Privacy Policy — Tomorrow

Overview

This Privacy Policy describes how Tomorrow Labs, Inc. ("Tomorrow," "we," "us," or "our") collects, uses, shares, retains, and protects information about you when you use our website, mobile and web applications, and related services (collectively, the "Services"). It also describes your privacy rights and how to exercise them.

Tomorrow operates a self-custody cryptocurrency wallet with built-in succession infrastructure. The nature of the Services means certain things about how we collect and handle information are different from typical software services. Most importantly, we do not hold your private keys, your wallet recovery password, or any payment card information. We have designed the Services so that the most sensitive data is not ours to lose.

In plain English: We tried to make this readable. If you want the short version: we collect what we need to run the service (your email, your account settings, your transaction history with us, your Beneficiary's email, and some technical and analytics data). We don't hold your keys, your password, or your credit card. We don't sell your data. You can ask us what we have on you, ask us to correct it, and ask us to delete it (with limits explained below).

This Privacy Policy is incorporated by reference into our Terms of Service available at https://tomorrow.xyz/legal/terms (the "Terms"). Capitalized terms not defined here have the meanings given in the Terms.

1. Scope of this Policy

1.1 Who this Policy covers. This Privacy Policy applies to information we collect about you when you access or use the Services, whether as a registered user, a designated Beneficiary, a designated Trusted Group Member, a visitor to our website, or a person who corresponds with us.

1.2 Geographic scope. The Services are intended for and offered to residents of the United States only. We do not direct the Services to, or knowingly collect information from, residents outside the United States. If you access the Services from outside the United States, the information you provide will be transferred to, processed in, and stored in the United States.

1.3 What this Policy does not cover. This Policy does not cover the information practices of third parties whose services are integrated with the Services. These third parties have their own privacy policies, which we encourage you to review. In particular:

Dynamic Labs, Inc., a Fireblocks company. Dynamic provides the multi-party-computation ("MPC") wallet infrastructure used by the Services. Dynamic holds one of the two cryptographic key shares that constitute your wallet and processes its own information about you to provide that service. See Dynamic's privacy policy at dynamic.xyz.
Stripe, Inc. Stripe is our payment processor. When you subscribe, you are redirected to Stripe-hosted Checkout. Stripe collects and stores your payment card information directly; Tomorrow never sees or stores card numbers. See Stripe's privacy policy at stripe.com/privacy.
Blockchain networks. Public blockchains (Ethereum, Solana, Bitcoin, and others) are operated by independent communities of validators, miners, or node operators. Transactions you broadcast through the Services are recorded permanently on the relevant public blockchain. Tomorrow does not operate any blockchain. See Section 7 for further detail.
Third-party applications you connect. When you connect a decentralized application ("dApp") or AI Agent to your wallet, that third party may collect information about your interactions with it. Their privacy practices are governed by their own policies.
Other third-party service providers. The Services rely on third-party providers for authentication, database hosting, blockchain RPC access, email delivery, analytics, error monitoring, and other infrastructure. See Section 5 for further detail.

2. Information We Collect

We collect information in three ways: (a) information you provide to us directly, (b) information we collect automatically when you use the Services, and (c) information we receive from third parties.

2.1 Information you provide to us

Account registration. When you sign up, we collect your email address. You may also provide a display name. We do not require, and we do not store, a Tomorrow password — authentication is by one-time email code, and your wallet recovery password is set during Account creation and never transmitted to us (see Section 3).

Account configuration. When you create or configure an Account, we collect: the name and description you give the Account, the Account type, the trigger configuration you select (Digital Heartbeat or Trusted Group), the parameters of that trigger (check-in interval, grace period, quorum size, total Trusted Group size), the email addresses of any Beneficiary or Trusted Group Members you designate, and any optional labels you assign to your Security Keys (such as "Jim's YubiKey").

Wallet metadata. When wallets are provisioned for your Account, we receive and store: the public wallet address(es), the chain identifier, the wallet identifier issued by Dynamic, and (in encrypted form, under a key derived from your Recovery Password or registered Security Key) the wrapped recovery secret that allows the wallet to be unlocked at recovery time. We do not store your private keys, your Recovery Password in any form, or any data that would allow us to sign transactions on your behalf.

