Privacy Policy

Last updated: February 23, 2026

Our Commitment to Privacy

Tomte is built for some of the most vulnerable people in our communities — older adults and individuals with cognitive impairments. We take that responsibility seriously. Privacy is not an afterthought; it is a foundational design principle in everything we build.

This policy explains what data Tomte collects, how we use it, how we protect it, and your rights regarding that data.

1. Who We Are

Tomte is a voice-first AI companion service. When we say "Tomte," "we," "us," or "our" in this policy, we mean the organization that operates the Tomte service and the website at www.meettomte.com.

2. Information We Collect

2.1 Information Provided by Caregivers

During onboarding and through the caregiver portal, we collect:

  • Caregiver name, email address, and phone number
  • User profile information (name, age, preferences, health notes)
  • Family member names and relationships
  • Photos uploaded or linked through cloud photo services
  • Alert preferences and emergency contact information
  • Medication and appointment reminder details

2.2 Information from Conversations

When a user talks with Tomte, the conversation is processed in real time to generate responses. From these conversations, Tomte may store:

  • Memory summaries — short, structured notes about topics discussed, preferences expressed, and stories shared. These are used to personalize future conversations.

We do not store raw audio recordings. Voice data is processed in real time and discarded immediately after each conversation session ends. No audio files are retained on our servers.

2.3 Device Information

We collect basic device identifiers to authenticate the tablet and maintain a secure connection. This includes a device certificate stored in the device's secure enclave.

2.4 Usage Data

We collect anonymized usage statistics to improve the service, such as session duration and feature usage frequency. This data cannot be linked back to individual users or conversations.

3. How We Use Your Information

We use the information we collect to:

  • Provide personalized conversations for the user
  • Deliver safety alerts to designated caregivers
  • Send medication and appointment reminders
  • Display photos and facilitate memory-related conversations
  • Improve the quality and safety of the Tomte service
  • Authenticate caregivers and secure the caregiver portal

We never sell personal data. We do not share user data with advertisers, data brokers, or any third party for marketing purposes.

4. How We Protect Your Information

We employ multiple layers of security to protect user data:

  • Encryption at rest — All personal data is encrypted using AES-256 with per-user encryption keys managed by AWS Key Management Service (KMS).
  • Encryption in transit — All communications use TLS 1.3 or higher. There are no HTTP fallbacks.
  • Device authentication — Each tablet uses a unique certificate stored in the device's secure enclave. Users are never asked for passwords.
  • Caregiver authentication — The caregiver portal requires email-based login with multi-factor authentication (MFA).
  • No raw audio storage — Voice data exists only during the active conversation session and is never written to disk.
  • Private infrastructure — Backend services run in a private network. Only the API gateway and caregiver portal are publicly accessible.

5. Data Retention and Deletion

We retain personal data only for as long as the Tomte service is active for a given user. When a user's account is closed:

  • Cryptographic deletion — We destroy the user's unique encryption key, which renders all of their encrypted data permanently and irreversibly unreadable.
  • All memory summaries, profile data, photos, and conversation metadata associated with the user are deleted.
  • Caregiver account data is deleted upon request.

Anonymized, aggregated usage statistics that cannot identify any individual may be retained for service improvement purposes.

6. Third-Party Services

Tomte integrates with the following third-party services to deliver its functionality:

  • Amazon Web Services (AWS) — Cloud infrastructure, AI model hosting, encryption key management, and user authentication.
  • Twilio — Delivery of SMS safety alerts to caregivers.
  • Google Photos / Apple iCloud — Read-only access to photo libraries, authorized via OAuth by the caregiver. We do not modify or delete any photos in these services.

Each third-party service is subject to its own privacy policy. We only share the minimum data necessary for each service to function.

7. Children's Privacy

Tomte is designed for use by adults. We do not knowingly collect personal information from children under the age of 13. If you believe a child has provided us with personal data, please contact us so we can promptly delete it.

8. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access — Request a copy of the data we hold about you or your loved one.
  • Correction — Request that we correct inaccurate data.
  • Deletion — Request that we delete all personal data (see Section 5).
  • Portability — Request your data in a machine-readable format.
  • Objection — Object to certain types of processing.

To exercise any of these rights, please contact us at privacy@meettomte.com. We will respond within 30 days.

9. Changes to This Policy

We may update this privacy policy from time to time. When we do, we will update the "Last updated" date at the top of this page. For significant changes, we will notify caregivers through the caregiver portal and via email.

10. Contact Us

If you have any questions about this privacy policy or how Tomte handles personal data, please contact us: