Skip to main content

Privacy Policy

Last updated: July 12, 2026

TrytonApp (“Tryton,” “we,” “us,” or “our”) operates the Tryton mobile application (the “App”), the website at trytonapp.com (the “Site”), and related web tools such as the organization admin portal. This Privacy Policy explains what information we collect, how we use it, and your choices regarding that information.

1. Information We Collect

1.1 Account Information

When you create an account, we collect:

  • Email address
  • If you register with email and password: password stored as a cryptographic hash (we never store plaintext passwords)
  • If you use Sign in with Google or Sign in with Apple: you may not have a separate Tryton password; the provider authenticates you under its own terms and policies
  • First and last name (entered in the App or pre-filled from your Google or Apple account when you use social sign-in)
  • Field of study and year in school (optional in some flows; may be required when joining an organization as a member)

If you choose Sign in with Google, Google processes certain information when you authenticate. How Google uses that data is described in Google's Privacy Policy. We receive from our authentication provider (Supabase) the identifiers and profile elements Google shares for that login (typically including your email address and name), which we store and use as described in this policy.

If you choose Sign in with Apple, Apple processes certain information when you authenticate under Apple's Privacy Policy. If you use Apple's “Hide My Email” feature, we may receive a private relay email address instead of your personal email. We store and use the identifiers Apple shares for that login as described in this policy.

1.2 Organization Information

When you create or join an organization, we collect:

  • Organization name, university, and type (e.g., fraternity, sorority, study group)
  • Your role within the organization (owner, admin, member, or advisor/observer)
  • Invite code usage
  • Optional referral or attribution information provided during organization setup

1.3 Location Data

Location data is central to how Tryton works. We collect GPS coordinates (latitude and longitude) in the following situations:

  • Zone creation and editing — to place study zones on the map
  • Zone detection — to verify you are within a study zone when starting a session
  • Active study sessions — while a session is active, we run periodic checks (typically on a few-second interval while the App is open) to help confirm you remain in the zone. When you grant background or “Always” location access, we may also receive limited location updates from the operating system only for the duration of an active study session so zone and session rules can still be evaluated when the App is not in the foreground. Background updates are throttled by the OS (for example by time or distance) and are not continuous tracking.
  • Session start and end — your entry and exit locations are recorded with each study session (subject to availability and accuracy of GPS)
  • Pulse checks — if your organization enables presence verification, we may send you local notifications on a schedule they configure. We record pulse request, response, and outcome timestamps (for example verified, missed, or cancelled). We do not store a separate GPS location solely for confirming a pulse. Enforcement of missed pulses does not depend on whether you receive or open a notification; the App evaluates session rules when it runs, including after you return to the App.

We use “balanced” accuracy for session-related location updates and, in the foreground, may reject readings with accuracy worse than 100 meters for certain checks. We do not use location for study sessions when you are not in an active session, and we stop session-scoped background location when your session ends or you log out. Precise geolocation is sensitive personal information under California law and is used only for the purposes described in this policy.

1.4 Study Session Data

When you use the App to track study hours, we collect:

  • Session start and end times
  • Session duration
  • The zone where the session took place
  • Session status (active, completed, paused, or cancelled)
  • When pulse checks are enabled for your organization: pulse request and expiry times, pulse outcome (for example verified, missed, or cancelled), and related timestamps stored with your session
  • Session integrity and fraud-prevention signals (for example mocked-location flags, ended reason, and session source or device metadata used to apply server rules)

Study session start, completion, and certain sync operations are processed through secure server functions so that times and rules are applied consistently with your organization's settings. Offline or delayed completions may be accepted within limits defined on the server.

1.5 Academic and GPA Data (Pro Plus)

If your organization subscribes to Pro Plus, owners, admins, and advisors/observers may enter or view academic information used for organizational study-hour compliance, including course grades, credit hours, calculated GPA, GPA-related tags (such as At Risk or On Probation), and auto-assigned study-hour rules based on GPA thresholds.

Tryton is not an educational institution and is not your school of record. Academic data is stored in our systems with the same access controls as other organization data (including row-level security) but is not end-to-end encrypted. Organization officers who enter or use grades are responsible for collecting that information lawfully and for their own institutional or organizational policies. We process this data as a service provider to operate the App features your organization enables.

1.6 Accountability and Fines

Where your organization enables accountability or fine features, we may store fine amounts, status, due dates, and related evidence (such as study-hour shortfalls) tied to your membership. Owners and admins manage these records within the organization.

1.7 Device, Notifications, and Usage Data

  • Error and crash reports — collected via Sentry, including device model, OS version, stack traces, breadcrumbs, and associated user ID and email when available
  • Push notification tokens — Expo push token and related device identifiers so we can deliver push notifications when you allow them
  • Product analytics events — first-party events stored in our database (not a third-party advertising SDK), such as signup completed, organization created, export generated, or monetization funnel steps, to understand feature usage and improve the product. These events are typically retained for about 90 days

1.8 Payment and Sponsorship Information

Organization subscription payments may be processed through Stripe (for example web checkout or sponsorship payment links) and/or through RevenueCat together with the Apple App Store or Google Play for in-app purchases. We do not receive or store your full credit card number, CVV, or billing address. Processors provide us with transaction confirmations, subscription status, and related identifiers (such as email or organization ID) needed to unlock features and support billing.