Security Key (WebAuthn) data. When you register a Security Key, we receive and store: the WebAuthn credential identifier, the relying-party identifier, a salt used in key derivation, and the wrapped recovery secret encrypted under a key derived from the WebAuthn PRF (Pseudo-Random Function) output. We do not store, and have no way to derive, the underlying biometric data, hardware-token serial number, or any other personal identifier associated with the Security Key.

Beneficiary and Trusted Group Member information. When you designate a Beneficiary or a Trusted Group Member, you provide us with that person's email address. We use this to send the invitation and, if the invitee creates a Tomorrow account, to associate their account with the membership. See Section 6 for important detail on third-party data.

Subscription information. When you subscribe, Stripe handles the collection of your payment method (card number, CVC, expiration, billing ZIP). Stripe transmits to us only: a Stripe customer identifier, a Stripe subscription identifier, the price plan you selected, the subscription status, billing period start and end timestamps, whether the subscription is set to cancel at period end, and any applied discount metadata. We do not receive or store your payment card number.

Communications with us. If you email us at support@tomorrow.xyz or otherwise contact us, we collect the content of your communication, your email address, and any other information you choose to provide.

Optional information. You may choose to provide other information through the Services, including notes attached to Trusted Group attestations or custom labels on transactions.

2.2 Information we collect automatically

Authentication and session data. When you log in, we receive an authentication token from our identity provider (Supabase). We use cookies and similar technologies to maintain your session.

Liveness data (Digital Heartbeat). If your Account uses a Digital Heartbeat trigger, we record the timestamp of each check-in, the IP address from which the check-in originated, and the user-agent string of the device used. We compute and store the next deadline timestamp based on your configured check-in interval. We use this data to determine whether the Heartbeat trigger should fire. We retain liveness records for the life of the Account and a reasonable period thereafter to support audit, dispute resolution, and the integrity of any subsequent claim.

Transaction data we observe. When you initiate a transaction through the Services, we record: a transaction identifier, the chain, the destination address, the amount, the transaction hash once broadcast, the timestamp, the wallet from which it was sent, an indicator of whether it was initiated by you directly or by an AI Agent operating under your Spending Policy, and any optional note you attach.

On-chain activity we observe. We subscribe to webhook feeds from third-party RPC providers that notify us when activity occurs on the blockchain addresses associated with your wallets. We record these events for purposes of displaying transaction history and computing Earn position snapshots. The underlying blockchain transactions are public and permanent regardless of whether we observe them; we are not the source of the public record.

Earn position data. If you use the Earn feature, we record snapshots of your Aave-protocol position, including supplied balance in USD-equivalent, borrowed balance in USD-equivalent (if any), and health factor. We use this data to display your position and to compute Rewards balances if you are enrolled in the Tomorrow Rewards program.

Spending Policy and AI Agent activity. If you connect an AI Agent, we record the Agent's name, description, peer URL, the Spending Policy you configure (auto-approve limit, max transaction limit, daily limit, token symbol), and each transaction it initiates under that Policy.

WalletConnect session data. When you connect a third-party dApp via WalletConnect, we record the session topic, peer name, peer URL, peer icon, chains in scope, and session expiration timestamp. This is used to display your active connections and to revoke them on demand.

Device and usage data. Through standard server logs and our analytics provider (PostHog), we collect: IP address, browser and operating-system identifiers, referring URL, pages or screens accessed, and timestamps of access. Through our error-monitoring provider (Sentry), we collect technical context about errors that occur during your use of the Services, including stack traces, request identifiers, and your user identifier (so we can correlate errors to support requests, not to track behavior).

Cookies and similar technologies. We use only the following categories of cookies and similar technologies:

Strictly necessary. Authentication cookies set by Supabase to keep you logged in. Without these, the Services do not function. These are not optional.
Analytics. PostHog uses identifiers to attribute page views and events to a session. Analytics data is used internally to understand product usage; it is not used for advertising and is not shared with advertisers.

We do not use advertising cookies, cross-site tracking technologies, third-party retargeting pixels, or fingerprinting. We do not participate in any data broker program. We do not use cookies to build a profile of you for sale.

