Privacy policy
Updated July 2026 · Effective July 3, 2026
The short version: we collect only what OnOtto needs to work, we store it with reputable providers in the United States, we never sell your data, and you can have all of it deleted by emailing hello@onotto.com. The long version below is written to be actually readable.
What we collect, and where it lives
Your account
When you create an account we collect your email address and name. Sign-in and account credentials are managed by Amazon Cognito (part of Amazon Web Services). We never see or store your password — Cognito handles it with standard cryptographic hashing.
Your household and task data
The tasks you create, their schedules and history, your household's members and their assignments, and streak/leaderboard activity are stored in Amazon DynamoDB, in AWS data centers in the United States. This data exists so the app can do its job; we don't mine it for advertising and we don't sell it.
Documents you upload
Appliance manuals, inspection reports, and other documents you upload are stored in Amazon S3 (US), private to your household. When you use AI scanning, the document is processed to extract maintenance tasks; the document itself stays in your vault until you delete it or your account.
Payments
Billing is handled entirely by Stripe. We never see, receive, or store your card number — Stripe sends us only what we need to run your subscription: which plan you're on, its status, and the last four digits of your card so you can recognize it in your billing settings.
Reminder emails, account emails, and (if you subscribed) the newsletter are sent via Amazon SES. Newsletter signups store your email address and the page you subscribed from, used only to send you the newsletter. Every newsletter includes an unsubscribe link that works immediately.
Analytics
We use PostHog and Google Analytics to understand which pages and features are useful — page views, button clicks, and feature usage, tied to a random identifier rather than your name. We configure analytics to be as anonymous as practical, and we honor browser opt-out signals: if your browser sends Global Privacy Control or Do Not Track, our sites load no analytics at all — no scripts, no requests, no cookies.
What we don't do
- We don't sell your data. Not to advertisers, not to data brokers, not "anonymized," not ever.
- We don't run third-party advertising or ad trackers on our sites or in the app.
- We don't read your documents for any purpose except the scanning you explicitly request.
- We don't send marketing email to app users who haven't opted in to the newsletter.
Who else touches your data
Only the processors named above — AWS (Cognito, DynamoDB, S3, SES), Stripe, PostHog, and Google Analytics — each of which processes data solely to provide their service to us under their own privacy and security commitments. Beyond that, we'd disclose data only if legally compelled to, and where permitted we'd tell you first.
How long we keep it
As long as your account exists, so the app can work. If you cancel a paid plan, your data stays intact on the free tier. If you delete your account — or ask us to — we delete your personal data, household data, and uploaded documents from live systems promptly, with residual copies aging out of encrypted backups on a fixed schedule. Records we're legally required to keep (like payment records held by Stripe) are kept only as long as the law requires.
Your rights
Wherever you live, we extend the same rights to everyone: ask us what we hold about you, ask for a copy, correct it, or delete it entirely. Email hello@onotto.com from the address on your account and we'll handle it — deletion requests are confirmed when complete.
Children
OnOtto is not directed at children under 13, and we don't knowingly collect their data. Household members you invite should be old enough to hold the account under the terms of our service.
Changes to this policy
If we change this policy in any way that matters, we'll update the date at the top and notify account holders by email before the change takes effect. We won't quietly weaken it.
Contact
Questions, requests, or concerns: hello@onotto.com.