Privacy Policy

Effective date: April 14, 2026 · Last updated: July 13, 2026

1. Introduction

This Privacy Policy describes how Towne, operated by Axiomic, LLC(“we,” “us,” or “our”), collects, uses, and protects information when you use our free, ad-free neighborhood social platform (“Service”). This Service is operated by Axiomic, LLC, based in California.

We do not sell, rent, or trade your personal information to third parties. We never have, and we never will.

This Privacy Policy should be read in conjunction with our Terms of Service, which governs your use of the platform.

2. Definitions

  • “Personal Information” means any information that identifies, relates to, or could reasonably be linked to you.
  • “Service” refers to the Towne mobile application, the website at towneapp.com, and all related features.
  • “Neighborhood” refers to the geographic community, based on your ZIP code, within which you participate.
  • “Member” refers to a registered user of the Service. “Visitor” refers to anyone accessing the public website without an account.

3. What Personal Information Is Collected

3.1 Information You Provide Directly

Account and profile information. Email address, display name, profile photo, hometown, bio, optional links to your other profiles (such as LinkedIn, X, TikTok, or a personal website), and any other details you choose to add to your profile.

Invitation and vouch information. Membership is invite-only. If you join using an invitation code from an existing Member, we record which Member vouched you in. We use this link internally to keep the community accountable and to address abuse, and to credit the inviting Member (for example, toward the Mayor badge). If you are a Member, we also store the invitation codes you create and how many neighbors have joined using them.

Neighborhood information. The ZIP code used to place you in your neighborhood. For invited Members, this ZIP comes from your invitation code. We do not currently collect a street address or block.

Content.Posts, comments, direct messages, photos, poll responses, RSVP responses, bookmarks, and flags. Content you post is visible to other members of your neighborhood according to the channel’s visibility rules (see Section 5).

Invitation requests and waitlist signups. If you request an invitation or join our waitlist without becoming a Member, we collect your name, email address, ZIP code, and any optional message you provide, and we retain this information to contact you about access and to manage invitations. This includes people whose neighborhood is already active but who do not yet have an invitation code.

Requests that come through a shared link.If you request an invitation after following a link a Member shared, we also record which Member’s link referred you, so we can notify that Member and let them welcome you in. To make that decision, the referring Member can see your name, your neighborhood, and any optional message you include with your request. They do not see your email address, which we keep and use only to send you an invitation if you are approved.

Support and feedback. When you contact support, we collect your email, the content of your message, and any attachments.

3.2 How You Sign In

Email magic link. On the web, you sign in with your email address: we send you a one-time link, and clicking it signs you in. We use your email to send these sign-in links and the notifications you opt into; we do not require or store a password.

Apple Sign-In (with the iOS app). If you choose to sign in with Apple when our iOS app is available, you authorize Apple to share with us your Apple user ID, email address (or a private relay email if you choose), and name. You control what Apple shares via your Apple ID settings. We do not receive information about your other Apple activity.

3.3 Information Collected Automatically

Device data. Device type, operating system version, app version, screen resolution, IP address, device identifiers used to deliver push notifications, and approximate region derived from your IP address.

Usage data. Features you access, posts you view (anonymized view counts are used for community moderation scoring such as the political-flag ratio), RSVP responses, and votes.

Push notification tokens. For delivering the notifications you opt into.

3.4 Location Data

Towne does not currently collect location data. We do not track your location and use no background or continuous location collection.

We reserve the right to introduce optional neighborhood-verification features in the future that may use location (for example, a one-time or time-limited residence check). If we do, we will update this Policy to describe what is collected and how long it is kept, request any permission your device requires, and provide notice as appropriate before any such collection begins.

We do not continuously track your location, and we do not use location for advertising or analytics. If we introduce optional location pins on posts in the future (for example, for Safety & Alerts or Lost & Found), any such pin would be information you choose to share with your post, not data we collect automatically.

3.5 Image Metadata (EXIF)

Photos from your device camera often contain embedded metadata such as GPS coordinates, device model, and timestamps. When you upload photos to Towne, we automatically strip EXIF metadata before storing the image. This protects against accidental disclosure of your home address or device details to other members. We recommend you also strip metadata from any images you share elsewhere online.

