Privacy Policy
Who we are
Ourlee is built and operated by Project Yoked LLC ("Ourlee", "we", "us"). The app exists to help two people who are dating, engaged, or married build a shared rhythm — together, in step. This Privacy Policy explains what information we access and collect, why we collect it, how we use it, who we share it with, and the choices and rights you have. It is written in plain English on purpose; a print-friendly copy is available at the hosted-archive link at the bottom of this document.
This policy covers our iOS app, Android app, and web app at https://www.ourlee.app (also reachable at https://ourlee.app).
The short version
- We collect the minimum we need to run a couples app.
- We never sell your data, and we never use your content to train AI — Ourlee has no AI features anywhere.
- There are no third-party advertising or analytics SDKs in the app.
- Most content you create is, by design, shared with the one partner you are linked to. Items you mark private stay visible only to you.
- Location is optional, off by default, and mobile-only. We collect GPS coordinates only if you turn on partner location sharing and grant your phone's location permission. Your linked partner is the only person who can see it; Ourlee staff cannot.
- You can export or delete your data at any time from You → Privacy & data.
Information we collect
The tables below summarize the categories of personal information we may collect. "You provide" means you enter or upload it. "Automatic" means our systems collect it when you use the app.
Account and profile (you provide)
| Data | Examples | Why we need it |
|---|---|---|
| Sign-in identity | Apple or Google subject ID; email when the provider shares it | Create and secure your account |
| Profile | Display name, optional avatar photo, optional gender and hometown, the nickname/term you use for your partner | Show who you are to your partner and personalize the app |
| Relationship info | Status (dating / engaged / married), anniversary, birthdays you add | Personalize the app for your couple |
| Age verification | The date of birth you attest to (or, where you choose, an age signal from Apple/Google), the method used, an age bracket, and whether you meet our minimum age | Confirm you are old enough to use Ourlee and keep a record that we checked, as app stores and law require |
Content you create (you provide)
| Data | Examples | Why we need it |
|---|---|---|
| Shared & private content | Notes, journal entries, photos, videos, drawings, albums, and files in your shared drive | Core couples features |
| Planning | Calendar events, plans, trips, goals, milestones, date-jar ideas, and "don't forget" reminders | Organize your life together |
| Connection features | In Step conversation-deck answers, Pulses (quick photo or drawing check-ins), and reactions | Stay connected day to day |
| Faith features | Prayer requests and answered-prayer testimonies, devotional highlights and notes | Devotional and prayer tools |
| Free-text places | Location names typed into calendar events or plans (not GPS) | Display where an event happens |
| Support messages | Your message plus optional diagnostics (app version, device model, OS, screen) | Answer support requests |
Device and technical data (automatic)
| Data | Examples | Why we need it |
|---|---|---|
| Push token | Opaque device token from Apple/Google push services | Deliver notifications you opted into |
| Device info | App version, platform (iOS / Android / web), language/locale | Operate, debug, and support the app |
| Request logs | Timestamp, API route, HTTP status, coarse IP address | Security, abuse prevention, debugging |
| Consent records | Which legal document versions you accepted, timestamp, IP, user agent | Prove consent and meet legal obligations |
| Purchase state | Subscription tier and entitlement flags from the app store or Stripe | Unlock Pro features and billing |
Location information (automatic — only when you opt in)
Location sharing is an optional feature available in our iOS and Android apps only. It is off by default. Live sharing is free; location history, drive trails, and partner low-battery alerts require Ourlee Pro (see Subscription Terms). We do not access or collect GPS coordinates on the web app, when sharing is turned off, or after you revoke your phone's location permission.
When you turn sharing on and grant location permission, we may access and collect the following:
| Data | Description |
|---|---|
| Precise geographic coordinates | Latitude and longitude from your device's GPS/GNSS receiver, plus horizontal accuracy in metres |
| Heading | Direction of travel, when available from the device |
| Speed | Travel speed in metres per second — only if you enable speed sharing in settings |
| Battery status | Battery percentage and whether the device is charging — only if you enable battery sharing in settings |
| Timestamps | Date and time each location reading was recorded |
| Collection context | Whether the reading came from foreground map view, background monitoring, a saved-place geofence, or drive detection |
| Saved places | Names and geographic coordinates (latitude, longitude, radius) for places you create as arrival/departure triggers |
| Place events | Arrival and departure timestamps when you enter or leave a saved place |
| Drive sessions | Start and end coordinates, route path, distance travelled, and maximum speed when our driving-detection feature records a trip |
When we collect location data:
- While sharing is on and the map is open — higher-frequency readings (roughly every 5 seconds) so the live map stays current.
