consent to your information being transferred to and processed in these jurisdictions.
For users in the European Union, the United Kingdom, and other jurisdictions with data-export restrictions, we rely on Standard Contractual Clauses or equivalent legal mechanisms with our service providers.


7. Your rights
Regardless of where you live, you have the following rights with respect to your data:
- Access. You can request a copy of all data we hold about you. We will deliver it within 30 days.
- Correction. You can edit your virtues, vices, weights, and account email at any time inside the app.
- Deletion. You can permanently delete your account and all associated data with one button in the settings screen. Once you initiate deletion, your data is removed from our active database within 24 hours and from our backups within 30 days.
- Portability. You can export your data in CSV format at any time from the settings screen.
- Withdrawal of consent. You can stop using the Service and delete your account at any time. There are no penalties.
- Objection. You can email us to object to specific processing activities.
To exercise any of these rights, email hello@talyq.com. We respond within 7 days.

-  7.1 EU/UK users (GDPR)If you are in the European Economic Area or the United Kingdom, you have additional rights under the GDPR/UK GDPR, including the right to lodge a complaint with your local data protection authority.

-  7.2 California users (CCPA)If you are a California resident, you have rights under the CCPA, including the right to know what personal information we collect, the right to delete it, and the right to opt out of the "sale" of personal information. We do not sell personal information.

-  7.3 Indian users (DPDPA 2023)If you are an Indian resident, you have rights under the Digital Personal Data Protection Act, 2023, including the right to access, correction, and erasure. The Grievance Officer for Talyq is [YOUR NAME], reachable at hello@talyq.com.


- 8. Data security
We protect your data using industry-standard security practices, including:
- TLS 1.3 encryption for all data in transit.
- Encryption at rest for all stored data.
- Two-factor authentication available on user accounts (recommended).
- Regular security reviews of our infrastructure providers.
No system is perfectly secure. If we ever discover a data breach affecting you, we will notify you within 72 hours of becoming aware of it, including details of what was accessed and what steps you can take.


- 9. Data retention
- Active account data: kept as long as your account is active.
- Deleted account data: removed from active systems within 24 hours of deletion request; removed from backups within 30 days.
- Payment records: retained for 7 years to comply with tax and accounting laws in India.
- Aggregated, anonymized data: may be retained indefinitely.


10. Children
Talyq is not intended for users under 18. We do not knowingly collect data from anyone under 18. If we learn we have collected data from a person under 18, we will delete it immediately. If you are a parent or guardian and believe your child has used Talyq, email hello@talyq.com.


11. Changes to this policy
We may update this policy from time to time. When we make material changes, we will notify you by email at least 30 days before the changes take effect. The "Last updated" date at the top of this policy will reflect the most recent version.


12. Contact
For any privacy questions, email hello@talyq.com.