Suracode — Privacy Addendum
This addendum supplements the Dignity Labs Base Privacy Policy. It details what data Suracode specifically collects and how it is handled.
We collect the minimum data necessary to provide the service. Your family's code word is encrypted on your device before it ever leaves — we cannot read it. Screenshots you scan are processed on your device and never uploaded. We do not store your name, email address, or any personally identifying information in our application database.
Our application database contains no personally identifying information. All user references are anonymous unique identifiers (UUIDs) that cannot be linked to your real identity without access to the authentication system (see Section SP3).
| Data Type | Purpose | Storage | Personal Data? |
|---|---|---|---|
| Anonymous User ID | Identify you within the App | Our database (a random UUID) | No |
| Family Name | Label for your family group | Our database | Only if you choose to include personal information |
| Family Code Word | Core functionality — sync across family devices | Our database (end-to-end encrypted — we cannot read this) | No (encrypted) |
| Family Region | Provide region-appropriate alerts and contacts | Our database (UK, US, or AU) | No |
| Membership Record | Record that you are a member of a family group | Our database | No |
| Timestamp Data | Track when code words are changed, check-ins recorded | Our database | No |
The App uses Google Sign-In or Apple Sign-In to verify your identity. Authentication is handled entirely by Supabase Auth. When you sign in:
Supabase acts as our data processor for authentication data. Their handling of this data is governed by their privacy policy and our data processing agreement.
| Data Type | Stored By | Dignity Labs Access | Purpose |
|---|---|---|---|
| Email address | Supabase Auth (not our tables) | We do not query or display this | Authentication |
| Display name | Supabase Auth (not our tables) | We do not query or display this | Authentication |
| Google/Apple unique ID | Supabase Auth (not our tables) | We do not query or display this | Authentication |
| Data Type | Purpose | Storage | Tier | Personal Data? |
|---|---|---|---|---|
| Check-in Records | Track family protection streak | Our database (anonymous UUID + date) | Free | No |
| Family Votes | Record Scam/Unsure/Safe votes | Our database (anonymous UUID) | Pro | No |
| Vote Descriptions | User-written label for the vote session | Our database | Pro | Only if you choose to include personal information |
| Scan Results | Record risk level and flagged indicators from scam checks | Our database (anonymous UUID, risk level, score, flagged URLs, phone numbers, and email domains) | Pro | No (no message content stored) |
| Feature | What We Do NOT Collect |
|---|---|
| Scam Pattern Checker | Screenshots, images, extracted text — pattern analysis is on-device. Pro features send extracted URLs, phone numbers, and email domains to external threat databases (no message content shared) |
| Family Voting | Screenshots you share externally |
| Deepfake Check | Video call content, recordings, or images |
The following data never leaves your device and is never transmitted:
Pro feature data that does leave your device: URLs, phone numbers, and email domains extracted from scanned text are sent to external threat databases via Supabase Edge Functions for checking. No message content, screenshots, or extracted text is shared. See the base Privacy Policy Section 6 for full details.
Suracode stores error logs on your device to help diagnose issues. This data is stored only on your device, is never transmitted automatically, and can only be sent if you choose to tap "Send feedback to Suracode" in Settings, which opens your email client with the log attached — you see everything before sending. It can be cleared at any time in Settings and contains no personal information.
No data leaves your device unless you explicitly choose to send it.
We explicitly do not collect: your name, your email address, your phone number, your location or GPS coordinates, your contacts list, your photos or media, your browsing history, advertising identifiers, any biometric data, screenshots you scan, content of video calls, or your Google or Apple password.
Your code word is encrypted on your device using AES-256-GCM before being transmitted. Our database stores only encrypted data. Even if our database were compromised, your code word would remain protected. Dignity Labs staff cannot read your code word. Law enforcement requests cannot reveal your code word (we don't have the key). You control who receives the invite code and how it's shared.
Screenshots are processed entirely on your device using ML Kit text recognition. Images never leave your device. For Pro subscribers, URLs, phone numbers, and email domains extracted from scanned text are checked against external threat databases via Supabase Edge Functions — no message content is shared. Scan results (risk level, flagged URLs, phone numbers, and email domains) are stored in our database linked to your anonymous UUID. When you close the screen, images and extracted text are discarded from your device.
We store: vote choice, voter's anonymous UUID, vote timestamp, and session description. We do NOT store screenshots, images, or the content being voted on. Votes are visible to family members only. Vote data is deleted when the session is closed or after 7 days.
We fetch alerts from our database based on your family's region. We do not track which alerts you view. Alerts are cached locally for offline access and refresh automatically. When you tap through to a source website, that site has its own privacy policy.
Your data is stored on servers provided by Supabase, Inc., located in the European Union (Frankfurt, Germany). Supabase complies with GDPR and maintains SOC 2 Type II certification. Supabase encrypts all stored data using AES-256 at rest. All connections use HTTPS/TLS. Row-level security ensures you can only access your family's data.
Note: Your code word is encrypted by the App before being sent to our database. Even though Supabase also encrypts data at rest, we add our own encryption layer so that only your family can read the code word.
Our zero-PII architecture means your exposure in the event of a server breach is limited. Our application database contains only anonymous UUIDs and encrypted data. The only personal data held on our infrastructure is your email address and display name, stored by Supabase Auth for authentication purposes.
| Service | Purpose | Privacy Policy |
|---|---|---|
| Supabase | Cloud database, real-time sync, authentication | supabase.com/privacy |
| RevenueCat | Subscription management and entitlements | revenuecat.com/privacy |
| Google Sign-In | Authentication | policies.google.com/privacy |
| Apple Sign-In | Authentication | apple.com/legal/privacy |
| Google Safe Browsing | URL threat checking (Pro feature, via Supabase Edge Function) | policies.google.com/privacy |
| ML Kit | On-device OCR (no data transmitted) | developers.google.com/ml-kit |
| Data Type | Retention Period |
|---|---|
| Active family data | Retained while family group exists |
| Deleted family data | Permanently deleted within 30 days |
| Authentication data | Deleted within 30 days of account deletion request |
| Local device data | Deleted immediately when you leave a family |
| Vote sessions | Deleted when closed or after 7 days |
| Check-in records | Retained while family group exists |
| Scan results | Retained while family group exists; deleted when family is deleted |
| Cached alerts | Refreshed every 24 hours; deleted on app uninstall |
| Support correspondence | 2 years from last contact |
To delete all your data: Open the App → Settings → Leave Family → Confirm. This removes your UUID, membership, votes, check-in records, and scan results. If you are the last member, the entire family group is deleted.
To delete authentication data: Contact [email protected] to request deletion of your Supabase Auth record.
We will process deletion requests within 30 days.
| Question | Answer |
|---|---|
| Do you sell my data? | No, never |
| Do you store my name or email? | Not in our application database. Authentication data is held by Supabase Auth. |
| Can you read my code word? | No, it's end-to-end encrypted |
| Can you see screenshots I scan? | No, scanning happens on your device only |
| Do you store my scan results? | Pro scans store risk level and flagged indicators (URLs, phone numbers, email domains) linked to your anonymous ID. No message content is stored. |
| Where is my data stored? | EU (Frankfurt, Germany) |
| Can I delete my data? | Yes, leave the family or contact us |
| Do you track me? | No. Diagnostics are stored on-device only and never sent unless you choose to |
This addendum was last updated on 31 March 2026.
© 2026 Dignity Labs Ltd · Company 16954194 · Registered in England and Wales · All rights reserved