If someone sponsors an organization's subscription, we may collect the donor name, email, graduation year, and related consent or unsubscribe information so we can process the sponsorship and send transactional messages with an unsubscribe option.

1.9 Website Analytics

On trytonapp.com we may use Google Analytics cookies and similar technologies to understand site traffic and improve the Site. The mobile App does not use Google Analytics cookies. See our Cookie Policy for details and opt-out options.

1.10 Data Stored on Your Device

The App stores limited data locally on your device for offline functionality and preferences:

  • Authentication session tokens
  • Theme preference (light, dark, or system)
  • Onboarding completion status
  • Cached active session data, session engine state needed to resume after an interruption, and a queue of pending start/end operations (synced to the server when connectivity is restored)

1.11 Consent Records

When you accept our Terms of Service and this Privacy Policy at signup, we record the document versions and acceptance timestamps associated with your account.

2. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the App, Site, and admin portal
  • Verify your presence in study zones via geofencing
  • Track and display study session history and statistics
  • Enable organization features (leaderboards, weekly goals, compliance reports, grades/GPA tools, fines where enabled)
  • Send weekly email reports to opted-in organization administrators
  • Deliver push and local notifications you allow
  • Process subscription payments and sponsorships
  • Diagnose technical issues and improve reliability
  • Prevent fraud and abuse (including mock GPS detection, rate limiting, and session integrity checks)
  • Respond to support requests and enforce our Terms

3. How We Share Your Information

We do not sell your personal information. Where the California Privacy Rights Act (CPRA) applies, we also do not share personal information for cross-context behavioral advertising as defined under that law. We share data only with the following service providers, solely to operate the App:

ProviderPurposeData Shared
SupabaseAuthentication, database, server functionsAll account and session data
SentryError monitoring and diagnosticsUser ID, email, error details
StripeWeb checkout, sponsorship, and related payment processingEmail, organization ID, payment details
RevenueCatIn-app subscription management, entitlement status, restore purchasesApp user identifiers, organization/tier attributes, purchase receipts as provided by the stores
MailgunTransactional email (weekly reports, compliance exports, sponsorship messages)Email, name, study hour or report summaries
Expo (EAS)Mobile app builds, updates, push notification delivery infrastructure, and developer toolingAccount and project metadata, push tokens, build configuration, and related technical identifiers
AppleApp Store distribution, Sign in with Apple (when chosen), in-app purchases, and device notification infrastructureAs determined by Apple for those services (e.g. auth identifiers, purchase receipts, device tokens)
Google (Android / FCM / Play)Notification delivery, Google Play Billing where applicable, and related Android servicesAs determined by Google for that infrastructure (e.g. device tokens, purchase receipts)
Google (Sign in with Google)Optional social login / identity when you choose itAuthentication handoff; we receive email, name, and related profile identifiers supplied by Google to our auth provider (not your Google password)
Google MapsMap display (Android)Map tile requests; no personal data
Google AnalyticsWebsite analytics on trytonapp.com onlyAggregated usage data via cookies as described in our Cookie Policy

Within Your Organization

Organization owners and administrators can view member names, study session data, compliance statistics, manual hour overrides, and (on Pro Plus) grades and GPA-related information for members of their organization. Advisors/observers may view analytics and related organizational data on a read-only basis without being required to track their own study hours.

Other members of your organization may see leaderboard information (display names and study hours) and, when someone is actively studying, that member's name in active-studying views. Officers and advisors may also access organization data through the web admin portal at admin.trytonapp.com. These features are part of how the App works and are disclosed before or when you join.

Internal Access

Limited Tryton staff or developers may access account or organization views as needed to provide customer support, investigate abuse or integrity issues, or maintain the service, subject to access controls and confidentiality expectations.

4. Data Retention

  • Account data — retained for as long as your account is active. You may request deletion at any time.
  • Study session data — retained for the duration of your organization membership. Aggregated statistics that no longer identify you may be retained after you leave.
  • Location data — entry and exit coordinates are stored with each session record. We do not retain continuous location tracks or a full GPS history of your movements.
  • Academic / GPA data — retained while your organization uses Pro Plus features and for as long as associated membership or compliance records remain, subject to deletion requests and our account-deletion process.
  • Product analytics events — typically retained for about 90 days.
  • Error and crash reports — retained in Sentry for 90 days.
  • Payment records — Stripe, RevenueCat, Apple, and Google may retain transaction records per their policies and applicable law (often for tax and fraud prevention).
  • Local device data — when you log out, we end your auth session and deactivate push tokens associated with that device. We attempt to stop using and clear local session caches; residual OS or device caches may remain until you clear app data or uninstall the App.