2.3 Information from third parties

From Dynamic. When Dynamic provisions wallets for your Account, we receive metadata including wallet identifiers and the wallet share that resides in Dynamic's secure enclave (we never see the share itself; we only receive cryptographic outputs of operations involving it). We may also receive event notifications about wallet operations that touch Dynamic's infrastructure.

From Stripe. We receive subscription event notifications from Stripe when you subscribe, when a renewal succeeds or fails, when you cancel, and similar billing events.

From blockchain RPC providers. We receive webhook notifications from our blockchain RPC providers (currently including Alchemy) when activity occurs on the blockchain addresses we are subscribed to.

From you, about other people. When you designate a Beneficiary or Trusted Group Member, you provide information about a third party (their email). See Section 6.

3. What We Do Not Collect

Because of how the Services are designed, the following categories of information are not collected, transmitted to, or stored by Tomorrow:

Private key material. The Services use two-of-two MPC, with one key share on your device and one in a Dynamic-operated secure enclave. Neither share alone can produce a signature. Tomorrow has zero key shares. We never see, request, store, or have access to your private keys.
Recovery Password. Your Recovery Password is processed entirely within your browser and within Dynamic's infrastructure. It is never transmitted to Tomorrow in any form. We have no ability to read, reset, or recover your Recovery Password.
Payment card numbers, CVCs, or expiration dates. All payment card data is collected and handled by Stripe under their PCI-DSS-compliant systems. Tomorrow does not see your card number at any point.
Bank account numbers, routing numbers, or wire instructions. We do not move money on your behalf. We do not collect banking information.
Social Security numbers, taxpayer identification numbers, government identifier numbers, passport numbers, or driver's license numbers. We do not require or collect government-issued identifiers. We do not perform "know your customer" identity verification because the Services are non-custodial; you alone control your wallet.
Biometric data. We do not collect fingerprints, face images, voice prints, or other biometric identifiers. Where you use a biometric-protected device or platform passkey to authenticate, the biometric data is processed locally by your device or operating system and is never transmitted to us.
Sensitive demographic data. We do not collect, and we have no use for, your race, ethnicity, religion, national origin, sexual orientation, gender identity, immigration status, union membership, health information, or genetic data.
Precise geolocation. We collect your IP address, which approximates city-level location. We do not request or use GPS-precise location data.
Content of your communications with others. We do not read, scan, or analyze any messaging you exchange with other users outside the Services (we do not provide a messaging feature) or any content you exchange with Beneficiaries, Trusted Group Members, or third parties via channels other than email correspondence with us.
Information about minors. The Services are not directed to, and we do not knowingly collect information from, anyone under the age of 18. See Section 14.

4. How We Use Information

We use information we collect for the following purposes:

To provide the Services. To create and operate your Account, provision and display your wallets, render transaction history, compute Heartbeat deadlines, evaluate trigger conditions, send invitations to Beneficiaries and Trusted Group Members, process subscriptions, and otherwise make the Services work as designed.
To secure the Services. To authenticate users, prevent unauthorized access, detect suspicious activity, investigate incidents, audit operations, and respond to security events.
To communicate with you. To send transactional messages (Heartbeat reminders, Beneficiary invitations, attestation alerts, claim status, billing receipts and reminders, security notices, support responses, and material legal-document updates). You cannot opt out of transactional messages while you have an active Account; if you do not want to receive them, you must close your Account.
To comply with law. To respond to subpoenas, court orders, regulatory inquiries, and lawful requests; to enforce our Terms; to assert or defend legal claims; and to fulfill obligations imposed by applicable law including (where applicable) the California Automatic Renewal Law's renewal-reminder requirement for annual subscribers.
To improve the Services. To understand product usage patterns through aggregated analytics, to diagnose bugs through error monitoring, and to inform decisions about feature development. We do not use individual-level analytics data to make decisions that affect you as an individual.
To operate the Tomorrow Rewards program. If you enroll in Tomorrow Rewards, we use your Earn deposit amounts, balances over time, referral relationships, and cohort enrollment to compute and award points per the Rewards Program Terms.

