Tomoni Privacy Policy.

What Tomoni is, in one paragraph.

Tomoni is a personal AI companion for iPhone, built by exp² PBC, a Delaware Public Benefit Corporation. She helps you stay on top of your inbox, your calendar, and the parts of your life you've asked her to pay attention to. She is designed so that what she learns about you lives on your device, not on our servers. This policy explains what that means in practice — what we collect, where it lives, and what we never do with it.

The short version.

1. Where your data actually lives.

Tomoni is unusual in how she handles memory. Most AI products keep everything they learn about you on their servers. Tomoni does not.

1.1 On your device

The memory card — the record of what Tomoni has learned about you, including the synthesized understanding that compounds over time — lives in iOS's local storage on your device. It is not uploaded to exp² servers. It does not transit our infrastructure.

Your conversations with Tomoni are stored on your device. Your OAuth tokens (for Gmail, Outlook, Slack, and other connected accounts) are stored in the iOS Keychain on your device.

1.2 In your private iCloud

Tomoni syncs your memory card across your own Apple devices using Apple's iCloud Key-Value store. This sync happens inside your private iCloud account — not through exp². We cannot read, copy, or access the contents of this sync. If you delete your iCloud data through Apple's settings, we cannot undelete it on your behalf.

1.3 On our servers

We retain a minimal set of data required to operate the service:

• Your account identifier (from Sign in with Apple or your chosen authentication provider)
• Your name (the preferred name you set during onboarding)
• Your email (your account email; if you used Sign in with Apple's "Hide My Email" relay, we receive only the relay address, not your real email)
• Your profession (the single field you set during onboarding, used to calibrate Tomoni's voice)
• Generated summaries, so they are available if you switch or reinstall your device
• Operational metadata: token usage counts, message counts, rate-limit timestamps, and a device identifier (described in Section 2.3)
• First-party product analytics: time spent on pages within the app (described in Section 2.3)
• Waitlist email addresses submitted on tomoni.exp2.io, stored in a separate isolated database
• Encrypted crisis-detection logs, where applicable (described in Section 4)

We do not store your conversations, your memory card, your email content, your calendar content, or any raw content from connected accounts.

2. What we collect and why.

2.1 Information you give us directly

• Your name (preferred name)
• Your email (account email or Apple Hide My Email relay)
• Your profession (a single field from onboarding)
• Account-level settings and preferences you configure in the app

We use this information to generate summaries in your voice and to calibrate how Tomoni speaks with you. We do not collect demographic data, location data, behavioral profiles, or psychographic data.

2.2 Information from connected accounts

When you connect Gmail, Google Calendar, Outlook, Outlook Calendar, Apple Calendar, Apple Reminders, iCloud Mail, Slack, or any other supported integration, Tomoni accesses:

• Email metadata and content (subject, sender, recipients, body, timestamps)
• Calendar events (title, time, location, attendees)
• Message content from supported messaging services
• For Apple integrations: Reminders, HealthKit data, HomeKit data, and other surfaces you explicitly grant permission for

This content is accessed solely to generate your personalized summaries and to answer the questions you ask Tomoni. It passes through our infrastructure in memory during a request; it is not written to persistent storage on our servers.

2.3 Operational metadata and product analytics

We retain a small amount of operational data required to run the service securely, prevent abuse, and improve product quality:

• Token usage: aggregate counts of input and output tokens consumed by your account, used for rate-limiting and capacity planning. Token counts do not include the content of your messages.
• Message count: the number of messages you have sent to Tomoni in a given window, used to enforce rate limits.
• Time spent on pages within the app: first-party product analytics used to understand which features are useful and which are not. This data is collected by us directly. We do not use third-party analytics SDKs (e.g., Google Analytics, Mixpanel, Amplitude) and we do not transmit this data to any third party.
• A device identifier: we store a unique identifier for the device that submitted each request, used to detect and block abusive usage patterns. The identifier is not linked to your real identity beyond your existing account record.
• Rate-limit timestamps: when your account or device last hit a usage limit.

None of this metadata contains the content of your messages, emails, calendar events, or any other substantive information about you.

2.4 Waitlist signups

If you submit your email address on tomoni.exp2.io or any other exp² PBC waitlist form, that email is stored in an isolated database used solely to notify you when access becomes available. Waitlist email storage is structurally separated from the account system used by the Tomoni app. You can request removal at any time by writing to contact@exp2.io.

3. How your messages are processed.

When you talk to Tomoni, your message passes through our infrastructure on its way to Anthropic's Claude API, which generates Tomoni's response. Anthropic processes this traffic under their Zero Data Retention (ZDR) policy. Under ZDR, Anthropic does not retain your conversation data beyond the processing of each individual request, subject to a safety review window of up to seven days, after which the data is permanently deleted.

