arrow_back Back to home

Privacy Policy

Noma — Baby Name Discovery App

Last updated: March 27, 2026

Noma Collective ("we", "us", "our") operates the Noma mobile application ("App"). This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our App.

By using the App, you consent to the data practices described in this Privacy Policy. If you do not agree with this policy, please do not use the App.

1. Information We Collect

1.1 Information You Provide

  • Email address — collected at sign-in via Google or Apple for account identification and communication
  • Display name — collected at sign-in via Google or Apple, shown to your connected partner
  • Family surname — collected during onboarding (optional) for the full-name preview feature
  • Gender preference — collected during onboarding for filtering name suggestions
  • Partner connection code — collected when connecting with a partner to link accounts

1.2 Apple Sign-In and Email Relay

When you sign in with Apple, you may choose to hide your email address. In this case, Apple provides a unique, private relay email address that forwards to your real email. We treat this relay address as your account email. We do not attempt to discover or store your real email address if you choose to hide it.

1.3 Information Collected Automatically

  • IP address — collected once during onboarding to determine country/locale for regional name suggestions
  • Firebase UID — generated at authentication as your unique account identifier
  • Authentication tokens — used for secure session management
  • Firebase Analytics data — anonymous app usage data such as screen views, feature interactions, and session duration, collected automatically to help us improve the App

1.4 Information Generated Through Use

  • Name preferences — when you like or pass on names, for your matches and discovery experience
  • Pack entitlements — when you purchase or receive a shared pack
  • Partner link data — when you connect with a partner
  • Timestamps — recorded with each action for account records

1.5 Information We Do NOT Collect

  • We do not collect precise geolocation data (GPS)
  • We do not use device fingerprinting or advertising identifiers
  • We do not use tracking pixels or behavioral tracking tools for advertising purposes
  • We do not collect contacts, photos, camera data, or microphone data
  • We do not collect health, financial, or biometric data
  • We do not collect browsing history or data from other apps

2. How We Use Your Information

We use the information we collect to:

  • Provide and maintain the App — delivering name discovery, matching, and partner features
  • Process purchases — managing your access to purchased name packs
  • Enable partner features — sharing liked names and pack entitlements between connected partners
  • Personalize your experience — filtering names by your gender preference and locale
  • Communicate with you — responding to support requests or sending essential service notifications
  • Ensure security — authenticating users and preventing unauthorized access
  • Improve the App — analyzing anonymous usage patterns to understand feature adoption and improve the user experience
  • Comply with legal obligations — meeting applicable legal and regulatory requirements

We do not use your information for advertising, profiling, or selling to third parties.

3. How We Share Your Information

3.1 With Your Connected Partner

When you connect with a partner, the following data is shared: your display name, your liked names, and your purchased pack entitlements. This sharing is initiated by you and can be revoked at any time by disconnecting the partnership.

3.2 With Service Providers

  • Firebase (Google) — email, display name, and authentication state for user authentication; anonymous analytics data for app improvement
  • Microsoft Azure — all app data (encrypted) for cloud hosting and database

3.3 As Required by Law

We may disclose your information if required to do so by law or in response to valid legal process.

3.4 No Sale of Data

We do not sell, rent, or trade your personal information to third parties. We have never sold personal data and have no plans to do so.

4. Data Storage and Security

Your data is stored on Microsoft Azure servers in the European Union (Germany West Central). We implement encrypted data transmission (TLS/HTTPS), secure authentication via Firebase, database access restrictions, and server-side input validation.

5. Data Retention

All account data is retained until you delete your account. IP addresses are not stored persistently. We do not retain data longer than necessary.

6. Your Rights

You have the right to access, correct, delete, restrict, and port your data. You can delete your account and all data at any time from Settings. Contact trinityappsengineering@gmail.com to exercise any rights.

7. Children's Privacy

The App is not directed to children under 16. We do not knowingly collect personal information from children under 16.

8. International Data Transfers

Data is stored and processed in the EU. Transfers comply with the GDPR.

9. Third-Party Services

The App uses Google Sign-In and Apple Sign-In. Their respective privacy policies apply when you authenticate.

The App uses Firebase Analytics, a service provided by Google, to collect anonymous usage data such as screen views, feature interactions, and session duration. This data is used solely to improve the App and is not used for advertising or user profiling.

10. Apple App Store Privacy Details

  • Data Used to Track You: None
  • Data Linked to You: Email address (or Apple private relay email), display name
  • Data Not Linked to You: Usage data; analytics data (anonymous app usage collected by Firebase Analytics)

11. Google Play Data Safety

  • Data shared with third parties: Anonymous analytics data with Firebase (Google) for app improvement
  • Data collected: Email, name; app interactions; app usage analytics (anonymous)
  • Security: Data encrypted in transit; user can request deletion

12. CCPA (California)

California residents may request access to and deletion of personal data. We do not sell personal information.

13. GDPR (European)

The data controller is Noma Collective (trinityappsengineering@gmail.com). Processing is based on contractual necessity, consent, legitimate interest, and legal obligation.

14. Changes to This Policy

We may update this Privacy Policy from time to time. Continued use constitutes acceptance.

15. Contact Us

Noma Collective — trinityappsengineering@gmail.com

© 2026 Noma Collective. All rights reserved.