Privacy Policy

PRIVACY POLICY

Last Updated: June 2026

This Privacy Policy describes how Cedar & Fog Labs, LLC ("we", "us", or "our") collects, uses, and shares your information when you use the Settlewood application ("App").

1. INFORMATION WE COLLECT

Account Information: Email address and password (stored securely via Amazon Cognito).

Photos: Images you upload of rooms and storage areas. Photos are stored in Amazon S3, encrypted at rest and in transit, and are only visible to you.

Analysis Results: AI-generated analysis of your uploaded photos, including tidiness scores, zone assessments, and action item recommendations.

Device and Usage Data: We collect usage analytics through PostHog, including which screens you visit, actions you take in the App (such as uploading photos, running analyses, and managing rooms), your browser or device type, operating system, screen size, and referring URL. We do not collect precise location data. IP-based geolocation is disabled in our analytics configuration, though your IP address may be transiently processed by PostHog's servers. You can opt out of analytics tracking at any time in Settings > Privacy.

Advertising and Measurement Data: We work with Meta to measure and improve our advertising. On our marketing website, the Meta Pixel collects online identifiers (such as cookie identifiers and IP address) and information about your interactions with the site (such as pages viewed and sign-ups). Where you have permitted tracking on your device, we may also share advertising and subscription-measurement data from the App (such as app installs and whether a free trial converted to a paid subscription) with Meta. See Sections 3 and 7 for details and your choices.

EXIF Metadata: Photos may contain EXIF metadata including GPS coordinates. We automatically strip EXIF metadata (including geolocation data) from all uploaded photos on our servers before permanent storage.

2. HOW WE USE YOUR INFORMATION

• To provide the room analysis service
• To store and display your photos and analysis history
• To maintain and improve the App
• To authenticate your identity and secure your account

3. THIRD-PARTY DATA SHARING

Anthropic (AI Analysis): When you request a room analysis, your photo is sent to Anthropic's Claude AI API for processing. Specifically: - The photo and an analysis prompt are sent to Anthropic's API - Anthropic processes the data to generate analysis results - Anthropic retains API data for up to 30 days for safety monitoring, then deletes it - Anthropic does not use API data for model training - You must provide explicit consent before any photo is sent to Anthropic

For more information, see Anthropic's privacy policy and API data usage policies.

PostHog (Analytics): We use PostHog to understand how the App is used and to improve the experience. PostHog receives usage events (such as screen views, feature interactions, and purchase activity), browser and device metadata, and a pseudonymous user identifier. PostHog does not receive your photos, analysis results, or email address. You can opt out of analytics tracking at any time in Settings > Privacy. For more information, see PostHog's privacy policy at posthog.com/privacy.

Sentry (Crash Reporting): We use Sentry to detect and diagnose app crashes and errors. When a crash or unhandled error occurs, Sentry receives the error message, stack trace, device type, operating system version, and app version. Sentry does not receive your photos, analysis results, or email address. Crash reporting is disabled when you opt out of analytics in Settings > Privacy. For more information, see Sentry's privacy policy at sentry.io/privacy.

RevenueCat (Subscription Management): We use RevenueCat to manage subscription purchases, validate App Store, Google Play, and Stripe receipts, and track subscription status across devices. RevenueCat receives a pseudonymous user identifier (your account UUID), subscription receipt data, and subscription state changes. RevenueCat does not receive your photos, analysis results, or email address. For more information, see RevenueCat's privacy policy at revenuecat.com/privacy.

Meta (Advertising and Measurement): We use Meta's advertising tools to measure the performance of our ads and to reach people who may be interested in Settlewood. On our marketing website, the Meta Pixel may send Meta online identifiers (such as cookie identifiers and IP address) and information about your interactions with the site (such as pages viewed and sign-ups). Where you have permitted tracking on your device, we may also share advertising and subscription-measurement data from the App (such as app installs and whether a free trial converted to a paid subscription) with Meta. Meta does not receive your photos, analysis results, or email address. For more information, see Meta's Privacy Policy at facebook.com/privacy/policy. See Section 7 for how to limit this sharing.

Each of the third parties listed above engages its own sub-processors to provide their services (for example, cloud hosting and monitoring vendors). Current lists of those sub-processors are published by each provider on their respective trust or compliance pages.

4. DATA STORAGE AND SECURITY

• Photos are stored in Amazon S3 in the US East (N. Virginia) region
• All data is encrypted at rest (AES-256) and in transit (TLS 1.2+)
• User authentication is handled by Amazon Cognito with SRP (no plaintext passwords transmitted)
• Access to photos is scoped to the uploading user — no other user can view your photos
• International transfer: If you are located outside the United States, your personal information is transferred to and processed in the United States by us and our sub-processors. The safeguards we rely on are: (a) encryption in transit (TLS 1.2+) and at rest (AES-256); (b) access controls scoping data to the account that uploaded it; and (c) contractual data-protection terms with each sub-processor. Those terms include, where applicable, Standard Contractual Clauses adopted by the European Commission (Implementing Decision (EU) 2021/914), the UK International Data Transfer Addendum, Swiss adaptations, and participation in the EU-US Data Privacy Framework. For users located in Brazil, transfers are made under Article 33 of the Brazilian General Data Protection Law (LGPD). The legal basis is your specific and informed consent for the international transfer (Article 33, item II), given when you accept this Privacy Policy at sign-up and again before any photo is sent to Anthropic for AI analysis. Where a sub-processor's Data Processing Agreement extends the contractual safeguards above to data subject to the LGPD, those safeguards also apply. The Brazilian National Data Protection Authority (ANPD) issued its own Standard Contractual Clauses in Resolução CD/ANPD nº 19 of August 2024; not all of our sub-processors have yet incorporated those clauses, and where they have not, your Article 33, item II consent is the operative transfer basis.