3.6 Contacts and Address Books

We do not sync, upload, or collect your contacts or address book. Ever. Towne never requests access to your phone contacts and never asks you to “find friends” by importing everyone you know. If you want to invite one specific person, you can type in their email address or phone number yourself. We never reach into your device’s contacts to do it for you. When you enter an email address to invite someone, Towne sends that single message on your behalf; when you enter a phone number, the message is composed in your own texting app and the number is never sent to Towne. This is a deliberate design choice: your relationships are your own, and using contact sync to accelerate growth is exactly the kind of practice we’re building Towne to avoid.

3.7 Information About Non-Members

If a member posts or comments mentioning a non-member (for example, naming a neighbor who is not on Towne), that content may reference the non-member. Members are responsible for only sharing information about others with consent. Non-members may contact [email protected] to request that content about them be removed.

If a member invites a non-member by entering their email address, we use that address only to deliver that one invitation through our email provider. We do not store it in the neighborhood’s records, sell or share it, or add it to any marketing list, and we send no follow-up. If a member invites someone by text message, the message is composed on the member’s own device and the recipient’s phone number is never transmitted to or stored by Towne.

Visitors to towneapp.com have basic request data collected as described in Section 3.3.

4. How Your Personal Information Is Used

  • To provide the Service: displaying your posts to neighbors, delivering direct messages, processing votes and notifications.
  • To place you in your neighborhood: using the ZIP code you provide. If we introduce neighborhood verification in the future, we will use information as described in this Policy for that purpose and update it accordingly.
  • For community moderation: anonymized view counts and vote tallies power the community-driven moderation system (political-flag scoring, post ranking). We may use automated systems to detect spam, abuse, or Code of Conduct violations.
  • To communicate with you: sending transactional emails (welcome, account updates, support replies) via Resend.
  • To improve the Service: privacy-first analytics to understand aggregate usage and retention. We use Vercel Web Analytics (cookie-free, hashed IPs, no individual profiling, no advertising cookies) and PostHog for product analytics such as funnels and retention. PostHog is configured conservatively: cookie-free (no cookies or local storage), no session recording, and no automatic click capture. We record only specific in-app actions (for example, that a post or comment was created), never their content.
  • To detect and prevent abuse: identifying spam, fraud, and bot activity; enforcing our Terms of Service and Code of Conduct.
  • For legal and safety reasons: see Section 6.
  • Anonymized aggregate research.We may generate aggregated, de-identified data from personal information and use or share this anonymized data for research, Service improvement, and public communication about Towne (for example, “93% of our members report better neighborhood connection”). Such data no longer identifies you.

5. Content Visibility and Public Content

Posts, comments, and direct messages are visible to other members of your neighborhood, subject to the visibility rules of each channel. Direct messages are visible only to the sender and recipient.

You should have no expectation of privacy in Content you post publicly within the Service. Other members can view, screenshot, copy, or describe your public posts and comments, and we cannot prevent that. Content shared only in direct messages is visible to the intended recipient, who can similarly screenshot or share it. Do not post anything to Towne that you would not want preserved, shared, or resurfaced later.

Photos are served from public web addresses. Photos you attach to posts, and your profile photo, are delivered through public, hard-to-guess URLs rather than being gated behind a login. Anyone who has the link, including someone who is not a Towne member, can open that image, and copies shared or cached elsewhere are outside our control. We strip location and device metadata from photos before storing them (see Section 3.5), but the image file itself is not access-restricted. (Photos sent in direct messages are stored privately.)

Posts in the Recommendations, Events, and Safety & Alerts channels are visible on the public web at towneapp.com in anonymized form. Your display name is replaced with “A neighbor in [Neighborhood].” The post body, location (if provided), and channel-specific structured fields (business name, event date, etc.) are visible. You are informed of this during post composition.

Members can share individual posts as public links. Any Member can generate a shareable web link to a specific post, for example to show it to a neighbor or to post it on another platform. Anyone who opens that link, including non-Members, can view that single post in anonymized form: your display name is replaced with “A neighbor in [Neighborhood],” and the post body, any attached photo, and any link preview are shown. The link exposes only that one post, never the rest of your neighborhood’s feed. We record internally which Member generated a given link, which we use to route join requests and to credit the sharer, and which is never shown to the public. Once shared, the anonymized post may be viewed, copied, cached, or re-shared by others in ways we cannot control or retrieve. Do not post anything you would not want shown outside your neighborhood in this anonymized form.

