Third Arm Privacy Policy

Last updated: March 5, 2026

This Privacy Policy explains how Third Arm collects, uses, and protects information when you use it. By using the Service, you agree to this policy.

We collect and use only the minimum information required to provide authentication and store/sync the content you create in the App.

1. Information We Collect

Account Information

If you sign in: email address, name, and unique user ID (from Google Sign-In, Apple Sign In, or email/password).

Authentication is handled by Firebase Authentication. We do not collect or store passwords.

User-generated content you create (e.g., notes, diary entries, reminders) is stored in Firestore solely for App functionality. Images in the Images category are stored locally on your device only.

We do not collect location, contacts, device advertising IDs, browsing data, or any other unnecessary personal information.

Usage Data (automatic)

IP address, device/user-agent strings, access timestamps, and basic diagnostic data (collected by Firebase for security and service operation).

IP addresses are retained only temporarily (typically days to weeks).

2. How We Use Information

• Authenticate accounts and enable App features.
• Store, retrieve, and sync your user-generated content. Sync is enabled by default and cannot be turned off once you have an account, as it is required for the core functionality of the App (persistence and cross-device access).
• Maintain service security and respond to support requests.
• Comply with legal obligations.

The optional Gemini AI feature (unlocked via in-app subscription) is restricted to users 18 years and older. When used, selected user content or prompts you provide may be sent to Google's Gemini API for processing.

Google user data (from Sign-In or Firebase) is used only to provide the App's core features and complies with the Google API Services User Data Policy, including Limited Use requirements.

3. Sharing

Firebase (Google): Acts as data processor for authentication and storage/sync. See: Firebase Terms and Firebase Privacy.

Legal requirements: If compelled by law, court order, or to protect rights/safety.

In-app subscription is handled by Apple — no payment data is collected by us.

4. Retention

Account and content data: Retained while your account is active or needed for the Service.

Usage Data: Short-term retention per Firebase policy.

Account deletion (via App or email request): We delete your data promptly upon request. Firebase may retain backup copies for up to 180 days as part of its infrastructure.

5. Data Transfers and Security

Data may be processed in Google facilities (often US or global). Transfers have adequate protections via Google's compliance measures.

Firebase provides encryption in transit and at rest, access controls, and security standards. No method is 100% secure.

6. Children's Privacy

This App is intended solely for users 18 years of age or older and is not directed to children under 18. We do not knowingly collect or allow use by anyone under 18.

If we discover that we have collected personal information from a user under 18, we will delete it immediately.

7. Changes to This Policy

We may update this policy. Changes will be posted here with a new "Last Updated" date. Continued use after changes means acceptance.

8. Contact

Email: tobiasdevc@gmail.com