Anthropic's privacy policy, which governs their handling of this traffic, is available at anthropic.com/legal/privacy.

4. Crisis detection and safety logs.

Tomoni includes a crisis detection system that monitors conversations for signs of acute distress and, when those signs appear, surfaces mental-health resources to you. This system does not make clinical diagnoses. It identifies patterns that may indicate distress and ensures that crisis resources are visible at moments when they may matter.

4.1 How detection works, and what gets recorded

Crisis detection operates in three stages. The first stage runs on your device: a keyword and density scan over a short window of your most recent messages. When that scan finds a pattern that may indicate distress, the crisis resources surface immediately.

The second and third stages run on our servers. They use AI safety-evaluation models (Anthropic's Claude Haiku and Claude Opus, accessed through Anthropic's API) to classify whether the detected pattern reflects something personal and whether it rises to the level of an acute crisis. These stages exist so that the system does not over-trigger on incidental keyword matches, and so that it can distinguish between a casual reference and an event that warrants attention. The AI safety-evaluation models do not retain your data after producing their classification.

When the system activates, Tomoni assembles a safety log describing what happened. The log contains: the message window that produced the detection, the classifications returned by the AI safety-evaluation models, whether and how you engaged with the crisis resources that were surfaced to you, and a set of contextual signals drawn from your memory card that may help establish what kind of moment this was — including emotional context, key remembered moments, open conversational threads, and milestone arcs. The purpose of including these contextual signals is to make the log meaningful in the rare event it ever has to be reviewed. A bare message window without context can be easily misread.

The safety log is uploaded to our servers when one of the following happens: you tap "Dismiss" or "I will seek help" on the crisis resources prompt; the system completes its evaluation and reaches a final classification without you having interacted with the prompt; or you close the app while a detection event is still pending. We disclose the full behavior here so that you understand it in advance of any moment when it might apply to you.

4.2 How safety logs are protected

Safety logs travel from your device to our servers over TLS-encrypted connections, which protect them from interception while in transit. On our servers, before the log is written to durable storage, it is encrypted at rest using a key held in our cloud infrastructure provider's secrets vault. The key is never exposed to the application code that handles incoming logs; it is invoked only at the moment of encryption. Once encrypted at rest, the log can be decrypted only by re-invoking the vault key, which is access-controlled.

We are precise about what this architecture is and is not. It is not end-to-end encryption — the device does not encrypt the log before transmission, and the unencrypted log briefly exists in memory on our server during the encryption step. What this architecture does protect against is: interception of logs in transit (TLS), unauthorized read access to our durable storage (encryption at rest), and casual access by infrastructure personnel (the vault key is access-controlled). Decryption requires explicit invocation of the vault key by an authorized actor.

The metadata stored in unencrypted form alongside each encrypted log is limited to: your account identifier, the timestamp of the event, the version of the app that produced it, a single label indicating the system's final classification (crisis, false-positive, or no-response), and the bookkeeping fields required to deduplicate and retry uploads. The substantive content of the log — message windows, model classifications, memory-card-derived signals — is inside the encrypted blob.

4.3 Why these logs exist

Safety logs exist on the recommendation of legal counsel, for two narrow purposes: to demonstrate that the crisis-detection system operated correctly when it activated, and to preserve a record that can be reviewed if a question is later raised about a specific event. They are not used for product analytics, model training, advertising, or any commercial purpose, and they are not reviewed in the ordinary course of operating Tomoni. Decryption of an individual log requires explicit invocation of the vault key by an authorized actor at exp² PBC, and would occur only in response to a valid legal process or in connection with a specific safety inquiry.

4.4 Retention after account deletion

The retained log includes the encrypted payload, your display name and connected email addresses as they existed at the time of the event, and the five-year retention timestamp itself. After five years from the event date, the safety log is automatically and permanently deleted from our systems.

5. Third parties.

5.1 Anthropic

Tomoni is powered by Claude, an AI model developed by Anthropic, PBC. Your messages are transmitted to Anthropic's API for processing under the Zero Data Retention policy described above. The AI safety-evaluation models used in crisis detection (described in Section 4.1) are also Anthropic models accessed through the same API under the same retention terms.

5.2 Supabase

We use Supabase to host our account system and store the small amount of server-side data described in Section 1.3, along with encrypted crisis-detection logs as described in Section 4. Supabase encrypts data at rest and enforces row-level security policies that restrict access to your own records.

