Privacy Policy

Tithe is built on a simple principle: your data is yours. We collect only what the app needs to function, we don't sell it, and we don't track you beyond what's necessary. This policy explains what we collect, why, and how it's handled.

Who we are

Tithe is operated by Tithe LLC, a New York limited liability company ("we," "us," "our"). If you have questions about this policy, reach us at support@takeyourtithe.com.

What we collect

Account information

• Name and email address, provided during sign-up via Sign in with Apple or email and password
• Account creation date
• IP address, collected at the time of Dwolla account creation as required by federal regulation

Bank account information

• Institution name, account name, masked account number (last 4 digits), and account type
• We never see, store, or have access to your full account numbers, routing numbers, or bank login credentials

Focus session data

• Session start and end times, stored both locally and on our servers
• Which apps you chose to block (stored locally on your device only — we never see this data)
• Redirect outcomes including transfer amounts, donation records, and fitness goal results
• Session events are used to compute aggregated community statistics (total hours focused, total members in session). These statistics are anonymous and contain no personally identifiable information

Fitness data (optional)

• If you choose the fitness redirect, we read step count, active calories, and exercise minutes from Apple HealthKit
• This data is read-only and used solely to verify your fitness goals
• We do not store your fitness data on our servers

Calendar data (optional)

• If you enable calendar sync, we read confirmed calendar events to auto-start focus sessions
• Calendar data is processed locally on your device and is not transmitted to our servers

What we don't collect

• Location data
• Contacts, photos, or camera access
• Browsing history
• Advertising identifiers
• Usage analytics or behavioral tracking

Community data (optional)

• If you opt in to community features, your display name and active session status are visible to friends you connect with via invite link
• Friend connections are created through invite tokens that expire after 48 hours
• No individual session details, financial data, or redirect outcomes are shared with other users

Transaction records

• For savings redirects: transfer amount, status, timestamp, and authorization text are stored on our servers for audit and compliance purposes
• For charity redirects: donation amount, selected organization, and outcome are stored locally on your device
• For fitness redirects: goal type, target value, and completion status are stored locally on your device

How we use your data

Your data is used for one purpose: making Tithe work.

• Account management — authenticating you and maintaining your settings
• Financial redirects — initiating ACH transfers between your own accounts when you break focus
• Identity verification — confirming you are the authorized holder of linked bank accounts, using Plaid Identity Match to compare your name and email against bank records
• Fitness verification — checking whether you met your fitness goal
• Community statistics — computing anonymous, aggregated metrics (total hours focused, total amount redirected, members currently in session) from session events. No individual data is exposed
• Friend connections — showing your display name and session status to users you've connected with via invite link
• Crash reporting — diagnosing app crashes to improve stability. Crash reports include a anonymized user identifier and device information but no personal or financial data

Third-party services

Tithe uses the following third-party services to operate. Each receives only the minimum data required for its function:

Plaid — Tithe uses Plaid Inc. ("Plaid") to link your bank accounts and verify account ownership. By using Tithe, you grant Tithe the right, power, and authority to act on your behalf to access and transmit your personal and financial information from your relevant financial institution. You agree to your personal and financial information being transferred, stored, and processed by Plaid in accordance with the Plaid End User Privacy Policy.

Plaid receives your bank credentials directly through its secure Link interface; we never see or store them. Plaid also receives your name and email for identity verification (Plaid Identity Match), comparing them against your bank's records to confirm you are the authorized account holder. Plaid may collect identifiers, financial account data, transaction history, and device information as described in its privacy policy. You may review the data Plaid has collected about you and request deletion by visiting the Plaid Portal.

Dwolla — processes ACH transfers between your own accounts. Each user is created as an individual Dwolla customer. Dwolla receives your first name, last name, email address, and IP address at the time of account creation, plus tokenized bank account references (processor tokens) for each linked account. No funds are pooled — all transfers move directly between your own checking and savings accounts. Dwolla's privacy policy: dwolla.com/legal/privacy.

Every.org — processes charitable donations when you choose the charity redirect. You interact with Every.org directly through an in-app browser. Tithe passes only the donation amount and app callback URLs to Every.org — we do not transmit your name, email, or any personal information. Your interaction with Every.org is governed by their own privacy policy: every.org/privacy.

Firebase (Google) — provides authentication, cloud database, serverless backend functions, and crash reporting. Your account data and transaction records are stored in Google Cloud infrastructure (Firebase Firestore), encrypted at rest and in transit. Firebase also powers Sign in with Apple and email/password authentication flows. Firebase's privacy documentation: firebase.google.com/support/privacy.

