← Back to Theia

Privacy Policy

Last updated: June 2026

Theia ("we", "our", "the app") is an inventory management application for independent jewelry dealers. We take your privacy seriously. This policy explains what data we collect, why we collect it, and how we protect it.

What we collect

Account information. Your email address and password, used to create and secure your account. Authentication is handled by Supabase with industry-standard encryption.

Inventory data. Item descriptions, categories, eras, brands, metals, stones, prices, dates, notes, and any other details you enter about your inventory. This is the core data you create and manage in the app.

Photos. Images you take or upload of inventory items. These are stored securely in our cloud storage and are only accessible to your account.

Contacts. Names, phone numbers, email addresses, and Instagram handles of buyers, sellers, and partners that you choose to add to your contact list.

Financial data. Purchase prices, sale prices, trade prices, costs, invoices, and ownership split information that you enter. We do not connect to your bank accounts or payment processors.

Voice recordings. When you use the voice input feature, audio is recorded temporarily on your device, sent to OpenAI's Whisper service for transcription, and then immediately deleted. We do not store your voice recordings. Only the resulting text transcription is saved as part of your item data.

How we use your data

Your data is used solely to provide the Theia service to you. Specifically, we use it to display your inventory, generate invoices, calculate dashboard figures, and power search and filtering. We do not use your data for advertising, profiling, or any purpose beyond operating the app for your benefit.

Third-party services

Supabase. Our backend infrastructure provider. Stores your account data, inventory data, photos, and contacts. Data is encrypted at rest and in transit.

OpenAI. Powers two features: (1) AI-assisted item identification from photos using GPT-4o vision, and (2) voice transcription using Whisper. When you use these features, your photos or voice audio are sent to OpenAI for processing. OpenAI's API data usage policy states that data sent via the API is not used to train their models. No data is sent to OpenAI unless you actively use the camera intake or voice input features.

We do not sell, share, or provide your data to any other third parties.

Data storage and security

All data is stored on Supabase's infrastructure with row-level security policies ensuring that you can only access your own data. All connections use TLS encryption. Passwords are hashed and never stored in plain text. Photos and documents are stored in private cloud storage buckets accessible only to your authenticated account.

Your rights

Access. You can view all data associated with your account at any time within the app.

Correction. You can edit or update any of your data at any time.

Deletion. You can delete individual items, contacts, and transactions at any time. To delete your entire account and all associated data, contact us at the email below and we will process your request within 30 days.

Export. We are working on a data export feature. In the meantime, contact us and we will provide your data in a standard format within 30 days.

Data retention

We retain your data for as long as your account is active. If you delete your account, all associated data is permanently removed within 30 days. Voice recordings are deleted immediately after transcription and are never retained.

Children's privacy

Theia is not intended for use by anyone under the age of 18. We do not knowingly collect data from children.

Changes to this policy

We may update this policy from time to time. If we make material changes, we will notify you via the app or by email. The date at the top of this page indicates when the policy was last revised.

Contact us

If you have questions about this privacy policy or your data, contact us at hello@theia.app.