Data & Privacy
What data do you collect?
We collect your email to provide you with a user account, access to exercises from our course, and updates on the Tomo community.
We collect anonymised data on app usage and engagement, including: the photos you upload to Tomo, the device you are using, and your connection speed.
We do not collect or store your financial details, which are held and processed by our payment partners (Apple and Stripe).
Who can see my data?
The Tomo team can see anonymised app usage data, but do not receive any other information about you. We use this data to improve Tomo and its offering, like what habits are most effective for members. We do not share or sell user data to any third parties.
If you signed up outside of the app, we use your email to send you community updates and provide you with your course exercises. However, this is kept separate to the data we store in our app systems.
We pool app usage data into meta-data from our community members. Individual user data isn’t pulled out. The meta-data helps us improve our product and services.
From time to time we may invite members to participate in projects designed to examine the effectiveness of Tomo. Users who opt-in to these agree to have anonymised usage data shared with our research partners.
Who can see my photos?
Members share photos of their activities to celebrate the achievements in their day. As community members, you’ll support each other throughout your journeys. To do this, a small number of selected members can see your photo temporarily. Once checked by them, your photo is deleted from their device. No one can remove or save your photos. For your safety, our moderators monitor all the photos being shared and ask that you report any unsafe images.
I want you to delete my data
Your usage data is only ever stored in anonymised form but if you would like to exercise your right to have your data completely removed from our systems, please contact us at email@example.com. We’ll need the email that you signed up with and we aim to comply with such requests within 30 days.