Privacy Policy

Effective: April 2, 2026

Overview

Adaely Group LLC ("Company", "we", "our", or "us") operates the Burr application and related services. This Privacy Policy explains how we collect, use, share, and safeguard your information. By using Burr, you agree to the practices described in this policy and our Terms of Service.

Information We Collect

Account Information

When you create an account, we collect your email address. If you sign in with Apple (Sign in with Apple), we receive your name and email address (or an Apple private relay email if you choose to hide your address) as provided by Apple. We use passwordless authentication, so we do not store passwords.

Task and Shopping Data

We store the tasks and shopping items you create, including titles, due dates, categories, and completion history. This data is necessary to provide the core functionality of the app.

Location Data

If you enable location-based features, the app requests "Always" location permission on iOS to monitor geofences in the background. This allows reminders to trigger when you arrive at or depart from saved locations, even when the app is not in the foreground.

Geofence monitoring is processed on your device by the operating system. We store the coordinates of locations you explicitly save (e.g., "Home", "Costco") on our servers. We do not continuously track or record your real-time position.

If you join a household, other members may be notified when you arrive at a store with shared shopping items. Your precise coordinates are not shared with household members — only that you are near a store.

If you do not enable location permissions, all other app functionality works normally. You can change location permissions at any time in your device's Settings.

Weather and Environmental Data

If you create weather-triggered reminders, the app sends your saved location coordinates to the National Weather Service (Weather.gov), a free U.S. government API, to retrieve current conditions and forecasts. No weather data is fetched unless you have active weather-based reminders. This data is used solely to determine when to trigger your reminders and is not used for advertising or profiling.

Home Profile Data

If you set up Home IQ features, we collect your ZIP code, home type (house, apartment, condo, or townhouse), and state to provide location-specific home maintenance predictions.

Display Name

When you create an account via email, we collect a display name you choose. This is visible to other members of your household, if applicable.

Device Information

If you enable push notifications, we collect your device token to deliver them. We do not collect device identifiers for advertising or tracking purposes.

Consent Records

When you accept or withdraw consent for health data processing, AI features, or household sharing, we record: the consent interaction timestamp, event type (accepted, declined, withdrawn), consent text version, your IP address, user agent, and an HMAC hash of your email address. These records are maintained for legal compliance and consent verification. Consent event metadata (type, version, text hash, timestamp) survives account deletion; device-identifying fields (IP address, user agent) are redacted upon account deletion.

Sources of Information

We collect personal information from the following sources:

  • Directly from you: Account information, task and shopping item content, saved locations, display name, home profile data
  • Automatically from your device: Device tokens (for push notifications), precise geolocation (if you enable location features)
  • From third parties: Your name and email address from Apple (if you use Sign in with Apple)
  • Derived by our systems: Shopping Intelligence inferences (purchase frequency, predicted reorder timing, item priority scores), AI-generated categorizations and suggestions (if you enable AI features)

How We Use Your Information

We use your information to:

  • Provide and maintain the Burr service
  • Send push notifications for task reminders and geofence alerts, if you have enabled notifications
  • Power AI features such as categorization and suggestions, if you have AI features enabled
  • Improve our service based on usage patterns (aggregated, anonymized)
  • Respond to support requests

Shopping Intelligence

We analyze your purchase history to derive inferences including: purchase frequency, average purchase intervals, predicted reorder timing, and item priority scores. These inferences are a category of personal information under applicable privacy laws. They are derived solely from your shopping data, stored in your account, and used to generate shopping suggestions. You may request access to, correction of, or deletion of these inferences by contacting [email protected]. For algorithmically derived inferences, correction is performed by deleting the inaccurate inferences, which are then regenerated from your updated data.

Automated Decision-Making

Shopping Intelligence uses automated processing to analyze your purchase history and generate predictions (purchase frequency, reorder timing, item priority scores). These predictions are used solely to suggest shopping items and are not used for decisions that produce legal or similarly significant effects. You may opt out of this automated processing at any time through Settings > Privacy > Withdraw Health Data Consent, which deletes all Shopping Intelligence data while keeping your account.

We do not sell your personal information. We do not share your personal information for cross-context behavioral advertising. We do not use your data for advertising or share it with advertising networks.