Legal bases. We process information on the bases that (a) it is necessary to provide a service you have requested (Terms-of-Service performance), (b) it is necessary to comply with a legal obligation, (c) it is necessary to a legitimate interest of Tomorrow or a third party that is not overridden by your privacy interests (such as security, fraud prevention, and product improvement), or (d) you have consented (such as enrollment in the Rewards program). For California residents, additional disclosures appear in Section 11.

4.1 Automated decision-making

Two features of the Services involve automated decisions that materially affect your Account:

Digital Heartbeat trigger evaluation. A scheduled job runs at intervals and automatically marks an Account as triggered if its check-in deadline has passed and a configured grace period has elapsed. The decision is based solely on timestamp comparison; no judgment about your situation is made by Tomorrow personnel.
Trusted Group quorum evaluation. When a Trusted Group Member attests, a database trigger automatically evaluates whether the configured quorum has been reached and, if so, marks the Account as triggered. Again, the decision is mechanical; Tomorrow personnel do not review attestations before they take effect.

You select the parameters that govern these automated decisions (check-in interval, grace period, quorum, total Trusted Group size). You can change these parameters at any time before a trigger fires. Tomorrow does not exercise discretion in evaluating triggers; the conditions you set are the conditions we evaluate. If a trigger fires in error, please see the Terms (Section 10) for the consequences and Section 8 of this Policy for your rights.

In plain English: We don't profile you, score you, or make judgments about you. The two automated decisions we make on your Account are: "Did you miss your check-in?" and "Did enough of your Trusted Group attest?" You set the rules. We just compare numbers.

5. How We Share Information

We share information only as described in this section. We do not sell your personal information. We do not share your personal information for cross-context behavioral advertising. We do not provide your information to data brokers.

5.1 Service providers. We share information with third-party service providers that perform functions on our behalf, including: authentication and database hosting, MPC wallet infrastructure (Dynamic), payment processing (Stripe), blockchain RPC and webhook infrastructure, content delivery and hosting, email delivery, analytics, and error monitoring. We share only the information each provider needs to perform its function. These providers are contractually prohibited from using your information for their own purposes other than as necessary to provide their service to us, as required by law, or as expressly permitted by their relationship with you (for example, the relationship you have directly with Dynamic for the MPC infrastructure).

5.2 Account participants. When you designate a Beneficiary, the Beneficiary may, after acceptance, see information about your Account (Account name, wallet addresses, transaction history, and after a Trigger Event, the information necessary to complete a claim). When you designate Trusted Group Members, those members may see Account name and metadata necessary to perform an attestation. We do not share other information about you with these participants without your direction.

5.3 Compliance with law and protection of rights. We may share information when we believe in good faith that disclosure is necessary to (a) comply with a subpoena, court order, regulatory inquiry, or other lawful process; (b) enforce our Terms or other agreements; (c) protect the security, rights, or property of Tomorrow, our users, or the public; (d) detect, prevent, or respond to fraud, security incidents, or technical issues; or (e) establish, defend, or exercise legal claims.

5.4 Business transfers. If Tomorrow is involved in a merger, acquisition, financing transaction, reorganization, bankruptcy, sale of assets, or similar transaction, information about you may be transferred to the acquirer, successor, or assignee as part of that transaction. We will notify you (by email or by notice on the Services) before your information becomes subject to a different privacy policy, and we will use commercially reasonable efforts to require the successor entity to honor commitments made in this Privacy Policy.

5.5 With your consent. We may share information for purposes you specifically authorize.

5.6 Aggregated and de-identified information. We may share aggregated or de-identified information (such as platform-level statistics, anonymized usage trends, or aggregated AUM figures for the Tomorrow Rewards program) that cannot reasonably be used to identify you. We commit not to attempt to re-identify de-identified information, and we will require that any third party who receives de-identified information from us makes the same commitment.

6. Beneficiary and Trusted Group Member Information

Tomorrow's Services involve a category of information that warrants particular attention: information about people other than you that you provide to us in the course of using the Services. When you designate a Beneficiary or a Trusted Group Member, you provide us with their email address so we can send the invitation and, if they accept, give them access to the relevant features.

6.1 Your responsibility as an Owner. When you designate a person as a Beneficiary or Trusted Group Member, you represent that you have a good-faith basis to believe that person is willing to receive a communication from Tomorrow about a digital-asset succession arrangement involving you. We strongly recommend that you obtain their consent before designating them.