5.3 Google, Microsoft, Apple, and other connected accounts

When you connect a third-party account (Google, Microsoft, Apple, Slack, or others), you authorize Tomoni to access data from that account through OAuth or equivalent permission flows. The terms of service and privacy policies of those providers govern the data we receive from them. You can revoke Tomoni's access at any time through the App's Settings.

5.4 What we do not share

Beyond the third parties named above (all of which are strictly necessary to deliver the service), we do not share your data with anyone. We have no advertising partners, no analytics vendors, no data brokers, and no marketing platforms with access to your information.

6. Data storage and security.

6.1 On-device encryption

Data stored on your device — including your memory card, conversations, and OAuth tokens — is protected by iOS's file-system encryption and, where applicable, the iOS Keychain. Access to this data requires that your device be unlocked.

6.2 Transit

All network traffic between the Tomoni app and exp² infrastructure uses TLS. Traffic between our infrastructure and Anthropic's API also uses TLS.

6.3 Server-side encryption

The small amount of data we do retain on our servers (account identifier, onboarding profile, summaries, operational metadata) is protected by Supabase's encryption-at-rest and row-level security policies.

6.4 What this posture means in practice

What we don't hold, we can't lose, can't leak, and can't be subpoenaed for. Keeping user data on the user's device is deliberate. It is better for you, and it is better for us.

7. Your rights and how to exercise them.

You have the right to:

• Access the data we hold about you. Contact us at contact@exp2.io and we will provide a complete export of the server-side data associated with your account.
• Correct any inaccurate data we hold about you.
• Delete your account and all associated server-side data. Within the app, go to Settings → Privacy & Reset → Delete all data. This removes your account data from our servers and wipes the memory card and conversations from your device. Encrypted crisis-detection logs are the one exception — they are retained for five years from the date of the event as described in Section 4.
• Disconnect any connected account at any time from Settings. Revoking access stops us from reading any further data from that account; previously generated summaries remain in your account unless you also delete them.
• Object to processing of your data. Contact us at contact@exp2.io.

If you delete your data from within Tomoni, we cannot recover it. Memory card content synced to your private iCloud Key-Value store is controlled by Apple and may need to be deleted separately through Apple's settings.

7.1 California residents (CCPA / CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act and California Privacy Rights Act, including the right to know what categories of personal information we collect, the right to request deletion, the right to opt out of the sale or sharing of personal information, and the right to non-discrimination for exercising these rights. We do not sell personal information, and we do not share it with third parties for cross-context behavioral advertising. To exercise your California rights, write to contact@exp2.io.

7.2 European Economic Area, United Kingdom, and Switzerland residents (GDPR / UK-GDPR)

If you are located in the European Economic Area, United Kingdom, or Switzerland, you have additional rights under the General Data Protection Regulation and the UK-GDPR, including the rights of access, rectification, erasure, restriction of processing, data portability, and objection to processing. You also have the right to lodge a complaint with your local supervisory authority. We process personal data based on (a) your consent, (b) the performance of our contract with you to deliver the Tomoni service, and (c) our legitimate interests in operating and improving the service, depending on the data and the processing activity. To exercise your GDPR rights, write to contact@exp2.io.

8. Children's privacy.

We do not knowingly collect personal information from users under the age of 18. If we become aware that a user under 18 has created an account, we will terminate that account and delete the associated data immediately. Parents or guardians who believe a minor is using Tomoni should contact us at contact@exp2.io.

9. International data transfers.

exp² PBC is based in the United States. If you are located outside the United States, data you submit to Tomoni may be processed in the United States and in the regions where our service providers (Anthropic, Supabase, the connected-account providers you authorize) operate. By using Tomoni, you consent to this processing.

For users in the European Economic Area, United Kingdom, or Switzerland, transfers of personal data to the United States are conducted on the basis of, where applicable, the European Commission's Standard Contractual Clauses (SCCs) and the UK Addendum to the SCCs, supplemented by appropriate technical and organizational measures including encryption in transit and at rest, on-device data minimization, and the architectural safeguards described throughout this policy. Where our service providers maintain certifications under the EU-U.S. Data Privacy Framework, those certifications also apply.

10. Changes to this policy.

We may update this policy from time to time. When we do, we will update the date at the top of this page. Material changes — particularly any changes to what we collect or how we use it — will be communicated to active users by email. Your continued use of Tomoni after changes constitutes acceptance of the updated policy.

11. Contact.

exp² PBC (Experience Experiment)
A Delaware Public Benefit Corporation
Moses Pan, Founder
contact@exp2.io
Los Angeles, California

For privacy questions, data requests, or concerns, please write to contact@exp2.io.

Version 1.4 · June 2026