Privacy Policy

DRAFT — NOT READY TO PUBLISH. This file is a Claude-generated factual scaffold of what TenFour actually collects, uses, and shares as of 2026-05-04. Per Anthony's standing instruction ("Privacy Policy + Terms of Service required for App Store. Should be human-written, not AI-generated"), the prose below should be rewritten in his voice before publishing at https://10four.app/privacy. Where a section starts with DRAFT NOTE:, that's a flag to Anthony — replace with his own wording, not mine.

Last updated: TBD (set when published) Effective date: TBD

1. Who we are

TenFour is a mobile app for professional truck drivers. The app is published by TenFour (DBA / legal entity TBD — Anthony, fill in once business entity is incorporated). The contact email for privacy questions is support@10four.app.

DRAFT NOTE: if you haven't formed an LLC/business entity yet, you can publish v1 of this policy as your sole-proprietor identity (your legal name + contact email). Update before public App Store launch.

2. What this policy covers

This policy explains what personal information the TenFour mobile app collects, how it's used, who it's shared with, and how long it's kept. It applies to the iOS app distributed through Apple's App Store and TestFlight, the Android app (when distributed), and the legal pages hosted at 10four.app.

3. Information we collect

3.1 Information you give us

When you create an account or use TenFour, you may provide:

• Email address (required, used for sign-in and OTP delivery)
• Phone number (required at sign-up; used for identity verification and to make in-driver-network reviews trustworthy)
• Handle (a unique public username you choose)
• Display name (optional)
• Profile photo / avatar (optional, uploaded to Supabase Storage)
• Driver profile fields: home state, rig model, years of experience, carrier name, driving setup (solo / team / owner-operator / etc.), active vehicle
• Channel and message content you post: text messages, voice messages, voice-channel audio (audio is real-time only and is not recorded or stored by TenFour — see section 5)
• Hazard reports: category (e.g., "weigh station", "accident"), free-form description, the GPS coordinates at the moment you submit the report
• Trip log entries: origin, destination, manually entered mileage, trip type (e.g., loaded / deadhead), away-overnight flag (for per-diem tracking), notes, GPS coordinates at trip start and end, optional audit-substantiation fields
• Detention timer entries: shipper / customer / load reference, optional notes, GPS coordinates at start and end of the timer
• Place recommendations and reviews: the place you add (name, category, location), star ratings and review text you write, reports you file on existing places
• Friend graph: which other TenFour users you've sent or accepted friend requests with
• Notification preferences: which kinds of pushes you want to receive

3.2 Information we collect automatically

• Device push token: a per-device token from Apple's Push Notification service (via Expo) so we can deliver notifications. Stored alongside platform (iOS / Android) and app version.
• Live location (only while you grant permission): your current GPS coordinates are used in real-time to show nearby hazards, recommendations, and parking pins on the map. Live location is not stored on our servers — it is read from the device and used in the request, then discarded. Snapshots of GPS coordinates are stored when you explicitly create a hazard report, trip log entry, or detention timer (see 3.1).
• Voice channel participation metadata: which channels you've joined and when (used to power the lobby presence indicator). Voice audio itself is real-time and not retained.
• Device platform and app version: so we can support the app and roll out fixes.

DRAFT NOTE: confirm with Anthony — currently we do NOT collect device identifiers (IDFA, advertising IDs), analytics, or crash reports beyond what Expo collects by default. If we add Sentry, PostHog, etc., update this section.

3.3 Information we do NOT collect

• We do not collect or use your advertising identifier (IDFA on iOS).
• We do not run third-party analytics or ad SDKs.
• We do not collect your contacts, calendar, photos beyond images you explicitly choose for an avatar, microphone audio outside live voice channels, or camera content.
• We do not track your location in the background outside of features you've activated and given Apple's required permission for.

3.4 Information from third parties

• Apple sends us your TestFlight tester identity (name and email) when you accept a TestFlight invite. This is used solely to identify which testers are in the beta.
• Supabase is our auth and database provider; sign-in credentials and session tokens are managed by their auth service. Session tokens are stored on your device in iOS Keychain (via expo-secure-store).

4. How we use information

We use your information to:

• Operate the core features of TenFour (map of nearby hazards and places, voice channels, text messages, trip and detention logging, recommendations, friend graph)
• Authenticate you and protect your account
• Send transactional emails: sign-up OTP, password reset, account-related notifications
• Send push notifications you've opted into (e.g., friend requests)
• Enforce our community standards: ban abusive users, remove invalid hazard reports, respond to user reports
• Diagnose and fix bugs (via Apple's standard crash and performance telemetry)

We do not use your information for advertising, profile-building for marketing, or sale to third parties.

