Effective: June 9, 2026
TallyHQ, Inc. | Delaware, USA
arul@tally.kitchen | https://www.tally.kitchen
At a glance — financial data
Your wallet, your USDC purchases (Apple Pay), and your cash-outs to a bank are provided by Coinbase. Coinbase collects and processes your identity-verification (KYC) and payment information under the Coinbase Privacy Policy. Tally does not collect or store your government ID, card, or bank details, and never has access to your private keys. We store your public wallet address and on-chain transaction history.
This Privacy Policy ("Policy") describes how TallyHQ, Inc. ("Tally," "we," "us," or "our") — the data controller — collects, uses, discloses, and protects your personal information when you use the Tally mobile application, website, and related services (collectively, the "Service"). The Service is available to users in the United States and Canada (excluding Quebec).
This Policy is incorporated into and forms part of our Terms of Service. Capitalized terms not defined here have the meanings given in our Terms.
Contact for privacy matters: arul@tally.kitchen · TallyHQ, Inc., Delaware, USA.
Your wallet, the purchase of USDC (via Coinbase Onramp / Apple Pay), and the sale of USDC to fiat (via Coinbase Offramp) are provided by Coinbase, Inc. and its affiliates ("Coinbase"). Coinbase, as an independent controller, collects and processes the information needed to provide those services — including identity-verification (KYC) data, payment-method data, and bank-account details — under the Coinbase Privacy Policy.
Tally does not collect, receive, or store your government-issued ID, Social Security number, card number, or bank-account credentials, and Tally never has access to your wallet's private keys or recovery material. We receive only your public wallet address and the on-chain result of your transactions.
OTP codes are transient and never stored after verification. Phone numbers and email addresses are not displayed publicly.
To enable commitment deposits, we collect and store:
Tally does not have access to your private keys or wallet recovery phrases. Key management is handled exclusively by Coinbase's infrastructure. We store wallet addresses (public on-chain information) but never private keys.
Blockchain permanence: wallet addresses, transaction hashes, and smart-contract interactions on the Base blockchain are public by design and cannot be deleted, even on request.
Your fiat payment data (Apple Pay, card, or bank account) used to buy or cash out USDC is collected and processed by Coinbase, not Tally — see Sections 2 and 7.
Social: friend relationships, friend requests, and push-notification tokens. Public profile data is limited to username, display name, profile photo, and account-creation date. Phone number, email, wallet address, and date of birth are not publicly visible.
Contacts: if you choose to find friends from contacts, phone numbers from your address book are normalized and hashed on your device before matching. Contact names are used locally to label matches in your app and are not sent to Tally. We do not upload your full address book.
Technical: device identifiers, crash reports (Sentry), edge-function execution logs (30-day retention), rate-limit records (1-hour retention), and session tokens.
Photo verifications are uploaded to Tally's storage (Supabase, hosted on AWS). Both photos are transmitted to Google Gemini (primary) and Anthropic Claude (fallback) for analysis. Photos are retained for 30 days, then permanently deleted; pass/fail records and AI reasoning notes are retained indefinitely for dispute review.
BIOMETRIC DATA NOTICE — Illinois BIPA, Texas CUBI, Washington Biometric Law, and similar state statutes:
AI services may analyze facial geometry in selfie photos as part of verification. This constitutes biometric-data processing under several state laws. By submitting a photo for AI verification, you provide explicit written consent to:
We do not sell biometric data, and we do not share it with third parties for any purpose other than the verification described above. To request a copy of our biometric retention and destruction policy, email arul@tally.kitchen.
When you enable Screen Time monitoring, Tally collects only the apps/categories you select for habits and the violation events when thresholds are exceeded. We never collect a continuous log of your app usage or the full list of installed apps. App selections are stored as encrypted Apple FamilyActivitySelection tokens — not as readable app names.
When you enable Tally's DNS filter, queries are routed through an encrypted DNS-over-HTTPS connection (NextDNS). Tally stores only the domain-category matches that pertain to your active habits, including the matched domain or root domain when needed to audit the violation — all other DNS queries are processed in memory and immediately discarded by Tally.
HealthKit data access is read-only and limited to the metrics needed for your active habits. We collect daily aggregate totals, not raw samples. HealthKit data is never used for advertising, never shared with third parties for marketing or data mining, never stored in iCloud, and never written back to HealthKit.
We never sell your personal information. We never use Screen Time, HealthKit, DNS, or biometric data for advertising or data mining. We do not engage in cross-context behavioral advertising.
Creating and managing your account, running your habits, funding and resolving on-chain commitments, verifying outcomes, and managing friend connections.
Screen Time monitoring, encrypted DNS resolution, HealthKit access, photo capture and AI processing (including biometric-data processing), and push notifications. You may withdraw consent at any time, with effect going forward.
Fraud prevention, security monitoring, debugging, and dispute resolution.
Compliance with applicable laws, including responses to lawful requests from regulators and law-enforcement authorities, and anti-money-laundering obligations applicable to our service providers.
We share information with the following service providers, each subject to its own privacy obligations:
We do not use a separate fiat payment processor; all fiat-to-USDC and USDC-to-fiat conversion is handled by Coinbase.
We may disclose information in response to valid legal process, regulatory authority requests, law-enforcement requests, or to protect Tally's rights and the safety of our users.
In a merger, acquisition, sale of all or substantially all of our assets, or similar transaction, your information may be transferred to the surviving or acquiring entity, subject to this Policy or a successor policy with at least equivalent protections. We will notify you of any such transfer.
To exercise any of these rights, email arul@tally.kitchen. We will respond within 45 days. For data held by Coinbase (identity and payment data), contact Coinbase directly.
You have the right to:
To exercise a California right, email arul@tally.kitchen with subject "California Privacy Request."
You have the right to access and correct your personal information, withdraw consent for collection or use, and file a complaint with the Office of the Privacy Commissioner of Canada at www.priv.gc.ca.
See Section 7 for the BIPA / Texas CUBI / Washington Biometric Law disclosure and consent. To request a copy of our biometric-data retention and destruction policy, or to revoke biometric consent, email arul@tally.kitchen.
The Service uses automated systems to determine habit outcomes, which affect your on-chain commitment deposits:
You may dispute AI photo-verification outcomes through the in-app dispute interface within 24 hours. Outcomes from Screen Time, DNS, and HealthKit verification are not subject to manual dispute, because they are derived directly from on-device data you control.
We use TLS 1.2+ in transit, AES-256 at rest, row-level security on our database, rate limiting, and access controls. If a security breach affects your information, we will assess the scope within 72 hours, notify affected users within 30 days, notify regulators as required by law, and — for breaches affecting health-related data — notify the FTC under the Health Breach Notification Rule.
The Service is not directed to children under 18, and we do not knowingly collect information from anyone under 18. If we discover an account belongs to a minor, the account will be suspended and any associated information deleted.
We will provide at least 30 days' notice of material changes via push notification and email, and post the updated policy at tally.kitchen/privacy.