6.2 Our use of Beneficiary and Trusted Group Member data. We use the email address you provide solely to: (a) send the invitation, (b) reconcile the invitation against the recipient's Tomorrow account if they create one, (c) display the invitation status to you, and (d) send role-appropriate notifications if and when the role becomes active (e.g., notifying a Beneficiary that a claim is available, notifying a Trusted Group Member when an attestation is requested or when the quorum is reached).

6.3 Rights of designated invitees. A person designated as a Beneficiary or Trusted Group Member may, at any time, contact us at support@tomorrow.xyz to: (a) request that we provide them the categories of information we hold about them, (b) request that we delete that information (subject to the carve-outs in Section 9), or (c) decline the invitation. Declining or requesting removal does not remove the underlying designation made by the Owner; it removes the invitee's record from our systems. The Owner may re-designate or designate a different person, in which case the new invitee will receive a fresh invitation.

6.4 If you no longer wish to be designated. If you have received an invitation to be a Beneficiary or Trusted Group Member and do not wish to accept, simply do not accept the invitation. If you wish to be removed from our records entirely, contact us at support@tomorrow.xyz.

7. Public Blockchain Data

Blockchain networks are public, permanent, and not under Tomorrow's control. This has implications for privacy that are different from the implications of using a typical software service.

7.1 What is on-chain. Every transaction broadcast from any of your wallets is recorded permanently on the underlying public blockchain. The on-chain record typically includes the sending address, receiving address, amount, asset, timestamp, and (depending on chain) other technical metadata. Anyone — Tomorrow, other Tomorrow users, third parties, blockchain analytics firms, law enforcement, regulators — can read this data.

7.2 What is off-chain. The association between your real-world identity and a particular blockchain address is generally not on-chain. We hold that association in our systems (your account email is linked to your wallet addresses). Other parties may also hold associations between addresses and identities through their own observations, services, or analyses.

7.3 We cannot remove on-chain data. Even if you delete your Tomorrow Account, your transaction history will remain on the underlying blockchain forever. We have no ability to remove on-chain records.

7.4 Inferences. Sophisticated third parties can sometimes infer information about a person from on-chain activity patterns, even without direct identity linkage. We do not perform such analysis on you, but the public nature of the data means others may.

In plain English: Anything that happens on the blockchain is public forever. If that matters to you, treat each wallet address as if it might eventually be tied to your name, because it might be.

8. Data Retention

We retain information for as long as needed to provide the Services to you and for the additional time periods described below.

8.1 Active Account data. For as long as your Account is active, we retain account-related information including: profile data, account configuration, wallet metadata, transaction logs, liveness checks, attestations, on-chain activity events, Rewards data, subscription records, and notification preferences.

8.2 Closed Accounts. If you close your Account, we will delete or de-identify personal information associated with the Account within ninety (90) days of closure, except as follows.

8.3 Required retention. We retain the following information past Account closure for the period stated:

Subscription billing records (Stripe customer ID, subscription ID, payment dates, amounts) — seven (7) years, to comply with tax recordkeeping obligations;
Transaction logs and on-chain activity events — three (3) years, to support dispute resolution, internal audit, and any subsequent legal claim or investigation;
Claim attempt records and trigger attestation records — five (5) years, because these are forensic records relevant to potential disputes between Owners, Beneficiaries, estates, and Tomorrow;
Notification logs (records that we sent you a particular email) — three (3) years, for compliance and audit purposes;
Information subject to a legal hold (litigation, regulatory inquiry, subpoena, or other lawful process) — for the duration of the hold;
Aggregated or de-identified information — indefinitely, because it is no longer personal information.

8.4 What survives in third-party systems. Even after we delete information from our systems, copies may remain in third-party systems that we cannot fully control, including: (a) on-chain records (which we cannot delete and which are permanent); (b) records held by Dynamic, Stripe, or other service providers per their own retention policies; (c) email records held by recipients of messages we sent you or others (e.g., Beneficiary invitations sent to email addresses); (d) backups and disaster-recovery snapshots, which are purged on the standard rotation schedule of our hosting providers.