5. DATA RETENTION

• Photos: Retained until you delete them or your account is terminated
• Analysis results: Retained until your account is terminated
• Account data: Retained until you request deletion
• Anthropic API data: Retained by Anthropic for up to 30 days per their policy
• Analytics data: Retained by PostHog per their data retention policy; anonymized after you opt out or delete your account
• Crash reports: Retained by Sentry for 90 days per their default retention policy

6. YOUR RIGHTS

Depending on your jurisdiction, you may have the following rights:

Under CCPA/CPRA (California residents): - Right to know what personal information we collect - Right to delete your personal information - Right to opt out of the sale or sharing of personal information - We do not sell your personal information. We do share certain online identifiers with advertising partners (such as Meta) for cross-context behavioral advertising; see the "Do Not Sell or Share" section below to limit this

Under PIPEDA (Canadian residents): - Right to access the personal information we hold about you - Right to challenge the accuracy and completeness of your personal information - Right to withdraw consent for processing, subject to legal or contractual restrictions - Right to file a complaint with the Office of the Privacy Commissioner of Canada at priv.gc.ca - Quebec residents: Under Quebec's Law 25, you also have the right to data portability and to be informed of any automated decision-making affecting you. Our privacy contact (trust@cedarandfoglabs.com) serves as the person responsible for the protection of personal information.

Under the Brazilian General Data Protection Law (LGPD, Lei Geral de Proteção de Dados) (Brazilian residents): - Right to confirmation of processing and access to your personal data - Right to correction of incomplete, inaccurate, or outdated data - Right to anonymization, blocking, or deletion of unnecessary or excessive data, or data processed in non-compliance with the LGPD - Right to data portability to another service provider - Right to deletion of personal data processed on the basis of consent - Right to information about the public and private entities with which we have shared your data - Right to information about the possibility and consequences of refusing consent - Right to withdraw consent at any time - Right to review of decisions made solely on the basis of automated processing - Right to file a complaint with the National Data Protection Authority (ANPD, Autoridade Nacional de Proteção de Dados) at gov.br/anpd - Our Data Protection Officer (Encarregado) for LGPD purposes can be reached at trust@cedarandfoglabs.com

Under GDPR (EU residents): - Right of access to your personal data - Right to rectification - Right to erasure ("right to be forgotten") - Right to data portability - Right to object to processing - You may exercise these rights by contacting us

Under the Australian Privacy Principles (Australian residents): - Right to access the personal information we hold about you - Right to request correction of inaccurate or out-of-date information - Right to make a complaint about how we handle your personal information, first to us and then to the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au - We will notify you and the OAIC of any eligible data breach as required under the Notifiable Data Breaches scheme

Under the New Zealand Privacy Act 2020 (New Zealand residents): - Right to access the personal information we hold about you - Right to request correction of inaccurate or out-of-date information - Right to make a complaint to the Office of the Privacy Commissioner at privacy.org.nz - We will notify the Privacy Commissioner and affected individuals of any notifiable privacy breach as required under the Privacy Act 2020

7. DO NOT SELL OR SHARE

We do not sell your personal information for money. We do share online identifiers and website usage information with advertising partners, such as Meta, for cross-context behavioral advertising, which California law treats as "sharing." To limit this, you can disable cookies in your browser, send a Global Privacy Control (GPC) signal, which we honor on our website, or adjust your ad preferences directly with Meta. Your photos are never used for advertising and are used solely to provide you with the analysis service.

8. CHILDREN'S PRIVACY

The App is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, please contact us so we can delete it.

9. AUTOMATED DECISION-MAKING

The App uses AI to analyze photos and provide organizational recommendations. These are suggestions only and do not result in any automated decisions that have legal or similarly significant effects on you. You always have the choice to accept, modify, or ignore any recommendation.

10. DATA DELETION

To delete your account and all associated data: - Go to Settings > Privacy > Delete Account within the App - For your security, you will be asked to re-authenticate before deletion proceeds - This will immediately and permanently delete your account, photos, analysis results, room data, and stored records - If you signed in with Apple, the App will additionally revoke our access to your Apple ID through Apple's REST API as part of the deletion process. In the rare event Apple's servers are temporarily unavailable, deletion of your data still proceeds; you can complete the disconnection manually at Settings > Apple ID > Sign in with Apple > Settlewood on your Apple device - Account deletion is irreversible - Data previously sent to Anthropic's API will be retained per their retention policy (up to 30 days) before automatic deletion - Analytics data previously sent to PostHog will be anonymized upon account deletion - Crash reports previously sent to Sentry will be retained per their retention policy (90 days)

11. BIOMETRIC DATA

The App does not collect biometric identifiers or biometric information. We recommend photographing rooms without people to avoid incidental capture of facial features.

12. CHANGES TO THIS POLICY

We may update this Privacy Policy from time to time. We will notify you of material changes through the App or via email.

13. CONTACT US

For questions about this Privacy Policy or to exercise your data rights, please contact us at:

trust@cedarandfoglabs.com