Suracode — Privacy Addendum
This addendum supplements the Dignity Labs Base Privacy Policy. It details what data Suracode specifically collects and how it is handled.
We collect the minimum data necessary to provide the service. Your family's code word is encrypted on your device before it ever leaves — we cannot read it. Screenshots you scan never leave your device. We do not store your name, email address, or any personally identifying information in our application database.
Our application database contains no personally identifying information. All user references are anonymous unique identifiers (UUIDs) that cannot be linked to your real identity without access to the authentication system (see Section SP3).
| Data Type | Purpose | Storage | Personal Data? |
|---|---|---|---|
| Anonymous User ID | Identify you within the App | Our servers (a random UUID) | No |
| Family Name | Label for your family group | Our servers | Only if you choose to include personal information |
| Family Code Word | Core functionality — sync across family devices | Our servers (end-to-end encrypted — we cannot read this) | No (encrypted) |
| Family Region | Provide region-appropriate alerts and contacts | Our servers (UK, US, or AU) | No |
| Membership Role | Track admin/member status | Our servers | No |
| Timestamp Data | Track when code words are changed, check-ins recorded | Our servers | No |
The App uses Google Sign-In (or Apple Sign-In where available) to verify your identity. Authentication is handled entirely by Supabase Auth. When you sign in:
Supabase acts as our data processor for authentication data. Their handling of this data is governed by their privacy policy and our data processing agreement.
| Data Type | Stored By | Dignity Labs Access | Purpose |
|---|---|---|---|
| Email address | Supabase Auth (not our tables) | We do not query or display this | Authentication |
| Display name | Supabase Auth (not our tables) | We do not query or display this | Authentication |
| Google/Apple unique ID | Supabase Auth (not our tables) | We do not query or display this | Authentication |
| Data Type | Purpose | Storage | Personal Data? |
|---|---|---|---|
| Family Votes | Record Scam/Unsure/Safe votes | Our servers (anonymous UUID) | No |
| Vote Descriptions | User-written label for the vote session | Our servers | Only if you choose to include personal information |
| Check-in Records | Track family protection streak | Our servers (anonymous UUID + date) | No |
| Feature | What We Do NOT Collect |
|---|---|
| Scam Pattern Checker | Screenshots, images, extracted text — all processing is on-device |
| Family Voting | Screenshots you share externally |
| Deepfake Check | Video call content, recordings, or images |
The following data never leaves your device and is never transmitted to our servers:
If you choose to enable "Help improve Suracode" in Settings, we collect anonymous usage statistics, crash reports, and app/OS version information. This data contains no personal information, cannot identify you, is never sold or shared with advertisers, and can be disabled at any time in Settings.
Default: Analytics is OFF. We only collect this data if you explicitly opt in.
We explicitly do not collect: your name, your email address, your phone number, your location or GPS coordinates, your contacts list, your photos or media, your browsing history, advertising identifiers, any biometric data, screenshots you scan, content of video calls, or your Google or Apple password.
Your code word is encrypted on your device using AES-256-GCM before being transmitted. Our servers store only encrypted data. Even if our servers were compromised, your code word would remain protected. Dignity Labs staff cannot read your code word. Law enforcement requests cannot reveal your code word (we don't have the key). You control who receives the invite code and how it's shared.
Screenshots are processed entirely on your device using ML Kit text recognition. Images never leave your device. Extracted text is not stored or transmitted. We cannot see what you scan. No record of scans is kept. When you close the screen, all data is discarded.
We store: vote choice, voter's anonymous UUID, vote timestamp, and session description. We do NOT store screenshots, images, or the content being voted on. Votes are visible to family members only. Vote data is deleted when the session is closed or after 7 days.
We fetch alerts from our servers based on your family's region. We do not track which alerts you view. Alerts are cached locally for offline access and refresh automatically. When you tap through to a source website, that site has its own privacy policy.
Your data is stored on servers provided by Supabase, Inc., located in the European Union (Frankfurt, Germany). Supabase complies with GDPR and maintains SOC 2 Type II certification. Supabase encrypts all stored data using AES-256 at rest. All connections use HTTPS/TLS. Row-level security ensures you can only access your family's data.
Note: Your code word is encrypted by the App before being sent to our servers. Even though Supabase also encrypts data at rest, we add our own encryption layer so that only your family can read the code word.
Our zero-PII architecture means your exposure in the event of a server breach is limited. Our application database contains only anonymous UUIDs and encrypted data. The only personal data held on our infrastructure is your email address and display name, stored by Supabase Auth for authentication purposes.
| Service | Purpose | Privacy Policy |
|---|---|---|
| Supabase | Cloud database, real-time sync, authentication | supabase.com/privacy |
| Google Sign-In | Authentication | policies.google.com/privacy |
| Apple Sign-In | Authentication (where available) | apple.com/legal/privacy |
| ML Kit | On-device OCR (no data transmitted) | developers.google.com/ml-kit |
| Data Type | Retention Period |
|---|---|
| Active family data | Retained while family group exists |
| Deleted family data | Permanently deleted within 30 days |
| Authentication data | Deleted within 30 days of account deletion request |
| Local device data | Deleted immediately when you leave a family |
| Vote sessions | Deleted when closed or after 7 days |
| Check-in records | Retained while family group exists |
| Cached alerts | Refreshed every 24 hours; deleted on app uninstall |
| Support correspondence | 2 years from last contact |
To delete all your data from our servers: Open the App → Settings → Leave Family → Confirm. This removes your UUID, membership, votes, and check-in records. If you are the last member, the entire family group is deleted.
To delete authentication data: Contact admin@dignitylabs.co.uk to request deletion of your Supabase Auth record.
We will process deletion requests within 30 days.
| Question | Answer |
|---|---|
| Do you sell my data? | No, never |
| Do you store my name or email? | Not in our application database. Authentication data is held by Supabase Auth. |
| Can you read my code word? | No, it's end-to-end encrypted |
| Can you see screenshots I scan? | No, scanning happens on your device only |
| Where is my data stored? | EU (Frankfurt, Germany) |
| Can I delete my data? | Yes, leave the family or contact us |
| Do you track me? | Only if you opt in, and it's anonymous |
This addendum was last updated on 11 February 2026.
Dignity Labs Ltd · Company 16954194 · England and Wales