Apps by Shin Jungsoon

Privacy Policy

Effective: 2026-05-05 — Bundle ID: com.ootssu.paxio

What we collect

• Account info: your email address (if you sign up with email), or an opaque Apple user identifier (if you use Sign in with Apple). These are stored in Supabase Auth and are used only to identify your account.
• Daily check-in data: your anxiety score (1–10), the emotional triggers you select or describe, and any optional notes you add. This data is stored in our Supabase database under your account with row-level security — only you can read your rows.
• AI coaching conversations: the messages you send to Paxio and the responses you receive. Conversation messages are stored encrypted at rest in Supabase and are used solely to provide continuity across sessions. They are processed via a Supabase Edge Function and forwarded to Anthropic's Claude API. Anthropic does not retain your messages for model training.
• CBT exercise reflections: text you write during exercises and the exercise completion status. Stored in Supabase under your account.
• Subscription state: managed by RevenueCat and Apple StoreKit. We receive your entitlement status (Free Trial or Pro) and a RevenueCat anonymous ID. We do not receive or store credit card numbers or payment details.

What we don't collect

• We do not use advertising identifiers (IDFA/IDFV for ads).
• We do not track you across other apps or websites.
• We do not access your contacts, photos, camera, microphone, or location.
• We do not embed any analytics SDKs or third-party ad networks.
• We do not sell your data or share it with advertisers — ever.

Data storage and security

All user data is stored in Supabase hosted in the US region. Data is encrypted in transit (TLS) and at rest. AI conversation messages are additionally encrypted at the application level before storage. Row-level security policies ensure that no user can access another user's data.

Third-party services we use

• Supabase — database, authentication, and Edge Function host. Stores your account, check-in data, conversation history, and exercise reflections. Hosted in the US.
• Anthropic (Claude API) — powers AI coaching sessions and CBT exercise prompts. Invoked server-side via Supabase Edge Functions. Anthropic does not retain your messages for model training.
• RevenueCat — manages subscription entitlements. Receives an anonymous user ID and subscription state. No coaching or check-in data is shared with RevenueCat.
• Apple — used if you sign in with Apple. We receive an authentication token and (optionally) your email.

How long we keep your data

Your account data is kept for as long as your account exists. When you delete your account, all your data — check-ins, AI conversations, exercise reflections, and your auth record — is permanently and immediately removed by our paxio.delete_account() RPC. There is no backup we can restore from.

Account deletion

Delete your account at any time from Settings → Delete Account inside the app. This removes your auth record and cascades a hard-delete of all Paxio data within seconds.

Children

Paxio is intended for users aged 17 and older. We do not knowingly collect personal data from anyone under 17.

Contact

Privacy questions: [email protected].