OpenHood is a DIY auto maintenance logger built for iOS. This Privacy Policy explains what information we collect, how we use it, and what choices you have. We've written it in plain language — no legal jargon.
1. Who We Are
OpenHood is developed and maintained by Jacob Pallikunnel.
Website: palliklabs.com
Support email: jacobpallik@gmail.com
2. The Short Version
OpenHood is a local-first app. Your maintenance records, vehicle details, and photos live on your device by default. Cloud sync is entirely optional and only happens if you create an account and sign in. We do not sell your data, run ads, or track your behavior.
3. What Data We Collect and Why
3.1 Account & Identity (only if you sign in)
| Data |
Purpose |
| Email address | Used to create and identify your account |
| Password (hashed) | Authentication via Supabase — never stored in plain text |
| Google account info | If you choose to sign in with Google |
| Auth session tokens (UUID, JWT) | Kept in device storage to keep you logged in |
You can use OpenHood entirely without an account. Account creation is only required if you want to sync your data across devices.
3.2 User-Generated Content (what you enter)
Everything you log in the app stays on your device unless you're signed in and cloud sync is active.
- Vehicle information — make, model, year, trim, VIN, license plate, odometer readings, vehicle type, and photos
- Maintenance logs — service type, date, odometer, cost breakdowns, parts lists, free-form notes, and photos
- Preferred parts library — saved parts with name, brand, part number, cost, and photos
- Custom service tiles — your personalized service categories and shortcuts
This content is yours. We do not analyze it, share it with advertisers, or use it for any purpose other than providing the app's features to you.
3.3 Automatically Collected Data
Crash & Error Reports (Sentry)
In production builds, if the app crashes or encounters an unexpected error, a report is sent to Sentry. These reports include error messages and stack traces, breadcrumbs (recent app events leading up to the crash), and device type and OS version. We do not intentionally include your personal data in these reports. Approximately 20% of sessions are traced for performance monitoring.
Connectivity Check
On first launch, the app makes a single network request to verify your internet connection. No personal data is sent.
4. Device Permissions
| Permission |
Why We Need It |
| Camera | To photograph your vehicle or maintenance work |
| Photo Library (read) | To let you select existing photos from your library |
| Photo Library (write) | To save photos taken in the app |
| Notifications | To send local maintenance reminders — no data leaves your device |
You can revoke any of these permissions at any time in your iOS Settings.
5. What We Do NOT Collect
- GPS or location data
- Contacts
- Calendar data
- Health or fitness data
- Device advertising identifiers (IDFA)
- Usage analytics or behavioral tracking data
- Browsing history
6. How Your Data Is Stored
On Your Device (always)
- SQLite database — stores all your vehicles, logs, parts, and settings locally
- AsyncStorage — stores lightweight preferences like your active vehicle, sign-in status, and notification settings
Your local data is protected by iOS device encryption.
In the Cloud (only if you're signed in)
- Supabase (PostgreSQL) — your vehicle and maintenance data is synced to Supabase's cloud database
- Supabase Storage (S3-backed) — your photos are uploaded and stored organized by your user ID
Cloud sync only occurs when you are actively signed into an account. If you use OpenHood without an account, no data ever leaves your device.
7. How Your Data Is Shared
| Service |
Purpose |
Data Shared |
| Supabase | Database and file storage | Your vehicle/maintenance data and photos, when signed in |
| Sentry | Crash reporting | Anonymous crash logs and stack traces |
We do not:
- Sell your data to any third party
- Share your data with advertising networks
- Use your data for targeted advertising
- Disclose your data to anyone not listed above, except as required by law
8. App Store Privacy Nutrition Label Summary
| Category |
Collected? |
Linked to Identity? |
Used for Tracking? |
| Contact Info (email) | Yes, if signed in | Yes | No |
| User Content | Yes | Yes, if signed in | No |
| Identifiers | Yes, if signed in | Yes | No |
| Diagnostics (Sentry) | Yes | No | No |
| Usage Data / Analytics | No | — | — |
| Location / Contacts / Health | No | — | — |
9. Your Choices and Rights
Signed-Out Users
- All data is stored locally on your device.
- Clear local data: Go to Settings → Clear All Local Data to permanently erase your SQLite database and AsyncStorage.
Signed-In Users
- Sign out: Clears your session tokens from the device. Your local and cloud data are untouched.
- Clear local data: Erases local data only.
- Delete your account: Go to Settings → Delete Account. This permanently deletes all your cloud database records, cloud photos, and local device data. This is irreversible.
If you are located in a jurisdiction with data protection rights (GDPR, CCPA, etc.), you may also have rights to access, correct, or port your data. Contact us at jacobpallik@gmail.com.
10. Data Retention
- Local data is retained until you clear it or delete the app.
- Cloud data is retained as long as your account is active.
- Crash logs are retained by Sentry for approximately 90 days (see sentry.io/privacy).
- When you delete your account, all cloud-stored data is deleted immediately and cannot be recovered.
11. Security
- All data transmitted between the app and cloud services is sent over HTTPS
- Local data is protected by iOS device encryption
- Supabase authentication tokens are automatically refreshed and cleared on sign-out
- Passwords are never stored in plain text — authentication is handled by Supabase Auth
No system is 100% secure. If you believe your account has been compromised, please contact us immediately.
12. Children's Privacy
OpenHood is not directed at children under the age of 13, and we do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at jacobpallik@gmail.com and we will delete it promptly. This app complies with COPPA.
13. Third-Party Services
14. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we'll update the "Last Updated" date at the top. If changes are significant, we may also notify you within the app. Continued use of OpenHood after changes constitutes your acceptance of the updated policy.
15. Contact Us
Jacob Pallikunnel
Email: jacobpallik@gmail.com
Website: palliklabs.com
OpenHood — Keep your hood open, your data yours.