9. Your Rights

Subject to applicable law and the limitations described in this section, you have the following rights with respect to information we hold about you. We extend these rights to all users of the Services regardless of state of residence, even where not strictly required by law.

9.1 Right to know. You may request that we tell you (a) the categories of personal information we have collected about you, (b) the categories of sources from which we collected it, (c) the business or commercial purposes for collection or sharing, (d) the categories of third parties with whom we have shared it, and (e) the specific pieces of personal information we have collected about you.

9.2 Right to correct. You may request that we correct inaccurate personal information we hold about you. Some information (email address, display name, notification preferences) you can correct yourself through Account settings. For other information, contact us at support@tomorrow.xyz.

9.3 Right to delete. You may request that we delete personal information we hold about you, subject to the retention requirements in Section 8 and the following carve-outs. We may retain information necessary to: (a) complete the transaction or provide a service for which it was collected; (b) detect security incidents, protect against malicious or fraudulent activity, or prosecute those responsible; (c) comply with a legal obligation; (d) enable solely internal uses reasonably aligned with the user's expectations and the context of collection; or (e) preserve records of trigger events, claim attempts, and attestations that may bear on the rights of other parties (Beneficiaries, estates, heirs). Information that we cannot delete entirely will be de-identified or aggregated where reasonably possible.

9.4 Right to portability. You may request a copy of the personal information you have provided to us in a portable, machine-readable format. We will provide it in JSON or CSV format within a reasonable time after request.

9.5 Right to opt out of sale or sharing. We do not sell your personal information and we do not share it for cross-context behavioral advertising. There is no opt-out to invoke.

9.6 Right to limit use of sensitive personal information. We do not use sensitive personal information for purposes beyond those required to provide the Services and to comply with law. There is no further limitation to invoke.

9.7 Right against discrimination. We will not deny you the Services, charge you different prices, provide a different level of quality, or retaliate against you because you exercised any privacy right described in this section.

9.8 How to exercise your rights. To exercise any of these rights, contact us at support@tomorrow.xyz from the email address associated with your Account. We will verify your identity by sending a verification code to that email and may ask for additional information to confirm your identity if the request is sensitive or implicates rights of other users. We will respond within forty-five (45) days, or such longer period as may be permitted by applicable law if necessary, in which case we will notify you of the extension.

9.9 Authorized agents. You may designate an authorized agent to exercise your rights on your behalf. The agent must provide proof of authorization signed by you, and we may, where permitted by law, separately verify your identity directly with you.

9.10 Appeals. If we deny a privacy request in whole or in part, you may appeal by replying to our response or by emailing support@tomorrow.xyz with the subject line "Privacy Request Appeal." A different member of our team will review the appeal and respond within sixty (60) days. If we deny the appeal, we will inform you of any further remedies available under applicable law, including the right to file a complaint with the California Privacy Protection Agency or your state attorney general.

10. Data Security

We use reasonable administrative, technical, and physical safeguards designed to protect information we hold from unauthorized access, use, modification, and disclosure. Notable safeguards include:

Architectural minimization. The Services are designed so that the highest-value secrets — your private key material and your Recovery Password — are never in our possession.
Encryption in transit and at rest. Network traffic between your device and the Services is encrypted in transit using TLS. Information at rest in our database is encrypted using the encryption-at-rest controls provided by our hosting infrastructure.
Row-level security. Our database uses row-level security policies that restrict access to user data based on authenticated user identity, so that one user's data cannot be returned in response to another user's queries.
Wrapped recovery materials. Recovery secrets we do hold are wrapped (encrypted) under keys derived from your Recovery Password or Security Key, neither of which is in our possession. Even a complete database compromise would not yield decrypted recovery secrets.
Access controls. Production database access is limited to a small number of personnel with administrative responsibility, logged, and audited.
Vendor diligence. Service providers with material access to user data are selected based on their information-security posture and required to maintain commercially reasonable safeguards under our agreements with them.

No information system is completely secure. We cannot guarantee that information we hold will never be subject to unauthorized access. If a security incident occurs that materially affects your information, we will notify you and applicable regulators as required by law.

11. California Residents

This section provides additional disclosures required by, or modeled on, the California Consumer Privacy Act, as amended by the California Privacy Rights Act (collectively, the "CCPA"). Tomorrow may not currently meet the statutory thresholds that bring a business under the CCPA's requirements; we provide these disclosures and the corresponding rights as a matter of good practice and to support your exercise of state privacy rights.

