Sprigged

Privacy Policy

Last updated: June 14, 2026

Sprigged is offered only to residents of the United States and Canada. We do not offer the service to residents of the European Economic Area, the United Kingdom, Switzerland, or any other jurisdiction outside the US and Canada, and this policy is written against United States and Canadian privacy law (including the California Consumer Privacy Act and the California Privacy Rights Act, and applicable provincial Canadian privacy statutes). Sprigged does not target, market to, or knowingly accept signups from individuals located outside the US and Canada.

Sprigged is a tool for spinning up small, sharable apps for informal groups — rosters, snack rotations, gear lists. This page explains what Sprigged collects, why, and the choices you have over your data.

Sprigged is operated by Brefi LLC. If you have any question about this policy, write to [email protected].

See also: our Acceptable Use Policy, which describes what you agree to do — and not do — when using Sprigged.


What we collect

Email address

When you set up Sprigged on a new device, you may provide an email address so we can send you a one-time recovery code if you lose access to your device. The code is the only thing we send to that address as part of the product. We do not use your email for marketing, do not sell it, and do not share it with third parties for advertising.

Waitlist email address

If Sprigged is invite-only when you visit and you submit your email on the landing page to join our waitlist, we store that address with Resend so we can email you exactly once when Sprigged opens up. We also send you a brief confirmation now so you know the signup worked.

You can unsubscribe at any time via the unsubscribe link in either email; that removes you from the waitlist permanently. We do not use waitlist addresses for marketing beyond the single opening announcement, do not sell them, and do not share them with third parties.

The signup form uses Cloudflare's Turnstile widget to prevent automated submissions.

Device identifier

Sprigged uses a per-install device identifier so your apps stay bound to your device without requiring you to create an account or remember a password. This identifier is generated locally the first time you open Sprigged, and is stored on your device so the same device can prove it's the same one next time. A separate one-way hash of that identifier is stored on our servers, which is how we recognise the device when it asks for access — we never need to see the original.

Push notification tokens

If you grant notification permission, the operating system gives Sprigged a push token (Apple Push Notification service on iOS, Firebase Cloud Messaging on Android). We store this token on our servers so we can notify you when group activity happens — for example, when someone accepts an invite to a patch you maintain. The token is rotated by the OS and is not personally identifying on its own. Notification bodies contain only the minimum needed to be useful — for example, the display name of the person who joined and the name of the patch. They cross Apple's and Google's push networks during delivery; both rotate and discard tokens routinely under their own privacy policies.

Content you create

Records you add inside an app you create or join — roster rows, snack assignments, whatever your app is for — are stored in a database dedicated to that patch (your shared workspace). The content of those records belongs to you and the people you share the patch with. We don't read or analyse your records to build advertising profiles or train machine-learning models.

Operational logs

Our servers keep short-lived request logs (URL paths, response codes, timestamps) to debug errors and prevent abuse. Logs do not contain the contents of your records. We rotate them on a rolling basis (typically within 30 days).

How we use what we collect

Sprigged contains no third-party analytics, no advertising trackers, no fingerprinting, and no advertising identifiers. Nothing on this site or in the apps reports back to ad networks. The fonts (Fraunces and Inter) are self-hosted from sprigged.app — your browser does not contact Google Fonts or any other third-party font CDN when rendering this site.

We use your data only to run Sprigged: to authenticate your device, let you recover access via email, deliver notifications you've opted into, sync the records inside your patches across your devices, and keep the service available and reliable. We do not sell, rent, or trade your personal information.

Sub-processors and infrastructure

Sprigged operates with four subprocessors total. Each only sees the data it needs to do its job. The four-subprocessor invariant is a load-bearing commitment of Sprigged's privacy posture — adding a fifth is treated as a material posture change, not a quiet add.

Platform-mediated channels (not subprocessors)

Separate from the four subprocessors above, Sprigged interacts with platform-mediated channels that exist to carry data the operating system or store has already taken responsibility for. These are not Sprigged's subprocessors — they are services you have already consented to at the operating-system or store level, with their own privacy regimes:

Sprigged uses the Anthropic API to help you describe and generate apps in plain language (“Build with AI”). Three things are sent to Anthropic when you're using the authoring interface: the prompts you type, the current draft of the app spec the model is helping you build (entity names, field definitions, surface layouts you've set up), and the conversation history within that authoring session (your messages and the model's prior responses). The records inside your patches — the roster rows, snack assignments, gear lists, and other content of the apps your spec describes — are never sent to Anthropic. Specs from patches you aren't actively authoring are not sent either, nor are other members' identities. Anthropic processes Sprigged's API traffic under their commercial terms; their commercial terms explicitly prohibit training models on customer API content. Anthropic retains API traffic per their Privacy Policy and applicable sub-processor list — see Anthropic's privacy policy and commercial terms for the current details.

Crash and error reports

When Sprigged's web app encounters an unhandled JavaScript error in your browser, the app sends a small report to Sprigged's own server (the same server that serves the rest of the app — no third-party error-tracking service is involved). The report contains: the error message, the stack trace, the page URL, and your browser's user-agent string. Email addresses and other sensitive substrings are stripped client-side before the report is sent, and stripped again server-side as a second pass. Reports are kept for 90 days, then deleted.