- While sharing is on in the background — lower-frequency readings using the device's significant-change, visit-monitoring, region-monitoring, and motion-detection capabilities (roughly every 10 minutes or after ~500 m of movement on Android).
- During a detected drive — higher-frequency readings (roughly every 2 seconds) from drive start until drive end.
- At saved-place boundaries — a one-time snapshot when you enter or leave a geofence you created.
- When setting up a saved place — if you choose "use my current location" or geocode an address, we store the resulting coordinates as the place centre.
How we use location data:
- Show your live position to your linked partner on the in-app map, distance widget, and Together view.
- Calculate distance between you and your partner.
- Send arrival/departure notifications to your partner at saved places (if you enable them).
- Record drive sessions so your partner can see you are on the way and arrived safely.
- Match drive routes to roads on our servers when map-matching is enabled (see subprocessors below).
Who can see your location:
- Your linked partner only, subject to the precision you choose: exact coordinates, rounded to approximately 500 metres, or city-level only.
- Ourlee staff cannot see your live location.
- We do not sell location data, use it for advertising, or share it with data brokers.
Your controls:
- Turn sharing on or off at any time in Settings → Location.
- Pause sharing temporarily, hide your location from your partner, or limit precision.
- Toggle whether history, speed, and battery level are shared.
- Revoke location permission in your phone's system settings — this stops new collection immediately.
- Live location sharing is free. The history, drive-trail, and low-battery-alert add-ons require Ourlee Pro; cancelling Pro turns those off but does not stop live sharing.
Permissions we request (mobile only, when you enable sharing):
- iOS: "When In Use" and "Always" location access; motion/activity access for drive detection. Background location is used only while sharing is on.
- Android: fine and background location; foreground-service location during active map or drive sessions; activity recognition for drive detection.
On-device geocoding (not stored on our servers):
To show human-readable place names in the app, your device may call Apple or Google's on-device geocoding services to convert coordinates to an address string. Those lookups happen on your phone; we do not persist the resulting addresses on our servers.
IP-based approximate location (not GPS):
When you sign in, we may derive an approximate city, region, country, and timezone from your IP address to include in the security email we send you (e.g. "Signed in from Austin, TX, United States"). This is not GPS data, is not shared with your partner, and is cached for up to 24 hours.
Other device permissions (mobile)
Beyond location, and only when you use the relevant feature, the app may ask your device for:
| Permission | When we ask | What it is used for |
|---|---|---|
| Camera | When you take a photo or video to send | Capture a Pulse for your partner |
| Microphone | When you record a video to send | Record sound as part of a video Pulse — we never capture or store standalone audio |
| Photo library | When you pick or save media | Choose a profile picture, wallpaper, or photos/videos for your shared album, and save downloads back to your device |
| Calendar | When you connect a calendar | Read the calendars and events you select for two-way sync (on iOS this is paired with Reminders access, which we do not read) |
| Notifications | When you turn notifications on | Deliver the push notifications you opt into |
Each permission is requested the first time you use the feature, and you can change it any time in your phone's system settings.
Data we do not collect
We do not collect:
- Your contacts or address book
- Standalone microphone audio (sound is captured only inside a video you choose to record and send)
- Browsing history outside the app
- Advertising identifiers (IDFA / GAID) — there are no ad SDKs in Ourlee
- Location data of any kind when sharing is off, on web, or without OS permission
How we use information
- Provide the app — show you and your partner the content and features you use, sync across devices, and run optional location sharing when you enable it.
- Notifications — deliver push notifications and emails you opted into (partner reactions, event reminders, arrival nudges, drive alerts, daily verse) and essential service messages (security sign-in alerts, billing receipts, account changes).
- Security — rate limiting, abuse and fraud detection, debugging, and incident response.
- Payments — process subscriptions, storage add-ons, and theme purchases.
- Legal compliance — tax, accounting, and lawful requests.
We process this data because it is necessary to perform our contract with you (our Terms of Service), to pursue our legitimate interest in operating and securing the app, to comply with legal obligations, and — for optional features like push notifications and location sharing — based on your consent, which you may withdraw at any time in settings.
How we share information
- With your linked partner. Ourlee is a couples app, so shared content — and location data when you enable sharing — is visible to your partner by design. Private items and location when sharing is off are not.
