Privacy Policy
Last Updated: July 9, 2026
This Privacy Policy describes how Karomi Studio LLC (“we,” “us,” or “our”), the developer of Dotted (the “App”), collects, uses, shares, and protects your personal information. It applies to the Dotted iOS application and the backend services we operate to run it.
By creating an account or using Dotted, you agree to the practices described here. If you do not agree, please do not use the App.
1. Information You Provide
When you use Dotted, you choose to give us the following information.
Account Information
- Email address — used to create and identify your account.
- First and last name — displayed to your household members and used throughout the App.
- Authentication method — whether you sign in with Apple, Google, or email and password.
Profile Preferences
- Avatar color — a color you pick to personalize your profile.
- Notification preferences — your choices about which alerts you receive.
- Payment handles — your Venmo username and/or Cash App $Cashtag, if you choose to add them. These are shown to your household members so they can pay you back when settling shared expenses. Dotted does not process any payment; settling up happens directly between you and the other person through their chosen payment app.
Household Information
- Home and room names — labels you create for your shared living spaces.
- Invite codes — unique codes generated when you create a home, used to invite others.
- Join requests — requests you submit to join a household, including their approval or denial.
- Member roles — whether you are an admin or member of a household.
Rules and Governance
- Rules text — household agreements you write or help draft (e.g., quiet hours, guest policies).
- Rule proposals and votes — proposals to create or change rules, and your votes on them.
- Rule acceptance records — whether you have accepted the current household rules.
Chores
- Chore details — titles, descriptions, notes, categories, room assignments, estimated duration, frequency, and start/end dates.
- Rotation and assignment data — the order members take turns, who is currently assigned, and due dates.
- Chore actions — when you complete a chore, pass it (with a reason such as “sick” or “out of town”), pick up an available chore, or vote to bump a chore to another member.
- Chore proposals — proposals to create, edit, or delete chores that require household approval.
Bills and Expenses
- Bill details — names, amounts (in US dollars), categories (e.g., rent, utilities, groceries), due dates, recurrence settings, and notes.
- Splits — how a bill is divided among household members, whether equally or with custom amounts.
- Payment status — whether a bill has been accepted, declined, marked as paid, or is still pending.
- Settlements — records of debts you request, confirm, dispute, or settle between household members.
Receipt Data
- Scanned receipts — if you use the receipt scanning feature, the App captures an image using your device camera or photo library. The text is read on your device; only the extracted data (such as merchant name, date, total, line items, tax, and tip) is transmitted to our servers to pre-fill a bill. We do not upload the raw receipt image to our servers.
Planner
- Scheduling data — chore due dates and bill due dates shown in the in-app planner and calendar view.
2. Information Collected Automatically
Device and App Information
- Device type, operating system version, and app version.
- Time zone (used to schedule chores and bills accurately).
Service Identifiers
- Your unique user ID (assigned by our authentication system).
- Household IDs and membership records.
Usage Analytics
We use PostHog, a third-party product analytics service, to understand how people use Dotted and to improve it. Our analytics provider receives:
- Your user ID (a random identifier, not your name or email).
- App version and iOS version.
- Engagement events — such as which screens you view, which features you use, and app lifecycle events (like opening or backgrounding the App).
Our analytics provider does not receive the content of your chores, bills, rules, notes, invite codes, payment handles, or financial amounts. We do not use session replay. Analytics data is processed on US-based servers.
Network Metadata
Our cloud infrastructure providers may log IP addresses and standard request metadata as part of normal service operation.
Locally Cached Data
The App stores a local copy of your profile, household, chore, bill, and activity data on your device to improve performance and support offline-friendly reads. This data stays on your device.
3. Information from Third Parties
We may receive information about you from services you use to sign in:
- Sign in with Apple — your name and email address, as you choose to share them.
- Google Sign-In — your name, email address, and profile identifier.
4. How We Use Your Information
We use the information we collect to:
- Operate the Service — create and manage your account, households, chores, bills, rules, activity feeds, standings, and calendar.
- Authenticate you — verify your identity when you sign in.
- Send notifications — deliver chore reminders, bill alerts, household activity, and governance notifications you have opted into.
- Improve the App — analyze aggregated usage patterns to understand which features are useful and where the experience can be better.
- Maintain security — enforce rate limits, detect abuse, and protect the integrity of household data.
- Comply with the law — respond to legal requests and fulfill our legal obligations.
- Provide support — respond to your questions and requests.
We do not use your personal information for advertising. We do not sell your data. We do not track you across other companies’ apps or websites. Dotted is built so that it does not track you and does not ask for permission to track you.
5. On-Device Processing
Receipt Scanning
When you scan a receipt, Dotted uses on-device text recognition to read the text from the image. The image is processed locally on your device. Only the extracted data (merchant name, amounts, line items) is transmitted to our servers to create a bill.
6. Legal Bases for Processing (GDPR)
If you are in the European Economic Area (EEA), United Kingdom, or Switzerland, we rely on the following legal bases:
| Legal Basis | Examples |
|---|---|
| Contract performance | Operating your account, managing households, processing chores and bills, delivering notifications |
| Legitimate interests | Improving the App through analytics, maintaining security, preventing abuse |
| Consent | Sending optional notifications; accessing your device camera or photos; analytics where consent is required by local law |
| Legal obligations | Responding to lawful requests from authorities, retaining records as required by law |
You may withdraw consent at any time by changing your device settings or contacting us. Withdrawal does not affect the lawfulness of processing before withdrawal.
7. How We Share Your Information
With Your Household Members
Dotted is designed for shared living. Information you submit within a household — your name, avatar, payment handles, chore actions, bill contributions, rule votes, activity history, standings, pass reasons, and notes — is visible to every member of that household. There are no privacy tiers within a home. Before joining a household, consider that its members will see your activity.
