Privacy Policy

Last updated: June 11, 2026

Overview

AddItemTo is designed with privacy in mind. The free version stores all your data locally on your device. For subscribed users and users following shared collections, we require authentication via Sign in with Apple to enable cloud sync and collaboration features.

Data Controller

The data controller responsible for your personal information is:

Company Name: Add Item To Ltd
Company Number: 16799293
Trading Name: additem.to
Location: United Kingdom
Contact: privacy@additem.to

Legal Basis for Processing (UK and EU GDPR)

We process your personal data under the following legal bases:

• Free Tier: Legitimate interests (providing the app functionality on your device)
• Subscribed users: Contract performance (providing cloud sync and premium features)
• Photos: Contract performance (premium feature) and legitimate interests (service delivery)

Data Collection

Free Version (Local Only)

• All asset and location data is stored locally on your device
• No data is transmitted to our servers
• No account or personal information required
• Data is not sent to our servers (your data may be included in your iOS device backup if you have that enabled)

Authentication (Required for Cloud Features)

To access cloud sync, premium features, or follow shared collections, you must sign in. We collect:

• Apple ID: Unique user identifier provided by Apple (anonymous unless you choose to share your email)
• Email address: Only if you choose to share it with us during sign in
• Display name: Used to identify you in shared collections and collaboration features

Premium Version (Cloud Sync)

Premium features collect:

• System-generated account identifier (linked to your Apple ID)
• Asset and location data synced to our secure servers
• Transaction history for audit purposes
• Subscription status and tier information

Email Address Retention

If you provide your email address during sign in:

• Purpose: Used only for critical account communications (subscription issues, security alerts, policy changes)
• Storage: Encrypted in our secure database with TLS encryption in transit and at rest
• Retention: Retained while your account is active and for 30 days after account deletion (to prevent account recreation abuse)
• Not used for: Marketing, newsletters, promotional emails, or sharing with third parties
• Your control: You can request email deletion at any time by contacting privacy@additem.to

Note: If you choose to hide your email during sign in, we receive a private relay email from Apple instead. This relay email is under Apple's control and we cannot use it to contact you directly.

NFC Tag Data

The app reads the unique identifier (UID) from NFC tags to identify assets and locations. By default, nothing is written to the tag. If you choose to enable the optional Tap to Open feature, the app writes a single link to the tag (https://additem.to/t/ followed by a random code) so that tapping the tag can open the app. You can remove this link at any time by disabling Tap to Open.

Important: We do not store any personal information, asset names, descriptions, photos, or other sensitive data on NFC tags. The tag carries at most its UID and, if you enabled Tap to Open, the random link. Both reference data stored locally on your device (free tier) or in our cloud database (premium tiers). Anyone scanning an NFC tag sees only the UID or the random link - they cannot access your asset information without having access to your additem.to account.

Camera Usage

The camera is used for photo attachments, OCR text scanning (Scan to Fill feature), and AI item scanning. Photos you choose to attach are stored locally on your device, with cloud backup available for subscribed users. Photos used for AI item scanning are handled differently - see the AI Item Scanning section below.

AI Item Scanning

The app includes an optional AI scanning feature that analyses a photo to identify an item and pre-fill its details. This feature is entirely optional and can be disabled at any time in your device's Settings app under additem.to.

What happens when you scan an item:

• Your photo is sent securely to OpenAI (via the GPT-4o-mini API) for analysis
• OpenAI returns a set of suggested fields (item name, manufacturer, model, category, etc.)
• The photo is not stored by OpenAI after processing
• We do not store the photo on our servers solely for AI scanning purposes - it is only retained if you choose to attach it to an item

What we may store:

• The recognised field values (name, manufacturer, model, etc.) may be cached in our database against the item's barcode to avoid repeat AI calls for the same product in future
• This cached data contains no personal information - only product details linked to a barcode

Your control:

• AI scanning is opt-in per scan - you choose when to use it
• You can disable the feature entirely in iOS Settings under additem.to > AI Object Scanning
• Disabling AI scanning does not affect any other app functionality

OpenAI:

When you use AI scanning, your photo is processed by OpenAI. OpenAI's privacy policy applies to data processed through their API: openai.com/privacy. OpenAI states that API data is not used to train their models.

Location Information

When you enable GPS tracking (optional, on by default), additem.to captures your device's GPS coordinates during check-in and check-out transactions.

What we collect:

• Latitude and longitude coordinates
• GPS accuracy (in meters)
• Timestamp of GPS reading

What we DON'T collect:

• Background location tracking
• Continuous location monitoring
• Location data outside of transactions

How we use it:

• Provide an audit trail of asset movements
• Verify transaction locations for security
• Enable future features like heat maps and geofencing (premium tiers only)

Your control:

• You can disable GPS tracking in Settings at any time
• Disabling GPS will not affect any other app functionality
• GPS data is stored locally on your device (free tier) or synced to our servers (subscribed users)
• You can delete transactions to remove associated GPS data

Free Tier: GPS data is not sent to our servers (standard iOS device backup may apply)
Subscribed users: GPS data syncs with transactions to our secure servers

Photo Attachments

All users can attach photos to their assets. Photos are always stored locally on your device. Subscribed users also get secure cloud backup.