This data flow stays inside Sprigged's existing four-subprocessor scope (Cloudflare for hosting, Turso for the database). No fifth vendor is involved. Reports are capped at 20 per page session and rate-limited at the server, so a buggy page can't flood the system.

Payments and subscriptions

Sprigged offers a free tier and a Pro subscription. When you subscribe, payment is processed by the relevant provider depending on your platform (when applicable):

Payment data we receive is limited to receipt metadata — purchase status, expiry, and a transaction ID. We never see card numbers or full billing addresses. Each payment processor handles that data under its own privacy policy. RevenueCat, when used, acts as a receipt-validation broker between the store providers and Sprigged.

Auto-renewing subscription (California Civil Code §17602(a))

Sprigged Pro is an auto-renewing subscription billed at $8 per month. Your subscription renews automatically each month, on the same calendar day you started it, and your payment method is charged at the start of each renewal period unless you cancel at least 24 hours before the period ends. You can cancel at any time and keep access through the end of the current paid period: on iOS, manage or cancel from Settings → [your name] → Subscriptions; on Android, from Google Play → Profile → Payments & subscriptions → Subscriptions; on the web, from your Sprigged account page. This disclosure is provided in a clear and conspicuous manner before purchase, as required by California Civil Code §17602(a).

Cookies and on-device storage

Sprigged uses on-device storage (IndexedDB and OPFS) to keep the device identifier and an offline copy of records in patches you've opened. Sprigged sets no cookies — signing in uses a bearer token, not a cookie. On-device storage that belongs to a patch is removed when you delete the patch — and on uninstall, the operating system reclaims app storage automatically.

Retention and deletion

Records inside a patch persist for as long as the patch exists. When you delete a patch, its database and the records inside it are removed. If you want to delete your account or any data associated with your device or email, write to [email protected] and we will action the request within 30 days.

California (CCPA/CPRA) notice

Because Sprigged is offered to residents of the United States and Canada, California residents are covered by the California Consumer Privacy Act as amended by the California Privacy Rights Act (the “CCPA/CPRA”). This section is the notice required by California Civil Code §1798.130. It is provided in addition to, not in place of, the rest of this policy.

Categories of personal information we collect

The CCPA enumerates twelve statutory categories of personal information. For each, we state whether Sprigged collects it and the purpose for which it is collected:

Sources, business purposes, and recipients

The categories above are collected directly from you (the data you provide and the device you use) and from the operating system on your device (the push notification token, when you grant permission). We use each category solely for the operating purpose stated next to it. The recipients are the four subprocessors named in the “Sub-processors and infrastructure” section above — Cloudflare, Turso, Resend, and Anthropic — each scoped to the data its job requires, plus the platform-mediated channels (Apple Push Notification service, Firebase Cloud Messaging, Apple In-App Purchase, Google Play Billing, and Stripe via RevenueCat when applicable) that exist to carry the data they were designed to carry.

Retention

We retain each category only as long as it is needed for the operating purpose stated, and no longer:

No sale or sharing of personal information

Sprigged does not sell or share your personal information, as those terms are defined under the CCPA/CPRA, and we have not done so in the preceding twelve months. We do not exchange personal information for monetary or other valuable consideration with third parties, and we do not disclose personal information to third parties for cross-context behavioral advertising. Because we do not sell or share, the CCPA/CPRA right to opt out of sale or sharing does not arise here, and we do not need to provide a “Do Not Sell or Share My Personal Information” link.

Your California rights and how to exercise them

California residents have the right to know what personal information we collect, to access and obtain a portable copy of it, to correct inaccuracies, to request deletion, to limit the use of sensitive personal information (not applicable here — see above), and to not be discriminated against for exercising any of these rights. Access, portability, and deletion are exercisable directly inside Sprigged (see the “Your rights” section below — open Sprigged → YouAccountDownload my data or Delete account). For correction, or to ask a question about any of these rights, write to [email protected]. You may designate an authorized agent to make a request on your behalf by including a written, signed authorization with the request; we will verify your identity (and the agent's authority) before acting on the request.

Your rights

We honor common privacy rights regardless of where you live: access, correction, portability, deletion, objection, and consent withdrawal. We will not treat you differently for exercising any of them. The most-used rights are exercisable directly inside Sprigged, without emailing us:

Records you authored inside patches you share with others stay in those patches when you delete your account — your account identifier on those records simply no longer references an active account. If you want a record removed from a shared patch, the patch maintainer can delete it; you can also leave the patch first and then delete your account if that's the outcome you want.

Children

Sprigged is not directed at children under 13, and we do not knowingly collect personal data from children under 13. Sprigged is often used for things like a kids' soccer roster — in that case, the parent or coach running the patch is the Sprigged user; the children listed inside the patch are records the user manages, not separate Sprigged accounts.

Security

We use HTTPS for all traffic, store device identifiers and recovery codes in hashed form, and limit which of our systems can access patch databases. No system is perfectly secure; if we ever discover a breach that affects your data we'll let you know without unnecessary delay.

International transfers

Sprigged's infrastructure is hosted in the United States and on Cloudflare's global edge network. Sprigged is offered only to residents of the United States and Canada, so this section applies only to data flowing between those two jurisdictions and our US-hosted infrastructure.

Changes to this policy

When we change this policy, we'll update the "Last updated" date at the top. Material changes — anything that meaningfully expands what we collect or who we share it with — will also be surfaced inside the app before they take effect.

Contact

Brefi LLC
[email protected]