You can control the visibility of your profile information in your account settings.

6. When We Share Personal Information

6.1 We Do Not Sell Your Data

We do not sell, rent, or trade your personal information. We do not use advertising cookies or cross-site tracking.

6.2 Service Providers

We share data with service providers who help us operate the Service. These providers are contractually bound to use your information only to provide their service to us:

ProviderPurposeData Shared
SupabaseDatabase, authentication, file storageAccount data, content, authentication tokens
AppleSign in with AppleApple user ID, email address
ResendTransactional email deliveryEmail address, message content
VercelWebsite hosting + privacy-first Web Analytics (cookie-free, hashed IPs, no individual profiling)Standard web request data, aggregated page-view data
PostHogProduct analytics such as funnels and retention. Cookie-free, no session recording, no automatic click capture.Pseudonymous user identifier and specific in-app action events (no post, comment, message, or search content)
CloudflareBot and abuse protection (Turnstile challenge) on sign-in and invite requestsIP address, browser challenge signals

Sub-processor changes. If we add, remove, or materially change the sub-processors listed above, we will update this Privacy Policy and notify active Members in advance of the change via email and in-app notification. You have the right to object to new sub-processors by terminating your account.

6.3 Law Enforcement and Legal Requests

We may retain, preserve, or share your Personal Information with law enforcement, government authorities, or private parties if we have a good-faith belief it is reasonably necessary to:

  • Respond to a valid, binding legal request (subpoena, search warrant, court order, or other legal process);
  • Detect, investigate, prevent, or address fraud, unauthorized access, abuse, or security issues;
  • Enforce our Terms of Service or Code of Conduct;
  • Protect the rights, property, or safety of Towne, our members, or the public.

6.4 Emergency Response

For posts in the Safety & Alerts channel that indicate an imminent threat to life or public safety, we may share relevant information with emergency responders or first responders to facilitate emergency response.

6.5 Business Reorganization

If Axiomic, LLC is involved in a merger, acquisition, or sale of assets, your Personal Information may be transferred as part of that transaction. We will notify you before your Personal Information becomes subject to a different privacy policy.

7. Data Storage and Security

Data is stored on Supabase (PostgreSQL), with uploaded photos held in Supabase Storage; all data is encrypted in transit (TLS 1.2+) and at rest (AES-256). On the web, your session is held in a secure, HTTP-only cookie; in the iOS app, authentication tokens are stored in the iOS Keychain. We do not store passwords, payment card numbers, government identification documents, or biometric data.

No system is perfectly secure. If we become aware of a breach affecting your Personal Information, we will notify affected users within 72 hours of discovery via email and in-app notification, as required by applicable law.

8. Data Retention

Account data is retained while your account is active. When you delete your account, your personal data is erased from our primary production systems immediately and permanently; there is no reactivation window, so deletion cannot be undone (see Backups below for the one narrow exception).

Specific retention periods:

  • Account & profile data: while your account is active; deleted immediately upon your deletion request.
  • Posts, comments, and direct messages: deleted immediately upon your deletion request. Content that has been reshared or screenshotted by other Members is outside our control.
  • Location data: not collected at this time. If introduced for optional verification in the future, any location data will be deleted within 14 days of that check.
  • Moderation logs (reports, violations): retained up to 2 years to identify repeat violators and respond to legal process.
  • Anonymized vote tallies and aggregate statistics: retained indefinitely but no longer linked to you.
  • Waitlist signups: retained until you unsubscribe or we delete the waitlist (typically after launch in your neighborhood).

Backups. Our database provider (Supabase) maintains encrypted point-in-time backups for disaster recovery. Deleted data may persist in those backups for up to 30 days before being fully overwritten. We do not restore or query backups to recover deleted personal data except as required to respond to legal process or to recover from a disaster affecting all users.

Content that you have shared publicly and that has been cached or indexed by third parties (for example, search engines or archive services) is outside our control.

9. Your Privacy Rights

9.1 All Users

  • Access: Request a copy of your data by emailing [email protected]. We will provide it in a machine-readable format (such as JSON) within 30 days.
  • Correction: Update your profile information at any time in Settings.
  • Deletion:Delete your account via Settings → Delete Account. Your data is erased immediately and permanently; this cannot be undone.
  • Portability: On request (see Access above), we provide your data in a machine-readable format such as JSON.
  • Objection and restriction: Contact [email protected] to object to or restrict specific processing.

