Privacy Policy

Last Updated: June 2026

1. Scope

This Privacy Policy applies to the Covelo Tech LLC website, related product websites, and the apps we build, including Hari, SplashCenter, TaskCove, and TraderCove. We believe in a consistent, privacy-first approach across all our products.

Website Data

On the Covelo Tech website, we may collect limited website analytics and contact data to understand site usage and respond to visitors.

  • Website Analytics: We use Google Analytics to measure site traffic and page usage. Google may use cookies or similar technologies to provide these analytics.
  • Contact Data: If you contact us, we may collect the information you submit, such as your email address and message contents, along with basic server metadata needed to protect the form and operate the site.
  • No Sale of Data: We do not sell personal data collected through the website.

2. General Principles

Privacy First: We collect only the minimum data necessary to provide our services. Depending on the app and feature being used, some data may remain on-device while other limited data may be processed through our backend or trusted service providers to deliver functionality.

No Sale of Data: We do not sell personal data for money.

Transparency: We clearly disclose what data we collect and why.

App-Specific Privacy

Each product below has its own privacy section. Open the app you use to see the data practices, permissions, third-party services, and deletion path that apply to that specific app.

Hari App

Data We Collect

Free Users

For users on the free plan, all data is stored locally on your device. We do not collect or transmit any personal information.

  • Plant data and care schedules remain on your device
  • Photos are processed locally for plant identification
  • No account or sign-in required

Pro Users (With Account)

Pro users who choose to create an account and sync their data will have the following information stored securely in the cloud:

Account Information:

  • Email address (for account identification and recovery)
  • Username (unique public identifier for social features)
  • Display name (optional, for personalization)
  • Profile photo (optional)
  • Unique user identifier

App Data (synced to cloud):

  • Plant collection and care schedules
  • Plant photos
  • Plant notes and custom names (user-written text)
  • Custom plant species you create
  • User preferences and settings
  • Subscription status

Social Features (optional):

  • Friends list (usernames of accepted friends)
  • Public profile stats (level, plant count, streak)

Community Safety:

  • Block list (users you have blocked)
  • User reports (if you report inappropriate content or behavior, we store the report details securely for review)

Usage Data & Diagnostics

To improve the app experience and fix bugs, we collect usage data through Firebase Analytics and Crashlytics.

What We Collect:

  • App Usage: Features used (e.g., “watered plant”, “added plant”, “viewed profile”), session duration, screens visited
  • User Properties: Subscription tier (free/pro), level bracket, plant count bracket, streak bracket (used for analytics segmentation)
  • Device Information: Device model, iOS version, app version (helps identify device-specific bugs)
  • Crash Reports: Stack traces, error logs, and your user ID when the app crashes (helps us debug issues specific to your account)
  • Performance Metrics: App startup time, network request duration, feature load times (not linked to your identity)

What We DO NOT Collect: Location data, contacts, browsing history, or data from other apps.

Linked to Your Identity: App usage events and crash reports may be associated with your account to help us understand feature usage and debug issues. Performance metrics are collected anonymously. We do not use this data for advertising or share it with third parties for marketing purposes.

Device Permissions

  • Camera: Used for AI plant identification and taking photos of your plants. Images are processed on-device for identification.
  • Photo Library: Used to import existing photos of your plants.
  • Notifications: Used to send watering reminders and friend notifications. When enabled, we store a device token to deliver push notifications.

Third-Party Services

Google Firebase

Hari uses Firebase for the following:

  • Authentication: Secure sign-in via email or Google account
  • Cloud Firestore & Storage: Encrypted cloud storage for Pro user data and photos
  • Cloud Messaging: Push notifications for watering reminders and friend nudges
  • Analytics: Usage patterns (features used, session duration) linked to user properties for segmentation
  • Crashlytics: Crash reports with user ID for debugging
  • Performance Monitoring: App speed and responsiveness metrics (anonymous)
  • Remote Config: Feature flags for gradual rollouts

All data is encrypted in transit and at rest. Firebase Privacy Policy

RevenueCat

Used for subscription management and purchase validation. RevenueCat receives your anonymous user ID to link purchases. They do not receive your email, name, or plant data. RevenueCat Privacy Policy

Apple App Store

All payment processing is handled securely by Apple. We do not collect or store payment information. Apple Privacy Policy

Data Retention & Deletion

  • Account & Plant Data: Retained while your account is active. Deleted immediately when you use in-app deletion, or within 30 days for email requests.
  • Plant Photos: Stored in your private cloud storage while your account is active. Deleted with account deletion.
  • Friendship Data: Deleted when either party deletes their account or removes the friendship.
  • Crash Reports: Retained for 90 days to help identify and fix bugs.
  • Analytics Data: Aggregated, anonymized analytics retained for up to 14 months.