11.1 Categories of personal information collected. In the past twelve months, we have collected the categories of personal information described in Section 2 of this Policy, which correspond to the following CCPA-defined categories:

Identifiers (email address, account identifier, IP address, device identifier);
Customer records information (display name, billing information through Stripe);
Commercial information (subscription status, transaction logs, Earn position data);
Internet or network activity information (page views, session data, error reports, on-chain activity associated with your wallets);
Geolocation information (approximate location inferred from IP address);
Inferences (limited to aggregate analytical insights, not used to profile individuals);

We do not collect biometric information, sensitive personal information (as defined by the CCPA, except for the email/account credential pair used to authenticate, which is treated as sensitive under the CCPA), education information, employment-related information, geolocation more precise than IP-based approximation, racial or ethnic origin, religious beliefs, union membership, sexual orientation, health information, genetic data, or contents of communications between you and any non-Tomorrow party.

11.2 Sources of personal information. Sources are described in Section 2.1 (you), 2.2 (automatic), and 2.3 (third parties).

11.3 Business and commercial purposes for collection. Purposes are described in Section 4.

11.4 Categories of third parties with whom we share. Described in Section 5.

11.5 No sale or sharing for cross-context behavioral advertising. We do not "sell" personal information and we do not "share" personal information for cross-context behavioral advertising, as those terms are defined under the CCPA.

11.6 Retention periods. Described in Section 8.

11.7 California-specific rights. Your rights under the CCPA, including the right to know, the right to delete, the right to correct, the right to limit use of sensitive personal information, the right to data portability, and the right against discrimination, are described in Section 9. The exercise of these rights is available to California residents regardless of whether Tomorrow is technically a "business" under the CCPA.

11.8 "Shine the Light." California Civil Code § 1798.83 ("Shine the Light") permits California residents to request information about disclosures of personal information to third parties for those third parties' direct-marketing purposes. We do not disclose personal information for third-party direct-marketing purposes.

12. Residents of Other States

Other U.S. states have enacted comprehensive privacy laws including the Virginia Consumer Data Protection Act, the Colorado Privacy Act, the Connecticut Data Privacy Act, the Utah Consumer Privacy Act, and others. As with California, Tomorrow may not currently meet the statutory thresholds that bring a business under any of these laws. Regardless of threshold, residents of any U.S. state may exercise the rights described in Section 9.

Some state laws require additional disclosures or procedural steps. If you are a resident of a state with a comprehensive privacy law and have questions specific to that state, contact us at support@tomorrow.xyz and we will respond consistent with the requirements applicable in your state.

13. International Users

The Services are intended for residents of the United States only and are not offered to residents of any other country. We do not direct the Services to, or knowingly accept users from, the European Economic Area, the United Kingdom, Switzerland, or any other jurisdiction with comprehensive privacy laws that would impose territorial application. Tomorrow does not assume obligations under the EU General Data Protection Regulation, the UK GDPR, or similar non-U.S. laws.

If you access the Services from outside the United States, your information will be transferred to, processed in, and stored in the United States. By using the Services, you consent to such transfer.

14. Children

The Services are not directed to, and we do not knowingly collect personal information from, anyone under the age of eighteen (18). Our Terms require that users be at least 18. If we learn that we have inadvertently collected personal information from a person under 18, we will delete that information as soon as reasonably possible. If you believe we may have collected information from a person under 18, contact us at support@tomorrow.xyz.

15. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Effective Date" at the top, and we will retain prior versions on our website. For material changes, we will provide additional notice — at minimum, an in-application notice or an email to the address associated with your Account — reasonably in advance of the change taking effect. Your continued use of the Services after the effective date of the updated Policy constitutes your acceptance of the changes.

16. Contact Us

If you have questions about this Privacy Policy or want to exercise any of the rights described in this Policy, contact us at:

Email: support@tomorrow.xyz

Mail:

Tomorrow Labs, Inc.

1301 N Broadway #66357

Los Angeles, CA 90012

When contacting us about a privacy request, please use the email address associated with your Account so that we can verify your identity.