PRIVACY POLICY

Tosh Labs ("we," "our," or "us"), a brand of Tosh Labs Private Limited, operates mobile applications available on Google Play Store, Apple App Store, and the Web. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our applications and services. We are committed to protecting your privacy and complying with applicable data protection laws including GDPR, CCPA, and the privacy requirements of Google Play Store and Apple App Store. By using our apps, you agree to the collection and use of information in accordance with this policy.

1. Information You Provide Directly Account Information: Email address, username, and password when you create an account (if applicable to specific apps). User Content: Data you input into our apps (e.g., text, files, calculations, notes). Note: Most of our apps process this data locally on your device and do NOT transmit it to our servers. Support Communications: Information you provide when contacting our support team, including email address and message content. Payment Information: Processed securely through Google Play, Apple App Store, or Stripe. We do NOT store payment card details. 2. Information Collected Automatically Device Information: Device model, operating system version, unique device identifiers (Advertising ID/IDFA - used only for analytics), screen resolution, and language settings. Usage Data: App features used, session duration, frequency of use, clicks, and navigation patterns (collected via Google Analytics, Firebase Analytics, or similar services). Crash Reports: Diagnostic information when the app crashes, including device state, stack traces, and error logs (collected via Firebase Crashlytics or similar services). Location Data: Some apps may request approximate location (city/country level) for features like timezone detection. Precise GPS location is NEVER collected without explicit user permission.

We use the collected information for the following purposes: App Functionality: To provide core features and services of our apps. App Improvement: To analyze usage patterns, fix bugs, and improve performance. Customer Support: To respond to your inquiries and provide technical assistance. Security: To detect and prevent fraud, abuse, and security incidents. Analytics: To understand user behavior and measure performance (aggregated and anonymized data). Communications: To send critical app updates, security alerts, and service announcements. Legal Compliance: To comply with applicable laws and regulations. We will NEVER sell, rent, or share your personal information with third parties for their marketing purposes.

We may share your information with trusted third-party service providers who assist us in operating our apps. These include: Google Firebase: Analytics, crash reporting, and cloud storage. Google Analytics: Usage statistics and behavior analysis. Stripe: Payment processing for premium features. Cloud Hosting: AWS, Google Cloud, or similar infrastructure providers.

Some of our apps are available in free versions supported by advertising. We use the following practices: Google AdMob: Displays personalized ads based on your interests and browsing behavior. Opt-Out Options: You can disable personalized ads through your device settings (iOS: Limit Ad Tracking; Android: Opt out of Ads Personalization). Children's Ads: We do NOT display personalized ads to children under 13. Apps for children are certified as family-friendly.

We retain your information only as long as necessary: Account Data: Retained while active; deleted within 30 days of request. Analytics Data: Aggregated statistics retained for 24-36 months. Crash Reports: Retained for 12-18 months. Local Data: Processed locally and NOT stored on our servers; deleted when you uninstall the app.

We implement industry-standard security measures: Encryption: TLS/SSL (HTTPS) for data in transit; AES-256 for data at rest. Access Controls: Strict employee authentication and need-to-know basis access. Audits: Periodic security assessments and vulnerability testing.

We take children's privacy seriously and comply with COPPA, GDPR, and app store requirements. Family-Friendly Apps (Ages 9+): • No personal information collection from children under 13 without verifiable parental consent. • No personalized advertising (contextual ads only). • No behavioral tracking identifying individual children. • No social features or chat functions that allow communication with strangers in apps targeting minors. Parental Responsibility: If you are a parent/guardian and believe your child has provided info without consent, contact us at [email protected]. We will delete it within 48 hours. By allowing your child (9+) to use the services, you accept full responsibility for their activity.

Tosh Labs operates globally. Your information may be transferred to and processed in countries other than your residence. We ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) for EU-US data transfers. We comply with international data protection frameworks to safeguard our users and our corporate interests globally.

Depending on your location, you have rights to: • Access: Request a copy of your personal info. • Erasure: Request deletion of your data. • Portability: Request data in machine-readable format. • Withdraw Consent: At any time for data processing. To exercise these rights, email: [email protected]

Our web-based apps use cookies for functionality, analytics, and preferences. You can manage cookies through your browser settings or opt-out tools like Google Ads Settings.

California residents have the right to know, delete, and opt-out of the "sale" of personal info. Note: Tosh Labs does NOT sell personal information.

For users in the EEA, UK, or Switzerland, we process data based on consent, contractual necessity, legitimate interests, or legal obligations. Contact our DPO at [email protected] for inquiries.

We comply with all store policies, including Google Play's Data Safety section and Apple's App Privacy labels and Tracking Transparency (ATT) framework.

We may update this policy periodically. Significant changes will be notified via in-app notifications or email. Your continued use of our apps constitutes acceptance of the updated policy.

Privacy Team Tosh Labs Private Limited Email: [email protected] DPO: [email protected] Response Time: Within 30 days of verified requests. Any legal inquiries or disputes regarding privacy are subject to the limitation of liability clauses defined in our Terms of Service.