- With service providers ("subprocessors") who process data under contract and on our instructions only:
- Supabase — managed PostgreSQL database hosting
- Cloudflare R2 — photo, video, and file storage + CDN
- DreamHost — application server hosting and our outbound transactional email (SMTP)
- Expo (Expo Application Services) — push-notification delivery, passed onward through Apple Push Notification service (APNs) and Google Firebase Cloud Messaging (FCM)
- Apple and Google — sign-in, push delivery, on-device geocoding, map display, and App Store / Google Play payments
- Google Calendar and Apple iCloud (CalDAV) (optional) — two-way calendar sync for the accounts you connect; we store your sync credentials encrypted
- Stripe — web subscription payments
- RevenueCat — mobile subscription state
- ip-api.com (optional) — IP-to-city lookup for sign-in security emails; can be disabled by us at any time
- Bible API and API.Bible — public-domain and licensed Scripture text for verses and devotionals; they receive only the verse reference being displayed, never your personal data
- Mapbox (optional fallback only) — temporary GPS trace processing for drive route map-matching when our self-hosted service is unavailable; not used for advertising
- Self-hosted Valhalla (optional) — drive route map-matching on our own infrastructure
- For legal reasons — to comply with law, enforce our terms, or protect users, the public, or us.
- In a business transfer — if Ourlee is involved in a merger, acquisition, or sale of assets, data may transfer under this policy.
We do not sell or rent your personal information, and we do not share it for cross-context behavioral advertising.
How long we keep it
| Category | Retention |
|---|---|
| Active accounts | While the account exists |
| Deleted accounts | Most personal data removed within 30 days; encrypted backups purged within 90 days |
| Dissolved couples — shared content | 30 days, then permanently deleted (export window for both partners) |
| Location pings, place events, drive sessions | Rolling 7 days, then automatically deleted |
| Live "last known" location | Overwritten by each new reading; not retained as history beyond the latest ping |
| Saved places | Until you delete them, turn sharing off permanently, or dissolve the couple |
| Location settings & preferences | Until account deletion |
| IP geolocation cache | Up to 24 hours |
| Legal, tax, and billing records | As long as law requires (commonly up to 7 years) |
Your choices and rights
Depending on where you live (including under the EU/UK GDPR and the California CCPA/CPRA), you may have the right to access, correct, delete, port, or restrict processing of your personal data, and to object or withdraw consent. You can exercise the core rights directly in the app:
- Export. You → Privacy & data → Export my data emails you a ZIP archive of your content.
- Delete. You → Privacy & data → Delete account removes your data subject to the retention windows above and cancels paid subscriptions.
- Notifications. Toggle per-category from settings at any time.
- Location. Turn off sharing, pause, change precision, or revoke OS permission from Settings → Location or your phone's settings.
To make any other request, email [email protected]. We will not discriminate against you for exercising your rights, and we aim to respond within the timeframe the applicable law requires (and otherwise within 30 days). If we ever deny a request you may appeal by replying to our response.
California residents: we do not sell personal information. We collect the categories listed in this policy for the business purposes described above. You may submit a "Do Not Sell or Share My Personal Information" request to [email protected]; because we do not sell data, we will confirm that no sale occurs.
International transfers
We are based in the United States and our providers may process data in the US and other countries. Where required, we rely on appropriate safeguards (such as the European Commission's Standard Contractual Clauses) for cross-border transfers.
Age and age assurance
Ourlee is not directed to children. You must be at least 18 years old (or the age of majority where you live) to use it.
To enforce this and to meet app-store and legal age-verification requirements, we ask for your date of birth when you set up your account — or, where your device supports it and you choose, an age signal from Apple or Google. We keep a record of the date of birth you attest to, the verification method, an age bracket, and whether you meet our minimum age, so we can confirm eligibility and show that we checked. We do not use this information for advertising and we do not share it with your partner.
We do not knowingly collect data from anyone under 18; if you believe a minor has provided us data, email [email protected] and we will delete it.
Security
We protect data in transit with TLS and at rest with provider-managed encryption, restrict internal access, and encrypt sensitive third-party credentials (such as calendar sync tokens). No system is perfectly secure, but we work hard to keep yours safe and will notify you and regulators of a breach where the law requires.
Changes to this policy
We will post the new version in the app and, for material changes, ask you to review and accept it before continuing. The "Last updated" date above always reflects the current version.
Contact
Questions, requests, or complaints? Email [email protected]. You can also write to Project Yoked LLC. If you are in the EEA/UK and are unsatisfied with our response, you may lodge a complaint with your local data-protection authority.