Totelo Privacy Policy

Where this privacy notice applies

Totelo is an accountless utility app. Coverage under this Privacy Policy applies to information handled when the app is used, when a purchase is processed, when content is stored or submitted through the app, or when a privacy or legal request is sent to the operator.

This Policy also applies to service activity needed to operate, maintain, secure, and improve the app. If a separate notice is presented for a specific service or provider, that notice may also apply to the relevant processing.

Private Content Context

Content added to the app may be personal to the person using it. The operator treats user-provided content and related app records as information that should be handled with restraint, used only for appropriate app, support, legal, and security purposes, and shared only as described in this Policy.

Users should avoid submitting information they do not have the right to provide. If content includes information about another person, the user is responsible for having an appropriate basis to add or manage that information through the app.

What counts as covered app information

Information covered by this Policy may include content provided by the user, app activity data, device and diagnostic information, purchase-related records received from app marketplaces or payment processors, and communications sent to the operator. The exact information involved can vary based on device settings, app version, marketplace requirements, and the way the app is used.

Some information is generated automatically for operational reasons. This may include technical logs, crash reports, device identifiers used for diagnostics or fraud prevention, approximate network information, app performance data, and records needed to confirm access to paid functionality.

Payment processing is handled through the applicable app marketplace or payment provider. The operator may receive limited purchase confirmations, transaction status, receipts, or entitlement information, but full payment card details are handled by the payment provider under its own rules.

How Information Is Used

Information is used to operate the app, provide purchased access or functionality, maintain reliability, respond to requests, protect against misuse, troubleshoot problems, and comply with legal obligations. App records may also be reviewed to understand performance, diagnose errors, preserve security, or defend legal rights.

For users in the European Economic Area, the United Kingdom, or another place requiring a lawful basis, processing is based on one or more of the following grounds: performance of a contract when the app or a purchase is provided; consent where required for optional choices; legal obligation where records must be kept or disclosed; legitimate interests in security, service operation, fraud prevention, and ordinary business administration; and legal claims where information is needed to establish, exercise, or defend rights.

Sharing and Service Providers

The operator works with vendors for limited tasks such as app operation, data hosting, diagnostics, purchase support, security, and administrative handling. Those vendors receive only the information reasonably tied to their role and are expected to act under service-purpose limits.

Disclosure can also occur for legal compliance, marketplace requirements, enforcement of terms, protection of rights, misuse review, or a business transfer involving the app or its assets.

Totelo may involve infrastructure located in different countries. For cross-border handling, the operator relies on appropriate contractual, technical, and organizational protections where the law requires them.

Storage and Deletion

App records are retained only while they serve an operational, purchase, security, legal, or dispute-related purpose. Different categories follow different timelines because short-lived technical data does not require the same treatment as marketplace or legal records.

After a record no longer has a valid purpose, the operator deletes it, de-identifies it, aggregates it, or separates it from active use where practical. Backup timing, legal holds, fraud review, or marketplace obligations may delay final removal.

Security Measures

Access to app information is limited through a mix of operational controls, provider safeguards, and security review appropriate to the nature of the records involved. Protective measures are adjusted as the app, providers, and risks change.

Security cannot be absolute for any mobile service. Users should keep their devices and platform credentials protected and should avoid sending sensitive details through public channels.

Policy Updates and Privacy Requests

Version information for this Privacy Policy: effective date 2026-06-07; last updated 2026-06-07.

The operator may revise this Policy when the app, legal requirements, provider arrangements, or operational practices change. Updates will be posted through the privacy page or another reasonable notice method. Continued use after an updated Policy becomes available means the updated terms apply to information handled after the update, subject to any consent rights required by law.

What changes when a child or younger user is involved

Totelo is intended for users who have the legal capacity to use mobile apps and make decisions about the information they provide. If a parent or guardian believes a minor has provided information in a way that requires review or deletion, the request channel below can be used to ask for appropriate action.

The operator may limit, delete, or refuse processing where information appears to have been provided by a person who cannot validly consent or otherwise use the app under applicable law.

Privacy choices that may be available under law

Users may have choices and rights regarding their information, including access, correction, deletion, objection, restriction, portability, withdrawal of consent, or appeal of a privacy decision where applicable law provides those rights. Some rights may be limited by legal duties, marketplace records, security needs, or the rights of others.

Device settings and marketplace settings may also provide controls over app permissions, diagnostics, purchases, and communications. Those settings are managed by the device platform or marketplace and may operate separately from requests sent to the operator.

Privacy requests will be handled according to applicable law. The operator may need enough information to understand the request, confirm authority to act on it, and locate relevant records, but requests should avoid sending unnecessary sensitive details.

Privacy requests for Totelo go to message@totelo.app. The operator uses that mailbox for privacy routing and responds according to applicable law.