Privacy Policy

Last Updated: April 4, 2026

This Privacy Policy explains how Westerby Labs LLC d/b/a Tottli ("Tottli," "we," "our," or "us") collects, uses, shares, and protects personal data when you use the Tottli website, iPhone app, Apple Watch features, widgets, and related services (collectively, the "Services").

Controller and contact

Westerby Labs LLC d/b/a Tottli

Privacy and legal notices: legal@tottli.com

Product support: support@tottli.com

202 N CEDAR AVE STE 1 OWATONNA MN 55060 USA

1. Scope

This Privacy Policy applies globally to the Services and to personal data we process about caregivers, website visitors, waitlist subscribers, and customer-support contacts. By using the Services, you also agree to our Terms of Service.

2. Personal Data We Collect

Information you provide directly

  • Account details such as your email address, display name, and authentication-related details.
  • Child profile information and caregiving records you choose to add, such as names, dates, timestamps, notes, and activity details.
  • Household and caregiver-sharing details, including invited email addresses, team roles, and invitation status.
  • Support, legal, or privacy correspondence you send to us.
  • Website waitlist or launch-notification information, currently your email address.

Information we collect automatically

  • Device, app, and service metadata such as app version, operating system, and technical diagnostics.
  • Authentication and session metadata needed to keep accounts secure and synced across Tottli services.
  • Local app state stored on your device for offline use and later synchronization.
  • Optional analytics events and optional iPhone session replay data when you grant in-app consent.
  • Website request metadata, including timestamp and IP-derived request details used to protect the waitlist form against abuse.

Current providers used to process data

  • Supabase for authentication, database storage, realtime sync, edge functions, and website waitlist storage.
  • RevenueCat for subscription and purchase-state orchestration.
  • Apple for App Store billing, subscription management, restore flows, and Family Sharing eligibility.
  • PostHog for optional analytics and optional iPhone session replay.
  • Sentry for consent-gated error monitoring and diagnostics.

A current service-provider list is available on our Subprocessors page.

3. How We Use Personal Data

  • Provide account access, onboarding, logging, syncing, reminders, caregiver sharing, premium access, and related product features.
  • Maintain service security, prevent fraud and abuse, and protect accounts and infrastructure.
  • Process purchases, restore entitlements, and help you manage Apple-billed subscriptions.
  • Respond to support, privacy, legal, and account requests.
  • Send waitlist or launch-update communications when you ask us to do so.
  • Operate, improve, troubleshoot, and monitor the Services.
  • Comply with legal obligations and enforce our terms and policies.

4. Lawful Bases

Where applicable under local law, we rely on one or more of the following lawful bases:

  • Contract: to provide the Services you request, including account access, syncing, caregiver sharing, and premium features.
  • Legitimate interests: to secure the Services, prevent abuse, troubleshoot issues, improve reliability, and respond to routine support needs.
  • Consent: for optional analytics, optional iPhone session replay, and waitlist or launch-notification emails where consent is required.
  • Legal obligation: to comply with laws, regulations, lawful requests, and recordkeeping obligations.

5. Analytics And iPhone Session Replay

Analytics and iPhone session replay are optional. Tottli starts with analytics disabled and asks for consent before enabling them. Declining consent, or later turning it off, does not block core app use or premium access.

  • On the current iOS release, one in-app analytics choice controls both analytics and iPhone session replay.
  • PostHog session replay masks text inputs.
  • Some sensitive interface fields are selectively masked in the app UI.
  • Images and other screen content may still be visible in replay captures.
  • Replay network telemetry is disabled.
  • Sentry user context and manual diagnostics honor the same analytics-consent gate.

6. Waitlist And Launch-Notification Emails

If you join the Tottli launch list on our website, we currently collect your email address and request metadata such as source-IP information and submission timestamp through our Supabase-backed waitlist flow.

  • Purpose: to send launch updates and related availability notices for Tottli.
  • Current provider: Supabase stores the waitlist entry and related request metadata.
  • Retention: we keep waitlist data until you unsubscribe, ask us to delete it, the launch-notification purpose is complete, or the data is otherwise no longer needed for that purpose.
  • Unsubscribe: contact legal@tottli.com or support@tottli.com. If future launch emails include an unsubscribe link, you may use that link as well.

7. How We Share Personal Data

We do not sell personal data or share it for cross-context behavioral advertising.

We may disclose personal data in these limited circumstances:

  • To the service providers identified above so they can perform services on our behalf.
  • To caregivers, family members, or household collaborators you authorize inside the app.
  • To Apple for App Store billing, renewals, restore flows, refunds, and Family Sharing eligibility where applicable.
  • To advisors, auditors, law enforcement, regulators, or courts when legally required or reasonably necessary to protect rights, safety, or security.
  • As part of a merger, financing, acquisition, reorganization, or sale of assets, subject to appropriate confidentiality and transition protections.

8. International Transfers

Tottli and our service providers may process personal data in countries other than the one where you live, including the United States. Where required by law, we use contractual commitments or other appropriate safeguards designed to protect transferred personal data.

9. Data Retention

We retain personal data for as long as reasonably necessary for the purposes described in this Privacy Policy, including to provide the Services, comply with law, resolve disputes, and enforce agreements. Retention can vary by data type:

  • Account and profile data: generally while your account remains active. If you delete your account, we begin removing this data from active systems promptly.
  • Child, household, and activity data: generally while your account or shared household relationship remains active, then removed from active systems when deletion is processed.
  • Support and legal emails: retained for as long as needed to respond, keep a record of the request, and comply with legal or operational obligations.
  • Waitlist and launch-notification emails: retained until you unsubscribe, request deletion, or the launch-notification purpose is complete.
  • Analytics and replay data: retained in PostHog according to our current configuration and internal review needs, and not kept longer than necessary for those purposes.
  • Backups and logs: may remain for a limited time on rolling disaster-recovery, audit, and security-retention schedules before being overwritten or deleted.

Account deletion does not necessarily mean every copy disappears instantly from every backup or log. We initiate deletion promptly in active systems, then allow residual copies to age out under normal backup, security, and recovery processes.

10. Your Privacy Rights And Choices

Depending on where you live, and subject to local law, you may have the right to:

  • Request access to personal data we hold about you.
  • Request correction of inaccurate or incomplete personal data.
  • Request deletion of personal data.
  • Request a copy of certain personal data in a portable format.
  • Object to or request restriction of certain processing.
  • Withdraw consent for consent-based processing at any time.
  • Complain to a regulator or supervisory authority where applicable.

Use the in-app settings where available, or contact legal@tottli.com for privacy or rights requests. For product support, contact support@tottli.com.

11. Children And Child-Related Data

Tottli is intended for adult caregivers. We do not knowingly create direct consumer accounts for children. Information about children is provided by adult caregivers for caregiving and household coordination.

12. Security

We use administrative, technical, and organizational measures designed to protect personal data. No security measure is perfect, and we cannot guarantee absolute security.

13. Changes To This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will post the revised policy with an updated "Last Updated" date and take any additional steps required by law.