5. Real-time voice and audio

When you join a voice channel or send a voice message, audio is processed in real time by LiveKit Cloud (our voice-channel infrastructure provider). Voice channel audio (live conversations) is not recorded or stored by TenFour or LiveKit. Voice messages (asynchronous, in chat) are stored in Supabase Storage as audio files and delivered to other users in the channel.

DRAFT NOTE: confirm storage retention for voice messages. Currently they're retained alongside the chat history of the channel — define retention policy here (e.g., "deleted with the channel" or "retained for X days").

6. Who we share information with

TenFour shares information only with the service providers we use to operate the app:

• Supabase, Inc. — database, authentication, storage, edge functions, realtime channels. (Supabase privacy policy)
• LiveKit, Inc. — real-time voice infrastructure. Audio is processed in real time and not retained. (LiveKit privacy policy)
• Apple, Inc. — App Store distribution and Apple Push Notifications. (Apple privacy policy)
• Google LLC — Google Places API for address autocomplete and geocoding. Search queries you type into the trip-origin / destination fields are sent to Google. (Google privacy policy)
• Resend — transactional email delivery (account verification, password reset). (Resend privacy policy)
• Expo, Inc. — push notification delivery (token routing only; Expo's servers do not see message content beyond what's needed to deliver). (Expo privacy policy)

We do not sell your personal information. We do not share it with advertisers or data brokers.

If TenFour is ever acquired or merged with another company, your information may transfer to the new owner — but only under privacy terms at least as protective as these.

DRAFT NOTE: if any provider above is dropped or replaced, update this list before that change ships.

7. How long we keep information

• Account data and profile — kept while your account is active. If you delete your account, profile data is deleted within 30 days. Trip log entries are retained as anonymized rows (user_id set to NULL) for our own audit-trail integrity, with no personally identifying information attached.
• Hazards — automatically expire and are deleted based on category-specific TTLs (cop reports: 30 minutes; accidents/closures: 4 hours; weigh stations: 6 hours; etc.).
• Voice channel participation logs — retained for 30 days for moderation and abuse-investigation purposes, then deleted.
• Push tokens — deleted on sign-out, when Apple/Expo reports the token is no longer valid, or when your account is deleted.

DRAFT NOTE: confirm retention windows. The TTLs above match the database schema; the 30-day moderation retention is a placeholder you should confirm or change.

8. Your rights

You can:

• Access the data on your profile by viewing it in the app.
• Update profile and notification settings in the app.
• Delete your account by emailing support@10four.app. We delete within 30 days, except where we're legally required to retain (e.g., for fraud prevention or regulatory compliance — which presently does not apply).
• Export your trip log entries — in-app export ships in a future version; until then, email support@10four.app and we'll export your data manually.
• Object to specific processing or withdraw consent for any optional collection at any time.

If you're in California (CCPA) or the European Economic Area (GDPR), you have additional statutory rights. Contact us at the email above to exercise them.

DRAFT NOTE: California / EU-specific clauses are minimal here because TenFour's user base is US trucker-focused. If you ever expand internationally or get California-specific traffic, expand this section. Apple's reviewers will sometimes flag missing CCPA / GDPR clauses for apps distributed in those markets.

9. Children

TenFour is intended for users 18 years and older. We do not knowingly collect data from anyone under 18. If you believe a child under 18 has signed up, contact us at support@10four.app and we will delete the account.

10. Security

We protect your information with standard industry practices:

• All network traffic uses HTTPS / TLS.
• Supabase auth credentials are stored on your device in iOS Keychain via expo-secure-store.
• Passwords are never stored in plain text — Supabase hashes them server-side.
• Database access is locked down with row-level security: users can only read and write their own data, with narrow exceptions for genuinely public content (channel messages within channels they've joined; hazard reports on the map).

No system is perfectly secure. If you suspect your account has been compromised, contact us at support@10four.app immediately.

11. Changes to this policy

We may update this policy as TenFour evolves. Material changes will be announced in-app and the Last updated date above will change. Continued use of TenFour after the effective date of an update constitutes acceptance of the new policy.

12. Contact

Questions about this privacy policy or TenFour's privacy practices?

• Email: support@10four.app
• Mailing: TBD (Anthony — fill in business mailing address before public launch)