BASELINE — Privacy Policy
Effective Date: February 8, 2026 • Last Updated: February 8, 2026
- Applies to the Baseline mobile application on iOS and Android.
- Describes collection, use, sharing, retention, and your rights.
- Observational analysis only. Not a fact-check.
Baseline (“Baseline,” “we,” “us,” or “our”) operates the Baseline mobile application (the “App”) available on iOS and Android platforms. This Privacy Policy describes how we collect, use, disclose, and protect your information when you use the App.
Observational analysis only. Not a fact-check.
1. Information We Collect
1.1 Information You Provide Directly
- Account Information: Email address and password when you register, or authentication credentials when you sign in via Google or Apple OAuth.
- Profile Information: Display name and avatar image, if you choose to provide them.
- User Preferences: App settings such as theme preference and notification preferences, stored as structured data.
- Private Annotations: If you are a paid subscriber (Pro, Pro+, or B2B tier), you may create private notes on public figure statements. These annotations are visible only to you and are never shared with other users or made public.
- Subscription Information: Your subscription tier (Core, Pro, Pro+, or B2B), purchase history, and billing status. Payment processing is handled entirely by Apple (App Store) and Google (Google Play), and our subscription management partner RevenueCat. We do not collect or store your payment instruments.
- Support Communications: If you contact us for support, we may collect your name, email address, and the content of your communication.
1.2 Information Collected Automatically
- Device Information: Device type, operating system version, and mobile network information.
- Usage Data: Features accessed, pages viewed, interaction timestamps, and session duration.
- IP Address: Collected for rate limiting, abuse prevention, and general analytics.
- Crash and Performance Data: Diagnostic information to identify and fix bugs.
1.3 Information from Third-Party Services
- Authentication Providers: If you sign in with Google or Apple, we receive your name and email address as authorized by you.
- RevenueCat: Subscription status, product identifiers, transaction timestamps, and renewal/cancellation events.
- Google AdMob: For Core (free) tier users, advertisements may involve device identifiers and ad interaction data.
2. How We Use Your Information
- Provide, maintain, and improve the App and its measurement surfaces.
- Authenticate your identity and manage your subscription tier.
- Enforce rate limits and feature gates based on your subscription.
- Display advertising for Core (free) tier users via Google AdMob, limited to the Today Feed and Search surfaces only. Ads are never displayed on analysis surfaces.
- Respond to support requests and communicate service updates.
- Detect, prevent, and address technical issues and abuse.
3. How We Share Your Information
We do not sell your personal information. We share information only in the following circumstances:
3.1 Service Providers
| Provider | Purpose | Data Shared |
|---|---|---|
| Supabase | Backend infrastructure, database hosting, authentication | Account data, profile data, preferences, annotations, usage metadata |
| RevenueCat | Subscription management | User ID, tier, product IDs, purchase/renewal timestamps |
| Google AdMob | Advertising (Core tier only, Today Feed + Search only) | Device identifiers, ad interaction data |
| AI Providers | Observational analysis of public-figure statement text | Public-figure statement text only — no user personal data is sent to AI providers |
| Apple / Google | App distribution and payment processing | Purchase and subscription data per platform policies |
3.2 Legal Requirements
We may disclose information if required by law, regulation, legal process, or governmental request, or to protect the rights, property, or safety of Baseline, our users, or the public.
4. Data Retention
- Account Data: Retained while your account is active. Upon account deletion, personal data is removed within 30 days. Some data may persist in encrypted backups for up to 90 days.
- Financial Records: Transaction records retained for 7 years for legal and tax compliance.
- Anonymous Usage Data: Aggregated, de-identified usage data may be retained indefinitely for product improvement.
- Server Logs: Retained for 90 days for security and debugging purposes.
5. Advertising
Core (free) tier users may see advertisements served by Google AdMob. Ads appear only on the Today Feed and Search surfaces. Advertisements are never displayed on analysis surfaces (Statement Detail, Lens Lab, Framing Radar, Trends, or Receipt screens). Paid subscribers (Pro, Pro+, B2B) do not see any advertisements.
Ad-related data sharing may constitute “sharing” of personal information under the California Privacy Rights Act (CPRA). See Section 7 and our Do Not Sell or Share page for opt-out instructions.
6. Data Security
We implement industry-standard security measures including encryption in transit (TLS), encryption at rest, row-level security policies in our database, and role-based access controls. However, no method of electronic transmission or storage is 100% secure, and we cannot guarantee absolute security.
7. Your Rights and Choices
7.1 All Users
- Access and update your profile information through App settings.
- Delete your account by contacting privacy@baseline.marketing.
- Manage notification preferences in App settings.
- Manage or cancel your subscription through App Store / Google Play settings.
7.2 California Residents (CCPA/CPRA)
California residents have the right to know what personal information is collected, request deletion, request correction, and opt out of the “sale” or “sharing” of personal information. Baseline does not sell personal information. For ad-related data sharing opt-out, see our Do Not Sell or Share page.
7.3 EEA / UK Residents (GDPR)
If you are located in the European Economic Area or the United Kingdom, we process your personal data on the following legal bases: consent (where you have given it), contractual necessity (to provide the App), legitimate interest (to improve and secure the App), and legal obligation (to comply with applicable law).
You have the right to:
- Access the personal data we hold about you.
- Request rectification of inaccurate data.
- Request erasure of your personal data.
- Object to or restrict certain processing.
- Request data portability.
- Withdraw consent at any time (without affecting the lawfulness of prior processing).
Data transfers outside the EEA are protected by Standard Contractual Clauses (SCCs) or equivalent safeguards. You may lodge a complaint with your local supervisory authority.
8. Children’s Privacy
The App is not directed to children under the age of 13 (or the applicable age of consent in your jurisdiction). We do not knowingly collect personal information from children. If we learn that we have collected information from a child, we will delete it promptly.
9. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by updating the “Last Updated” date above and, where appropriate, providing notice through the App. Your continued use of the App after changes constitutes acceptance of the updated policy.
10. Contact
For privacy-related questions or requests, contact us at privacy@baseline.marketing.