Apple (App Store, HealthKit, FamilyControls) — Subscriptions are billed and managed through Apple's App Store. Fitness data is read locally on your device via Apple HealthKit and is never transmitted to our servers or any third party. App blocking is managed entirely on your device through Apple's Screen Time (FamilyControls) framework — we do not receive data about which apps you block.

Data storage and security

Server-side (Firebase Firestore, Google Cloud): Account profile, Plaid access tokens, Dwolla customer references, transfer records, session events, and friend connections. All data is encrypted at rest and in transit. Plaid access tokens and Dwolla references are stored server-side only and are never accessible from your device.

On your device: Session preferences, blocked app selections, fitness goals and progress, schedule configurations, charity selections, and subscription status. This data is stored in your device's local database and shared app group container. Linked account display information (institution name, last 4 digits) is stored in the iOS Keychain.

All communication between the app and our servers uses TLS encryption. Financial operations are processed through Plaid and Dwolla's bank-grade, SOC 2-compliant infrastructure. We do not operate our own payment processing systems.

Organizational security practices

Tithe maintains the following organizational security practices to protect your data and the integrity of our systems:

Access control and de-provisioning

Access to production systems, databases, and third-party service accounts is granted on a least-privilege basis and tied to individual employee or contractor credentials. When a team member is terminated or changes roles, their access to all internal systems, cloud infrastructure, code repositories, and third-party platforms is revoked or modified within 24 hours through automated de-provisioning workflows. Shared credentials are rotated immediately upon any personnel change.

Zero trust architecture

Tithe operates under a zero trust access model. No user, device, or network is implicitly trusted. All access to internal systems requires identity verification, multi-factor authentication, and device posture validation regardless of network location. Service-to-service communication within our infrastructure is authenticated and encrypted. Access decisions are evaluated continuously rather than granted once at the perimeter.

Periodic access reviews and audits

We perform periodic reviews of all access privileges across production infrastructure, third-party services, and administrative tools. These reviews verify that access rights remain appropriate for each individual's current role and responsibilities. Unused or excessive permissions are revoked. Audit logs of access to sensitive systems and data are maintained and reviewed regularly to detect unauthorized or anomalous activity.

End-of-life software management

We actively monitor all software dependencies, frameworks, operating systems, and third-party components for end-of-life (EOL) status. Our policies require that EOL software be identified, evaluated for risk, and either updated to a supported version or mitigated with compensating controls before the end-of-support date. Dependency updates are tracked and applied as part of our regular maintenance cycle.

Vulnerability scanning

Tithe performs regular vulnerability scanning across our application code, infrastructure, and dependencies. This includes automated scanning of third-party packages for known vulnerabilities, static analysis of application code, and infrastructure configuration audits. Identified vulnerabilities are triaged by severity and remediated according to defined timelines. Critical vulnerabilities are addressed immediately.

Data retention

We retain your account data and transaction history for as long as your account is active. ACH transfer records are retained for compliance with federal financial record-keeping requirements. Session records are kept to provide your personal history and contribute to anonymous community statistics.

If you delete your account, we remove all associated data from our servers, revoke your Plaid bank connections, and deactivate your Dwolla customer account. Local data on your device is cleared when you uninstall the app. Subscription cancellation is managed separately through Apple — deleting your Tithe account does not automatically cancel your App Store subscription.

Your rights

You can:

• Access your data — view your session history, transaction records, and account details within the app
• Delete your account — permanently remove all your data from our servers through the app's settings
• Disconnect bank accounts — unlink your bank at any time through the app
• Revoke permissions — disable HealthKit, calendar, or notification access through your device settings at any time

For data access requests or questions, contact support@takeyourtithe.com.

Analytics and tracking

Tithe does not use third-party analytics services. We do not integrate advertising SDKs, behavioral tracking tools, or data brokers. The only diagnostic service we use is Firebase Crashlytics for crash reporting, which collects anonymized device and crash data to help us fix bugs. It does not track your behavior, browsing, or app usage patterns.

Do Not Track

Tithe does not track users across third-party websites or services and does not respond to Do Not Track signals because we do not engage in tracking.

New York residents

If you are a New York resident, you have the right to request disclosure of the categories of personal information we collect, the purposes for collection, and the third parties with whom we share it. You may also request deletion of your personal information. To exercise these rights, contact us at support@takeyourtithe.com or delete your account directly through the app.

Children's privacy

Tithe is not intended for users under 18. We do not knowingly collect data from minors. If you believe a minor has created an account, contact us and we will delete it.

Changes to this policy

If we make material changes to this policy, we'll notify you through the app or by email before the changes take effect.

Contact

Questions or concerns about your privacy? Reach us at support@takeyourtithe.com.