Categories Disclosed to Service Providers

We disclose the following categories of personal information to service providers for the business purposes described in this policy:

  • Task and item content (titles, categories) to Google (Gemini API) for AI-powered features, if you have AI features enabled
  • Email address to Brevo for transactional email delivery (verification codes, data exports)
  • Technical error data (request metadata, error stack traces) to Sentry for service reliability monitoring

Google, Brevo, and Sentry each process data on our behalf as service providers under written contracts that restrict their use of your data to the purposes described in this Privacy Policy.

AI Features

Burr offers optional AI-powered features such as item categorization and contextual suggestions. When enabled, these features process your content (such as task titles, shopping items, and categories) using Google Gemini, a third-party AI service provided by Google.

If you have AI features enabled, task and item data is sent to Google's Gemini API when those features process your content. Google processes this data under its applicable API data processing terms, which provide protections for your data consistent with this Privacy Policy. We do not send your location data, email address, or account information to AI providers.

You may disable AI features at any time through the app's Settings. When disabled, no data is sent to third-party AI services.

Data Sharing

We may share your information only in these limited circumstances:

  • Household sharing: With other household members for items you explicitly share with the group
  • AI processing: Task and item content with Google Gemini, if you have AI features enabled (see above)
  • Weather services: Saved location coordinates with the National Weather Service, if you have active weather-based reminders
  • Legal compliance: To comply with legal obligations
  • Email delivery: We share your email address with Brevo to deliver verification codes and notification emails
  • Safety: To protect our rights or the safety of users

Household Sharing

If you join a household group, other members can see shopping items and tasks you explicitly share with the group. You control what is shared.

  • The household creator manages membership and can remove members
  • If you leave a household, items you shared are removed from the household. Your items remain in your own account but are no longer visible to other members
  • If you delete your account, items you shared with a household remain visible to other members but are no longer associated with your identity or account. Your personal account data (email address, display name, saved locations, purchase history, and Shopping Intelligence predictions) is permanently deleted within 30 days
  • All household members must be at least 13 years of age
  • Shared content may reveal information about your dietary preferences, health-related purchases, habits, location, and schedule

Data Retention

  • Active accounts: Account data is retained while your account is active
  • Purchase history: Retained for 12 months
  • Task completion history: Retained for 24 months
  • Shopping predictions: Retained for 14 months after last activity
  • AI processing logs: Temporary data generated during AI feature processing is retained for up to 24 hours
  • Nudge notification log: Retained for 90 days. Other notifications (push, email) are not stored after delivery
  • Location data: Saved location coordinates are retained while your account is active and deleted upon account deletion
  • Consent audit records: Event metadata (type, version, text hash, timestamp) retained indefinitely. Device-identifying fields (IP address, user agent) retained for 7 years or until account deletion, whichever is first
  • Deleted accounts: All data is permanently deleted within 30 days of account deletion, except consent audit record metadata (retained for legal compliance)

Upon account deletion or a verified deletion request, Brevo ceases all email delivery. Brevo processes transactional emails (verification codes, data exports) on our behalf; we do not maintain a persistent contact record in Brevo. Brevo retains delivery logs per its Data Processing Agreement. Google processes data under its paid API Data Processing Addendum for the requested service only; Google may temporarily log prompts for safety monitoring per its API terms. Sentry processes error reports under its DPA; we do not include item titles or shopping data in error reports.

Data Security

We implement commercially reasonable technical and organizational measures to protect your data, including encryption in transit (HTTPS), encryption at rest for stored data, and secure storage practices. Backup copies of the database are encrypted at rest and retained for a limited period as part of our disaster recovery procedures. If we restore from a backup, any account deletions that occurred after the backup date are re-applied. However, no method of electronic storage or transmission is 100% secure, and we cannot guarantee absolute security.

In the event of a data breach affecting your personal information, we will notify affected users as required by applicable law, including within 30 days as required by Washington law (RCW 19.255).

Your Rights

You have the right to:

  • Access: Request a copy of your data by contacting [email protected]
  • Delete: Delete your account and all associated data from Settings in the app
  • Correct: Update your information through the app
  • Portability: Request an export of your data in a portable format

Withdraw Consent

You may withdraw consent for health data processing at any time through the app's Settings (Privacy → Withdraw Health Data Consent). This deletes your Shopping Intelligence data while keeping your account. You may also withdraw consent by deleting your account entirely. You may separately disable AI features at any time without withdrawing health data consent.

Depending on where you reside, you may have additional rights under applicable state laws (such as the California Consumer Privacy Act). We will not discriminate against you for exercising your privacy rights. To exercise any of these rights, contact [email protected].