5. Your Rights and Choices

Location Permissions

You can revoke location permissions at any time through your device settings. Without at least foreground location access, you will not be able to start study sessions or create zones. For reliable session and pulse enforcement while a session is active, the App may ask for “Always” or background location; if you decline, some session rules may not run until you open the App again. You can still view your history and organization data where the App allows.

Notifications

If you allow notifications, we may deliver local and push notifications for pulse checks and session-related events. You can adjust notification settings on your device; missing a notification does not by itself extend a study session beyond your organization's rules. Push tokens are deactivated when you log out.

Email Communications

Weekly email reports for organization administrators are opt-in and can be enabled or disabled from profile settings within the App. Sponsorship and other transactional emails include unsubscribe options where required.

Access, Correction, Export, and Deletion

You have the right to:

  • Access your personal data in the App where available, or by contacting us
  • Correct inaccurate profile data through the App or by contacting us
  • Delete your account and associated personal data from the App (Profile → Danger Zone → Delete Account), or by contacting us at support@trytonapp.com. Deletion is processed immediately when initiated from the App. Email requests are processed within 30 days. Sole owners must transfer ownership or close the organization before deleting their account.
  • Export a copy of your personal data in a portable format upon email request to support@trytonapp.com. Organization administrators may separately generate compliance exports (CSV/PDF) for organizational reporting; that is not the same as a personal data export.

Notice at Collection (California)

For California residents, the following summarizes categories of personal information we collect, typical purposes, and whether we sell or share that information for cross-context behavioral advertising:

CategoryExamples / PurposesSold / Shared?
IdentifiersName, email, account IDs, push tokens — account, security, notificationsNo
Precise geolocationSession entry/exit and zone verification during active sessionsNo
Education informationGrades, GPA, and related compliance tools on Pro PlusNo
Commercial / purchase informationSubscription tier, transaction confirmations via Stripe/RevenueCat/storesNo
Internet / electronic activityProduct analytics events; Site analytics via Google AnalyticsNo
InferencesLimited operational inferences (e.g. compliance or risk tags derived from hours/GPA rules your organization configures)No

California Residents (CCPA / CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), including the right to know what personal information we collect, the right to request deletion, the right to correct inaccurate personal information (where applicable), and the right to opt out of the sale of personal information or the sharing of personal information for cross-context behavioral advertising, as those terms are defined under California law. We do not sell personal information and we do not share it for cross-context behavioral advertising as defined under the CPRA. We limit use of sensitive personal information (including precise geolocation used for study sessions as described in this policy) to the purposes disclosed here. To exercise your California privacy rights, contact us at support@trytonapp.com.

6. Data Security

We use industry-standard security measures to protect your data, including encrypted connections (TLS), secure password hashing for email-and-password accounts, row-level security policies on our database, and rate limiting on sensitive endpoints. Social sign-in (Google or Apple) is handled through our authentication provider using industry-standard protocols. However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

7. Data Storage Location and International Users

Your data is stored and processed in the United States. Our servers, database infrastructure, and primary third-party service providers (including Supabase, Stripe, RevenueCat, and Sentry) are located in or process data in the United States. Device vendors (such as Apple or Google) may process limited data on their own infrastructure when you use their operating systems, app stores, or notification services, as described in Section 3.

The App and Site are intended for users in the United States only. We do not knowingly market to or solicit users in the European Economic Area, United Kingdom, or other jurisdictions as a primary offering. We do not maintain a GDPR-specific program of EU representative or similar mechanisms. If you are located outside the United States and choose to use the App, you understand and consent to the transfer and processing of your information in the United States, where data protection laws may differ from those in your country.

8. Age Eligibility and Children's Privacy (COPPA)

The App is intended for users who are 18 years of age or older. We do not permit users under 18 to create accounts, including college or university students who are under 18. The App is not directed to children under 13, and we do not knowingly collect personal information from children under 13.

We do not knowingly collect personal information from individuals under 18. If we learn that we have inadvertently collected information from someone under 18, we will delete that information promptly. If you believe someone under 18 has provided us with personal information, please contact us immediately at support@trytonapp.com.

Parents or guardians who become aware that their child has provided us with information without their consent should contact us, and we will take steps to remove such information and terminate the account.

9. Educational Records Disclaimer

Tryton is a commercial software service for student organizations. We are not a school, university, or education agency. Grade and GPA features are tools for organizational study-hour programs. Organizations that enter academic information are responsible for complying with their own policies and any laws that apply to them. Nothing in this policy makes Tryton a party to FERPA or similar educational-privacy regimes as an educational institution.

10. Security Incidents

If we become aware of a security incident involving personal information that requires notification under applicable law, we will notify affected users and regulators as required, and take reasonable steps to mitigate harm.

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the “Last updated” date at the top of this page and may notify you through the App or via email. Your continued use of the App after changes are posted constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy or wish to exercise your data rights, contact us at:

support@trytonapp.com