Privacy Policy

Effective date: June 20, 2026 · Last reviewed: June 20, 2026

1. Who We Are

Heytomte ("we," "our," or "us") operates the family planning application Tomte, available at heytomte.com (the "Service"). The Service helps households coordinate calendars, tasks, chores, grocery lists, and meal planning across family members.

For questions about this policy, contact us at privacy@heytomte.com.

2. Information We Collect

Information you provide directly

  • Account information — your name and email address when you register.
  • Household information — household name and timezone.
  • Family member profiles — names and member types (adult or child) you enter for household members.
  • Calendar events — titles, dates, times, locations, and recurrence patterns.
  • Tasks and chores — titles, descriptions, assignees, schedules, and completion records.
  • Lists — shopping list items, grocery categories, and list names.
  • Meal plans and recipes — meal titles, recipe ingredients, and instructions.
  • Invite information — when you invite another person to your household, we store the invite link and its expiry.

Information collected automatically

  • Session data — an authentication token stored in your browser's local storage, used to keep you signed in. Tokens expire after 30 days.
  • Error and diagnostic data — if an error occurs in the app, we may collect a stack trace and basic context about which action triggered the error via our error tracking service. We do not intentionally collect personally identifiable information in error reports.

Information from third-party services

  • Google Calendar — if you connect a Google account, we receive your Google Calendar events and store an encrypted access token to keep the connection active. We only access calendars you explicitly authorize.

3. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and maintain the Service.
  • Sync and display your family's calendar, tasks, chores, lists, and meal plans across household members.
  • Process AI-assisted quick-add input (see Section 5 — Third-Party Service Providers).
  • Authenticate your identity and keep your session secure.
  • Sync with Google Calendar when you have connected an account.
  • Generate your household's iCal feed for use in external calendar apps.
  • Detect and fix errors and bugs in the Service.
  • Communicate with you about your account (password resets, invite links).

We do not use your information to serve advertising. We do not sell your data.

4. Information Sharing and Disclosure

We do not sell, rent, or share your personal information with third parties for their own marketing purposes.

We share information only in the following circumstances:

  • Within your household — information you add to the Service is shared with other members of your household account by design. The household owner controls who is a member.
  • Service providers — we share data with third-party providers that help us operate the Service (see Section 5). These providers are contractually bound to handle your data only as directed by us.
  • Legal requirements — we may disclose information if required by law, court order, or government authority, or if we believe disclosure is necessary to protect the rights, property, or safety of us, our users, or others.
  • Business transfer — if Heytomte is acquired or merges with another company, your information may be transferred as part of that transaction. We will notify you before your information is subject to a different privacy policy.

5. Third-Party Service Providers

The following third parties process data on our behalf as part of operating the Service:

Render (hosting infrastructure)

Your data is stored on servers operated by Render Services, Inc. All data is encrypted at rest and in transit. Render's infrastructure is hosted on AWS in the United States.

Anthropic (AI processing)

The AI quick-add feature (the ⚡ button) sends the text you type to Anthropic, PBC via their API for classification and parsing. This is the only feature that sends your input to an AI provider. Anthropic processes your input to return a structured result and does not retain it for model training under the terms of our API agreement. If you do not use the AI quick-add feature, no data is sent to Anthropic.

We minimize what is sent: before your input reaches Anthropic, our system pre-processes it to extract dates and times so the AI receives only what it needs to classify and parse your entry.

Google (Calendar integration)

If you connect a Google Calendar account, we interact with Google's Calendar API on your behalf. Google's use of your data when accessed through their API is governed by Google's own privacy policy. We store an encrypted access token for your connected Google account; we do not store your Google password.

Sentry (error tracking)

We use Sentry to capture application errors. Error reports may include stack traces and limited context about the action that triggered the error. We configure Sentry to minimize personal data in error reports.

Apple Push Notification Service / Firebase Cloud Messaging (push notifications)

When push notifications are enabled, device tokens are sent to Apple (iOS) or Google Firebase (Android) to deliver notifications. These providers do not receive the content of your family's data.

Resend (transactional email)

When email delivery is used for invite links and account notifications, email addresses are transmitted to our email delivery provider. Email content is limited to transactional messages such as invite links and password resets.

6. Children's Privacy

The Service includes features for managing child profiles within a family household. Child profiles are created and managed by a parent or guardian (the household owner) — children do not register or interact with the Service directly.

We do not knowingly collect personal information directly from children under the age of 13. All information about children in the Service is entered by a parent or guardian and is used solely to support family coordination features (chore assignments, calendar events, etc.).

If you believe we have inadvertently collected personal information from a child under 13 without parental consent, please contact us at privacy@heytomte.com and we will delete it promptly.

7. Data Retention

  • Account data — retained for as long as your account is active.
  • Session tokens — expire automatically after 30 days of inactivity.
  • iCal tokens — retained until you regenerate or revoke them in Settings.
  • Google Calendar tokens — retained until you disconnect the integration or delete your account.
  • Error logs — retained for 90 days in Sentry.

When you delete your account, we will delete your household's data, revoke any connected OAuth tokens, and invalidate your iCal feed. To request account deletion, contact privacy@heytomte.com. We will process deletion requests within 30 days.

8. Your Rights

All users

  • Access — you can view all data in your account through the app.
  • Correction — you can update your profile and household information in Settings.
  • Deletion — contact privacy@heytomte.com to request deletion of your account and associated data.
  • Data portability — your calendar data is exportable via iCal feed.

California residents (CCPA)

California residents have the right to know what personal information we collect, request deletion, and opt out of the sale of personal information. We do not sell personal information. To exercise your rights, contact privacy@heytomte.com.

EEA and UK residents (GDPR)

If you are located in the European Economic Area or United Kingdom, you have rights to access, rectify, erase, restrict processing, object to processing, and data portability. Our lawful basis for processing is performance of our contract with you (providing the Service). To exercise your rights or lodge a complaint with your local supervisory authority, contact privacy@heytomte.com.

9. Security

We take reasonable measures to protect your information:

  • Passwords are hashed using Argon2 and are never stored in plain text.
  • Session tokens are hashed with SHA-256 before storage; the raw token is only returned to you once at login.
  • Google OAuth tokens are encrypted at rest using AES-256-GCM.
  • All data in transit is encrypted using TLS.
  • iCal feed tokens are hashed before storage.

No method of transmission over the internet is 100% secure. We encourage you to use a strong, unique password for your account.

10. International Data Transfers

The Service is operated from the United States. If you access the Service from outside the United States, your information will be transferred to and processed in the United States, where data protection laws may differ from those in your country.

11. Changes to This Policy

We may update this policy from time to time. When we make material changes, we will update the effective date at the top of this page and notify active users by email or in-app notice. Your continued use of the Service after changes take effect constitutes acceptance of the revised policy.

12. Contact

For privacy questions, data deletion requests, or to exercise your rights:

Email: privacy@heytomte.com
Website: heytomte.com