You may designate an authorized agent to submit privacy requests on your behalf by providing a signed written authorization to [email protected]. If we deny a privacy request, you may appeal by contacting [email protected] with the subject line "Privacy Appeal."

Limit the Use of My Sensitive Personal Information

Under the California Privacy Rights Act, precise geolocation is a category of sensitive personal information. Burr collects precise location coordinates for saved locations (including your home) to provide location-based reminders and geofencing features.

To limit our use of your sensitive personal information (precise geolocation), disable location features in the app's Settings or revoke location permissions on your device. When location features are disabled, all other app functionality continues to work normally.

Washington State Consumer Health Data

Grocery purchase patterns may, when processed algorithmically, reveal information about dietary restrictions, allergies, or other health-related preferences. Under Washington's My Health My Data Act (RCW 19.373), such derived information may be considered consumer health data. Out of an abundance of caution, we provide additional protections for this data as described in our Consumer Health Data Privacy Policy.

California Privacy Rights

If you are a California resident, the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) provide you with specific rights regarding your personal information. This section supplements the rest of this Privacy Policy.

Categories of Personal Information We Collect

  • Identifiers: Name, email address, device token
  • Geolocation data: Precise coordinates of saved locations (sensitive personal information)
  • Commercial information: Shopping items, purchase history, purchase frequency
  • Inferences: Shopping Intelligence predictions (reorder timing, item priority scores)
  • Internet activity: App usage patterns (aggregated)
  • Profile information: Home profile (ZIP code, home type)
  • Consent records: Consent interaction timestamps, event types, consent text versions, IP address, user agent, email HMAC hash (purpose: legal compliance — demonstrating valid consent was obtained)

How to Exercise Your Rights

You may request access to, correction of, or deletion of your personal information by contacting [email protected] or by using the deletion feature in the app's Settings. We will respond within 45 days of receiving a verifiable request and will cover the 12-month period preceding the request. You may also request data portability in a machine-readable format. For algorithmically derived data (such as Shopping Intelligence predictions), correction is performed by deleting and regenerating from your updated data.

We do not sell or share your personal information for cross-context behavioral advertising. We do not use or disclose sensitive personal information for purposes other than providing the Service.

Children's Privacy

Burr is not intended for children under 13. We do not knowingly collect personal information from children under 13. If we learn that we have collected personal information from a child under 13 without verifiable parental consent, we will take steps to delete that information as quickly as possible.

If you believe a child under 13 has provided us with personal information, please contact us at [email protected].

Children aged 13–17 may use the Service with parental consent. A parent or guardian who adds a minor to a household represents that they are authorized to consent on that child's behalf.

Third-Party Services

Depending on which features you use, the Service may integrate with the following third-party services:

  • Authentication: Apple (Sign in with Apple), if you choose this sign-in method
  • AI processing: Google Gemini (item categorization, suggestions), if AI features are enabled
  • Weather data: National Weather Service / Weather.gov, if you create weather-triggered reminders
  • Maps: Apple Maps, if you use location features
  • Notifications: Apple Push Notification service (APNs), if you enable push notifications
  • Email delivery: Brevo (Sendinblue), for transactional emails such as verification codes and data exports
  • Error monitoring: Sentry, for backend error monitoring and service reliability
  • Home maintenance data: phzmapi.org (USDA Plant Hardiness Zone API), if you set up Home IQ features. We send only your ZIP code to determine your gardening zone; no account information is shared

Email Delivery

We use Brevo (Sendinblue) to send transactional emails, including verification codes and data export files. Brevo processes your email address and email content to deliver these messages. Brevo's privacy policy is available at brevo.com/legal/privacypolicy.

Error Monitoring

We use Sentry to monitor backend errors and maintain service reliability. Error reports may include technical context such as request metadata and error stack traces. We do not include task content, shopping lists, or location data in error reports sent to Sentry. Sentry processes error reports under its Data Processing Agreement.

Each third-party service operates under its own privacy policy. We encourage you to review the privacy practices of these services.

Do Not Track

Our Service does not currently respond to Do Not Track browser signals. We do not allow third parties to collect personally identifiable information about your online activities over time and across different websites when you use our Service.

Changes to This Policy

We may update this policy from time to time. If we make material changes, we will provide at least 30 days' notice through the app or via email before the changes take effect, except where changes are required by law or court order.

Contact Us

If you have questions about this Privacy Policy or wish to exercise your privacy rights, please contact us:

burr

never miss what matters

Built in the Pacific Northwest by a gardener who kept forgetting to cover his plants before frost.