What we store:

• Original photos you upload (stored in secure cloud storage)
• Compressed thumbnails for faster loading
• Photo metadata (filename, size, dimensions, upload date)
• Optional captions you add to photos

How we use it:

• Display photos alongside your assets
• Sync photos across your devices (subscribed users only)
• Share photos with users you've granted access to
• Create thumbnails for performance optimization

Your control:

• You can delete photos at any time - they're immediately removed from cloud storage
• Deleted photos are removed from all your devices during next sync
• When your subscription expires or is cancelled, all photos are deleted from cloud storage
• Photos are also stored locally on your device for offline access

Important: Photos are subject to our content policies. See our Terms of Service for details on prohibited content and content moderation.

Content Moderation

We respect your privacy and do not proactively monitor or scan your photos. However, we reserve the right to review content if:

• Content is reported by another user
• We receive a legal request or court order
• We have reason to believe content violates our Terms of Service or applicable laws

Manual Review: Reported content is reviewed manually by our team. We do not use automated scanning or AI to monitor your photos under normal circumstances.

Illegal Content: If we discover illegal content (particularly child sexual abuse material), we are legally required to report it to the appropriate authorities:

• UK: Internet Watch Foundation (IWF) and National Crime Agency (NCA)
• International: National Center for Missing & Exploited Children (NCMEC)
• Law Enforcement: Local police authorities as required

To report abuse: If you encounter inappropriate or illegal content, please email abuse@additem.to with details. Reports are reviewed within 48 hours.

Data Storage & Security

• Local data is stored in an encrypted database on your device
• Cloud data (Premium) is stored on secure cloud servers
• Photos (Premium) are stored in secure cloud storage with TLS encryption
• All data is encrypted in transit (HTTPS/TLS) and at rest
• We use industry-standard security practices
• Photos sent for AI scanning are processed by OpenAI and not retained by them after processing
• No other data is shared with third parties (except our infrastructure providers)

International Data Transfers

For subscribed users, your data may be transferred and stored outside the United Kingdom and European Economic Area (EEA):

• Cloud Storage: Data stored in our cloud infrastructure may be processed outside the UK/EEA
• Safeguards: Our infrastructure providers offer Standard Contractual Clauses (SCCs) approved by the UK ICO
• Security: All data transfers use TLS encryption and enterprise-grade security

Free tier users: Your data is not sent to our servers. Standard iOS device backup (iCloud) may apply based on your iOS settings.

AI scanning: If you use the AI scanning feature, your photo is transferred to OpenAI's servers (United States) for processing. OpenAI participates in the EU-US Data Privacy Framework. You can disable AI scanning in iOS Settings at any time.

Analytics

We do not use any analytics or tracking services. Your usage patterns and behavior are not monitored or collected.

Your Rights (UK and EU GDPR)

Under the UK GDPR and EU GDPR, you have the following rights regarding your personal data:

Right of Access

• Request a copy of your personal data
• Free tier: Data stored locally on your device only
• Premium: Export feature available in-app, or contact privacy@additem.to

Right to Rectification

• Correct inaccurate or incomplete data
• Edit assets, locations, and photos directly in the app

Right to Erasure ("Right to be Forgotten")

• Delete the app to remove all local data
• Delete individual photos (immediately removed from cloud storage)
• Delete individual assets, locations, or transactions in-app
• Premium: Request account deletion (all cloud data permanently deleted within 24 hours)

Right to Restrict Processing

• Downgrade from Premium to Free tier to stop cloud processing
• Disable GPS tracking in Settings to stop location data collection

Right to Data Portability

• Premium: Export your data in machine-readable format (JSON/CSV)
• Contact privacy@additem.to to request data export

Right to Object

• Object to processing for direct marketing (we don't do any marketing)
• Object to automated decision-making (we don't use automated decisions)

Exercising Your Rights

To exercise any of these rights, contact us at privacy@additem.to. We will respond within one month.

Right to Complain

If you're unhappy with how we handle your personal data, you have the right to complain to the UK's data protection authority:

Information Commissioner's Office (ICO)
Website: https://ico.org.uk
Telephone: 0303 123 1113
Address: Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

Add Item To Ltd's ICO registration reference: ZC021383

Data Retention

• Free Tier: Data stored indefinitely on your device (until you delete the app)
• Premium Assets/Locations: Retained while subscription is active
• Premium Photos: Deleted from cloud storage within 24 hours after subscription expires
• After Account Deletion: All cloud data permanently deleted within 24 hours

Children's Privacy

AddItemTo is not directed to children under 13. We do not knowingly collect information from children.

Changes to This Policy

We may update this privacy policy from time to time. Changes will be posted in-app with an updated date.

Contact Us

Questions about this privacy policy?

Email: privacy@additem.to