How to Delete: Use the “Delete Account” option in app settings, or contact us at [email protected]. In-app deletion immediately removes your data. Email requests are processed within 30 days.

SplashCenter App

Data We Collect

SplashCenter does not require an account. No email, name, or login is needed. We collect only the minimum data necessary:

Anonymous Identifiers:

  • Device Identifier (IDFV): A vendor-specific identifier used to help support abuse prevention and daily usage limits.
  • Install Identifier: A random install-scoped identifier stored on your device and sent to our backend to help protect AI features, apply daily limits, and process deletion requests. It is not tied to your name or email.

AI Chat & Comparison Data:

  • Questions you ask the AI chat are sent to our backend for processing. Message content is not stored on our servers after generating a response — only anonymous usage counters (message count per day) are retained to enforce daily limits
  • If you report an AI response, the report details (message content, device identifier, timestamp) are stored securely for up to 30 days for moderation review
  • Chat conversation history is stored locally on your device via SwiftData
  • AI processing uses third-party model providers and supporting services. Basketball questions and related context may be sent to those providers to generate responses

Local Storage:

  • Chat history stored locally on your device
  • Cached NBA data (scores, stats, images) stored locally for performance
  • SplashGuess game results and streaks are stored locally on your device
  • No personal information stored in local caches

Subscription & Purchase Data:

  • If you subscribe to SplashCenter Pro, Apple processes payment through your Apple ID. We do not collect or store your payment card, billing address, or Apple ID credentials.
  • RevenueCat and our backend receive subscription status details such as product identifier, entitlement status, renewal or expiration state, and an anonymous app-generated identifier so Pro access can be granted, restored, and validated.
  • Subscription status may be used for app functionality and aggregate product analytics, such as understanding free vs. Pro feature usage. It is not sold and is not used for third-party advertising.

Advertising:

  • SplashCenter displays ads through Google AdMob (banner and rewarded video ads)
  • AdMob may collect device identifiers — including the Advertising Identifier (IDFA) when you grant tracking permission — and usage data as described in Google's Privacy Policy
  • We request App Tracking Transparency (ATT) consent before enabling personalized ads
  • You can manage ad-related privacy choices through iOS Settings > Privacy > Tracking and the in-app Privacy & Ad Settings entry point when available

Diagnostics:

  • Crash reports (device model, iOS version, app version, stack traces) collected via Firebase Crashlytics to identify and fix bugs
  • Not linked to your identity — no account exists

Device Permissions

  • Network Access: Required to fetch live NBA scores, AI chat responses, and display ads.
  • Photo Library (Save): Used to save shareable Top 5 and comparison images to your photo library. No photos are read from your library.
  • Notifications: Used to alert you when a player has a monster performance. When enabled, we store a device token in our secure cloud database to deliver push notifications.
  • App Tracking Transparency: Requested before enabling personalized advertising. You may decline without any loss of app functionality.

Third-Party Services

Google Firebase

SplashCenter uses Firebase for the following:

  • Cloud Firestore: Server-side processing of AI requests, rate limiting, and usage tracking
  • Cloud Functions: Server-side AI processing, analysis generation, and scheduled data updates
  • Cloud Messaging: Push notifications for top performer alerts
  • Crashlytics: Crash reports including device model, iOS version, and stack traces for debugging
  • App Check: Client-side attestation is configured in the app and may be used as part of our abuse-prevention and backend hardening strategy

All data is encrypted in transit and at rest. Firebase Privacy Policy

Google AdMob

Used to display banner and rewarded video advertisements. AdMob may collect device identifiers — including the Advertising Identifier (IDFA) when tracking permission is granted — usage data, and diagnostic information. Google Privacy Policy

AI Services

SplashCenter uses AI services to power chat and analysis features:

  • OpenAI: Processes basketball questions to generate AI chat responses. OpenAI Privacy Policy
  • Google Gemini: May process basketball prompts and public sports context for analysis and comparison features. Google AI Terms
  • Tavily: May provide web-search context for basketball-related AI responses. Tavily Privacy Policy

YouTube Data API

Used to fetch and display game highlight videos for top performers. Subject to Google's Privacy Policy.