With Service Providers
We share information with the following providers, who process it on our behalf:
| Provider | What They Receive | Purpose |
|---|---|---|
| Supabase (cloud infrastructure) | Account data, household data, chores, bills, activity, rules, membership records | Database, authentication, real-time data, and server-side functions |
| PostHog (product analytics) | User ID, app version, iOS version, engagement events | Product analytics |
| Apple Inc. | Name and email (via Sign in with Apple); device token (via push notifications) | Authentication and notification delivery |
| Google LLC | Name, email, profile identifier (via Google Sign-In) | Authentication |
These providers are required to use your information only for the purposes described above and to protect it consistent with this Privacy Policy and applicable law.
For Legal and Safety Reasons
We may disclose your information if we believe in good faith that it is necessary to comply with the law, enforce our Terms, protect the rights, safety, or property of Dotted, our users, or the public, or detect and address fraud or security issues.
In a Business Transfer
If we are involved in a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change and any choices you may have.
8. Data Retention
- Active accounts — we retain your information for as long as your account is active and as needed to provide the Service.
- Account deletion — when you delete your account, we perform a cascading cleanup: your profile, household memberships, rule acceptances, and join requests are deleted, your user ID is removed from chore rotation orders, and your authentication record is permanently deleted.
- Shared records — activity feed entries that reference your past actions may be retained for remaining household members but are no longer linked to an active account.
- Analytics data — retained according to PostHog’s data retention policies.
- Legal requirements — we may retain certain information as required by law or to resolve disputes.
9. Your Rights and Choices
In-App Controls
- Edit your profile — update your name, avatar color, and payment handles at any time.
- Manage notifications — enable or disable notifications in the App and through your device settings.
- Manage device permissions — grant or revoke access to your camera, photos, and notifications in your device settings. Some features may become unavailable if permissions are revoked.
- Leave a household — remove yourself from any household you belong to.
- Delete your account — permanently delete your account and associated data from within the App (Settings > Edit Profile). If you are the sole admin of a household with other members, transfer ownership or remove them first.
Privacy Rights Requests
Depending on where you live, you may have the right to:
- Access the personal information we hold about you.
- Correct inaccurate information.
- Delete your personal information.
- Port your data to another service.
- Restrict or object to certain processing.
- Withdraw consent where processing is based on consent.
To exercise these rights, contact us at support@karomistudio.com. We will verify your identity before processing your request and respond within the timeframe required by applicable law.
10. Your California Privacy Rights (CCPA/CPRA)
If you are a California resident, you have additional rights under the California Consumer Privacy Act and California Privacy Rights Act.
Categories of Personal Information We Collect
- Identifiers (name, email, user ID).
- Internet or electronic network activity (usage analytics, device information).
- Commercial information (bill and expense data).
- Financial information (payment handles you choose to share, expense splits and balances).
- Inferences (household standings and reliability scores derived from chore completion).
You have the right to know, access, delete, and correct your personal information, to data portability, and to non-discrimination for exercising your rights. We do not sell your personal information and do not share it for cross-context behavioral advertising. To exercise your rights, contact us at support@karomistudio.com.
11. European Privacy Rights (GDPR)
If you are in the EEA, UK, or Switzerland, you have the right to access, correct, or delete your personal data; restrict or object to processing; data portability; to withdraw consent at any time; and to lodge a complaint with your local data protection authority. To exercise these rights, contact us at support@karomistudio.com.
International Data Transfers
Your information is processed in the United States. Our primary infrastructure and analytics providers operate US-based servers. When your data is transferred outside the EEA, UK, or Switzerland, we rely on appropriate safeguards — including standard contractual clauses and the data processing agreements of our service providers — to protect it.
12. Children’s Privacy
Dotted is not directed to children under 13, and we do not knowingly collect personal information from anyone under 13. If you are between 13 and the age of majority in your jurisdiction, you may only use Dotted with the consent and supervision of a parent or guardian. If you believe we have collected information from a child under 13, contact us at support@karomistudio.com and we will promptly delete it.
13. Security
We take reasonable measures to protect your information, including:
- Signed authentication tokens for all requests.
- Access controls on all database tables, so users can only access data from their own households.
- Server-side membership and role verification on every data-modifying operation.
- Rate limiting to prevent abuse.
- Encryption for all data in transit.
No system is perfectly secure. We cannot guarantee absolute security, and you use the Service at your own risk.
14. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will revise the “Last Updated” date above. If we make material changes, we will provide reasonable notice, such as an in-app notification or a prominent notice on our website. Your continued use of Dotted after changes take effect constitutes your acceptance of the updated policy.
15. Contact Us
If you have questions about this Privacy Policy or want to exercise your privacy rights, contact us:
Karomi Studio LLC
Email: support@karomistudio.com
Website: https://getdotted.app
Appendix: App Store Privacy Label
The following table maps our data practices to Apple’s App Store privacy label categories.
| Apple Category | Data Type | Collected? | Linked to You? | Used for Tracking? | Purpose |
|---|---|---|---|---|---|
| Contact Info | Name | Yes | Yes | No | App Functionality |
| Contact Info | Email Address | Yes | Yes | No | App Functionality |
| Identifiers | User ID | Yes | Yes | No | App Functionality, Analytics |
| Usage Data | Product Interaction | Yes | Yes | No | Analytics |
| Financial Info | Other Financial Info (bills, splits, payment handles) | Yes | Yes | No | App Functionality |
| User Content | Other User Content (rules, chores, notes) | Yes | Yes | No | App Functionality |
| Location / Contacts / Browsing / Sensitive Info | Any | No | — | — | — |
Tracking: This app does not track users and does not ask for permission to track you.
On-device only (not collected): Receipt images (processed on your device; only extracted text is transmitted).