Privacy Policy

Last updated: April 13, 2026

Draft notice: This Privacy Policy is a working draft.

This Privacy Policy explains how Ownur (“we,” “our,” or “us”) collects, uses, and shares information when you use the Ownur application and related services (the “Service”). By using the Service, you agree to the practices described here.

1. Information We Collect

Information you provide:

Account information — name, email, and password (stored as a hash, never in plain text). Optionally a phone number if you enable SMS reminders.
Asset information — details about homes, vehicles, appliances, bikes, pets, and personal maintenance tasks. This can include addresses, VINs, mileage, filter sizes, make/model/year, and photos you upload.
Task history — completions, notes, costs, and photos you log when you finish a task.
Household data — if you join or create a Household, members can see shared assets and tasks.
Support & feedback — messages you send us.

Information collected automatically:

Usage events — pages viewed, actions taken, and timestamps, used to improve the Service.
Device & log data — IP address, browser type, OS, and error logs.
Push subscription tokens — if you enable browser push notifications.

2. How We Use Your Information

Provide, operate, and maintain the Service.
Send reminders and transactional messages (email, SMS, push) based on your preferences.
Generate task guidance, including AI-assisted suggestions based on your inputs.
Authenticate you, secure your account, and prevent abuse.
Debug issues and improve reliability and performance.
Comply with legal obligations.

3. Service Providers We Use

We share information with a small number of third-party processors strictly to operate the Service. We do not sell your personal information.

Supabase — database hosting (Postgres).
Vercel — application hosting and serverless infrastructure.
Resend — transactional email delivery.
Twilio — SMS delivery (only if you opt in).
Anthropic — AI provider for task-guidance features. Inputs you send to these features are transmitted to Anthropic’s API.
Browser push services — operated by your browser vendor (e.g., Google, Apple, Mozilla) when you enable push notifications.

These processors are bound by their own terms and security practices. Review their policies for additional detail.

4. AI Features & Your Data

When you use AI-assisted features (e.g., task guidance), the relevant context you submit is sent to Anthropic’s API to generate a response. We do not use this data to train AI models, and per Anthropic’s API terms, neither does Anthropic. AI responses may be inaccurate — see our Terms for limitations.

5. Cookies & Local Storage

We use a small number of cookies and browser storage items that are essential for the Service to work — notably, an authentication session cookie (set by NextAuth) and local storage for user preferences. We do not use advertising or cross-site tracking cookies.

6. Your Choices & Rights

Access & update — view and edit most of your data directly in the app.
Export — request a copy of your data by emailing [email protected].
Delete — delete your account from the app, which removes your personal information from our active systems (subject to the retention period below).
Communication preferences — adjust email, SMS, and push channels at any time in the app; use the unsubscribe link in emails.

Depending on where you live, you may have additional rights under laws such as the California Consumer Privacy Act (CCPA/CPRA), Virginia’s VCDPA, or the EU/UK GDPR — including the right to know what we collect, to request deletion, to correct inaccuracies, and to opt out of the “sale” or “sharing” of personal information. We do not sell or share personal information for cross-context behavioral advertising. To exercise a right, email [email protected].

7. Data Retention

We retain account and asset data while your account is active. When you delete your account, we remove personal data from active systems within 30 days, except where we must retain certain records to comply with law, resolve disputes, or enforce agreements (for example, abuse reports or billing records, if applicable). Backups are overwritten on their normal rotation.

8. Security

We use industry-standard measures to protect your information, including encryption in transit (HTTPS), password hashing (bcrypt), access controls, and least-privilege database access. No system is perfectly secure; if you believe your account has been compromised, email us immediately at [email protected].

9. Children

The Service is not directed to children under 18, and we do not knowingly collect personal information from anyone under 18. If you believe a minor has provided us information, contact us and we will delete it.

10. International Users

Ownur is operated from the United States, and the processors listed above may store and process data in the United States and other countries. If you use the Service from outside the U.S., you consent to the transfer and processing of your information in the U.S.

11. Changes to This Policy

We may update this Privacy Policy from time to time. If changes are material, we will provide notice (for example, by email or an in-app banner) before they take effect. The “Last updated” date at the top reflects the most recent revision.

12. Contact

Questions, requests, or privacy concerns? Email [email protected].