RevenueCat

Used for SplashCenter Pro subscription management and purchase validation. RevenueCat receives an anonymous, app-generated identifier and purchase-entitlement details needed to link, restore, and validate your subscription. It does not receive your email, name, payment card, or Apple ID credentials. RevenueCat Privacy Policy

Apple App Store

SplashCenter is distributed through the Apple App Store, and Apple processes SplashCenter Pro payments. Apple Privacy Policy

Data Retention & Deletion

  • Usage Counters: Daily AI chat message limits reset every 24 hours.
  • Subscription Records: Subscription entitlement records are retained as needed to provide Pro access, restore purchases, prevent abuse, support refunds or billing questions handled through Apple, and maintain required business records.
  • AI Chat Reports: If you report an AI response, reports are retained for up to 30 days for moderation review, then deleted.
  • Crash Reports: Retained for up to 90 days to identify and fix bugs.
  • Push Notification Tokens: A push token may be generated and stored to support notification capability. You can disable notification alerts in iOS settings, and the in-app Delete My Data flow removes the stored token from our backend.
  • Local Data: Chat history and cached data stored on your device can be cleared at any time via Settings > Delete My Data.

How to Delete: Use the “Delete My Data” option in SplashCenter settings to clear local data and request deletion of server-side usage, report, and notification-token records, or contact us at [email protected]. Email requests are processed within 30 days.

TaskCove App

Current Status

TaskCove is in active development. Public marketing pages for TaskCove currently use the website data practices described above.

Before Launch

  • We will publish product-specific privacy details before collecting production app data from public users.
  • Any beta or early-access testing may include additional in-product notices describing what data is collected and why.
  • TaskCove is expected to handle personal task and household information, so data minimization, clear deletion paths, and secure storage are core requirements before launch.
TraderCove App

Current Status

TraderCove is in active development for web and iOS. Public marketing pages for TraderCove currently use the website data practices described above.

Before Launch

  • We will publish product-specific privacy details before collecting production trading-intelligence app data from public users.
  • If TraderCove later supports accounts, watchlists, alerts, broker connections, portfolio import, payments, or other financial features, those data practices will be disclosed before use.
  • Any beta or early-access testing may include additional in-product notices describing what data is collected and why.

Data Security

We take the security of your data seriously:

  • All data transmitted to our servers is encrypted using TLS/SSL
  • Cloud data is stored in Firebase with strict security rules
  • We use industry-standard security practices
  • Access to user data is limited to essential personnel only

Your Rights

Depending on your location, you may have the following rights:

  • Access & Portability: Request a copy of your data in a portable format
  • Correction: Request correction of inaccurate data
  • Deletion: Request deletion of your data

To exercise any of these rights, please contact us at [email protected]. We will respond to valid requests within 30 days.

California Residents (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act:

  • Right to Know: You can request what personal information we collect about you
  • Right to Delete: You can request deletion of your personal information
  • Right to Opt-Out: We do not sell your personal information
  • Non-Discrimination: We will not discriminate against you for exercising your privacy rights

To exercise these rights, contact us at [email protected] or use the in-app deletion feature.

European Economic Area & UK (GDPR)

If you are located in the EEA, UK, or Switzerland, you have additional rights under the General Data Protection Regulation:

  • Right to Access: Request a copy of your personal data
  • Right to Rectification: Request correction of inaccurate data
  • Right to Erasure: Request deletion of your personal data
  • Right to Restrict Processing: Request we limit how we use your data
  • Right to Data Portability: Receive your data in a portable format
  • Right to Object: Object to processing based on legitimate interests
  • Consent Withdrawal: Withdraw ad consent at any time via in-app Privacy & Ad Settings

To exercise these rights, contact us at [email protected] or use the in-app deletion feature. We respond within 30 days.

Children's Privacy

Our apps are not directed to children under 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete that information as quickly as possible. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at [email protected] so we can take appropriate action. We comply with the Children's Online Privacy Protection Act (COPPA).

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the “Last Updated” date.

Contact Us

If you have any questions about this Privacy Policy, please contact us at:

[email protected]

Back to Home