9.2 California Residents (CCPA/CPRA)

California residents have the right to know what Personal Information we collect, how it is used, and with whom it is shared; request deletion; and opt out of the “sale” or “sharing” of Personal Information. We do not sell or share Personal Information for cross-context behavioral advertising.

We do not use sensitive Personal Information (as defined by CPRA) for purposes other than providing the Service.

To exercise your rights, contact [email protected]. We will respond within 45 days. You may designate an authorized agent to submit requests on your behalf.

9.3 Other U.S. State Privacy Rights

Residents of Colorado, Connecticut, Delaware, Iowa, Indiana, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, and Virginia may have rights similar to those described above. Contact [email protected] to exercise your rights.

9.4 EU and UK Residents (GDPR)

The Service is directed only to residents of the United States and is not offered or marketed to residents of the European Union, the European Economic Area, or the United Kingdom, and we do not monitor the behavior of individuals located there (see Section 10). Accordingly, we do not act as a controller subject to the EU or UK General Data Protection Regulations. If you are nonetheless an EU or UK resident and believe you have rights under those laws, you may contact [email protected] and we will consider your request in good faith and respond within 30 days.

10. International Data Transfers

Towne is operated from, and is directed only to residents of, the United States. The Service is not offered or marketed to residents of the European Union, the European Economic Area, or the United Kingdom. If you nonetheless access the Service from outside the United States, you do so on your own initiative; your Personal Information will be transferred to and processed in the United States, which may have data protection laws different from those in your country, and by using the Service you consent to this transfer.

11. Children’s Privacy

Towne is not intended for use by children under 13. We do not knowingly collect Personal Information from children under 13 (“COPPA” applies). In certain U.S. states (Texas, Tennessee, Mississippi, and Maryland), you must be 18 or older to register.

If you are between 13 and 17 years of age, you may only use the Service with the consent of a parent or legal guardian, and by registering you represent that such consent has been obtained. Some jurisdictions (including California, Colorado, and Connecticut) impose additional protections on the personal information of minors; we do not sell or use minors’ information for targeted advertising under any circumstances.

If we become aware that we have collected Personal Information from a child in violation of these limits, we will delete it immediately. If you believe we may have collected such information, contact [email protected].

12. Use of Artificial Intelligence

Towne does not currently use artificial intelligence (AI) or machine-learning (ML) features to process user content in any user-facing capacity.

  • We do not train AI or ML models on your posts, comments, direct messages, photos, or any other Content you submit to the Service.
  • We do not share your Content with third-party AI services or large language models for training, fine-tuning, or inference on their behalf.
  • Content ranking and moderation on Towne are rule-based, not AI-driven. The political-flag system, post ranking, and auto-hide thresholds use transparent algorithms (time-decay, community voting ratios) that are not generative AI.

Forward-looking disclosure. If we introduce AI-powered features in the future (for example, automated spam detection, content moderation assistance, or recommendation systems), we will:

  • Update this Privacy Policy to disclose the specific AI features and their purpose;
  • Update the sub-processor table in Section 6.2 if any user Content is processed by a third-party AI vendor;
  • Comply with applicable AI transparency obligations under laws such as the EU AI Act, the Colorado AI Act, California AB-2013, and any similar state or federal regulations;
  • Where required by law, provide users with the ability to opt out of AI-driven decision-making that materially affects their account, content visibility, or access to the Service;
  • Never silently train generative AI models on user Content without clear prior disclosure and, where required by law, affirmative consent.

13. Third-Party Links

The Service may contain links to third-party websites or services that are not operated by Towne. This Privacy Policy does not apply to those third parties, and we are not responsible for their content, practices, or policies. We encourage you to review the privacy policies of any third-party services you visit.

14. Do Not Track

Our systems do not currently respond to “Do Not Track” browser signals, as no industry-wide standard for handling them has been adopted. However, we do not engage in the cross-site tracking that DNT was designed to prevent.

15. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes at least 30 days before they take effect via email and in-app notification. Continued use of the Service after changes take effect constitutes acceptance.

16. Contact

For privacy inquiries, data requests, or concerns:
[email protected]
Axiomic, LLC
24 Platt Court, Mill Valley, CA 94941