Legal

Privacy Policy

Last updated: 29 April 2026

This Privacy Policy explains how Prism Labs Ltd ("Parsley", "we", "us") collects, uses and protects information about you when you use the Parsley iOS app and the website at parsleyapp.co.uk (together, the "Service"). Parsley is designed to handle the family information you import — and we treat it with the seriousness that data deserves.

We are the data controller of your personal data for the purposes of the UK GDPR and the Data Protection Act 2018. If you have questions, contact us at privacy@parsleyapp.co.uk.

1. Information we collect

1.1 Account information

  • Email address (when you sign up with email or Sign in with Apple).
  • Apple user identifier (when you use Sign in with Apple).
  • Name or display name, if you choose to provide it.

1.2 Family content you import

  • Photos, PDF files, web pages and free text you share into Parsley using the iOS Share Sheet, photo picker or paste action.
  • Events extracted by our AI parsing pipeline (titles, dates, locations, notes, prep checklists and category).
  • Child profiles you create (first name or nickname, age range, school year, optional photo, colour and category preferences).

1.3 Device and diagnostic data

  • iOS version, device model and Parsley app version.
  • Crash logs and anonymised performance metrics.
  • Approximate region (derived from IP address at request time) so that parsing matches your local date format and time zone.

1.4 Subscription information

  • Apple-provided receipts confirming your in-app subscription state. We never see or store your payment card details — those are handled entirely by Apple.

2. How we use your information

  • To provide the core Parsley service: parsing media into events, syncing them across your devices, and saving them to your iOS Calendar.
  • To authenticate you and keep your account secure.
  • To enforce subscription entitlements and fair-use limits.
  • To diagnose crashes and improve performance.
  • To respond to your support enquiries.
  • To comply with legal obligations.

3. AI parsing — what happens to your photos and PDFs

When you import a photo, PDF or text snippet, the file is sent securely (TLS 1.2+) to our backend (Supabase Edge Functions) which forwards the content to a third-party large language model provider for the sole purpose of extracting structured calendar events. We currently use Google Gemini via the Vertex AI / Generative Language API.

  • The original media is not retained after the parse completes — it is held only in transient processing memory.
  • Our AI provider is contractually prohibited from using your content to train their models.
  • Only the structured event output (title, date, etc.) is stored against your account so you can review and save it.

4. Where your data is stored

Parsley uses Supabase (Postgres + object storage) hosted in the European Union. AI processing may transit US-based infrastructure operated by our model provider; in that case we rely on the UK International Data Transfer Addendum and Standard Contractual Clauses for the transfer.

5. Lawful bases (UK GDPR)

  • Contract — to provide the Parsley service you signed up for.
  • Legitimate interests — to keep the Service secure, prevent abuse, and improve the product (we balance these against your rights).
  • Consent — for optional analytics and product updates email; you can withdraw at any time.
  • Legal obligation — where law requires us to retain or disclose data.

6. Data retention

  • Account data is retained while your account is active and for up to 30 days after deletion to allow recovery.
  • Imported media is retained only for the duration of the parsing request.
  • Parsed events and child profiles are retained until you delete them or your account.
  • Anonymised diagnostics are retained for up to 13 months.

7. Your rights

Under UK GDPR you have the right to:

  • Access the personal data we hold about you.
  • Request correction of inaccurate data.
  • Request deletion of your account and associated data.
  • Restrict or object to processing.
  • Export your data in a portable format (JSON).
  • Lodge a complaint with the Information Commissioner's Office (ICO).

To exercise any of these rights, email privacy@parsleyapp.co.uk or use the in-app "Delete account" option in Settings.

8. Children's privacy

Parsley is intended for parents and guardians aged 18 or over. We do not knowingly create accounts for children under 13. Child profiles you create inside Parsley are records about your children — they do not constitute accounts and have no login.

9. Sub-processors

  • Supabase, Inc. — backend, database and authentication (EU region).
  • Google LLC — Gemini AI parsing.
  • Apple, Inc. — Sign in with Apple, App Store payments, push notification delivery (APNs).
  • Vercel, Inc. — hosting for the marketing website you are reading.

10. Cookies and tracking

The marketing website uses only essential cookies required to serve the page. The Parsley iOS app does not use third-party advertising SDKs and does not track you across other apps or websites.

11. Security

All traffic is encrypted in transit (TLS 1.2+). Passwords are hashed using industry-standard algorithms by Supabase Auth. Database row-level security ensures users can only access their own data. We perform regular dependency and security reviews.

12. Changes to this policy

We will update this page when our practices change. Material changes will be communicated in-app or via email. The "last updated" date at the top of this policy reflects the most recent version.

13. Contact

Prism Labs Ltd · United Kingdom
Email: privacy@parsleyapp.co.uk