← Back to Tail Wind Labs

Breeze Privacy Policy

Effective Date: February 7, 2026 · Last Updated: February 7, 2026

Tail Wind Labs LLC ("we," "us," or "our") operates the Breeze mobile application and associated services (collectively, the "Service"). Breeze is a centralized identity, authentication, and digital wallet platform within the Tail Wind Labs ecosystem of applications.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. Please read this policy carefully. By using Breeze, you agree to the collection and use of information in accordance with this policy.

1. Information We Collect

1.1 Information You Provide Directly

• Account Information: Email address, username, display name, password (stored as a salted hash), and optional avatar/profile photo.
• Profile Information: Optional biographical text you choose to provide.
• OAuth Data: If you sign in with Google or Apple, we receive your name, email address, and a unique provider identifier. We store OAuth access tokens and refresh tokens to maintain your linked account connection.
• Communications: Any messages, feedback, or support requests you send to us at support@tailwindstud.io.

1.2 Information Collected Automatically

• Device Information: Device type, operating system and version, unique device identifiers, and app version.
• Log and Usage Data: Login timestamps, last active timestamps, login count, IP addresses (at registration and each login), user agent strings, and authentication success/failure records.
• Login History: We maintain a log of authentication attempts, including IP address, user agent, timestamp, success status, and failure reasons for security purposes.
• Analytics Data: We use Firebase Analytics to collect usage statistics including screen views, feature engagement, session duration, and app performance metrics.
• Crash Reports: We use Firebase Crashlytics to automatically collect crash logs, stack traces, device state at the time of a crash, and related diagnostic data.

1.3 Currency and Transaction Data

• Wallet Balances: Your balances of Zephyr (central currency) and linked ecosystem currencies (Iron, Gust).
• Transaction History: Records of currency earnings, spending, and exchanges between ecosystem currencies, including amounts, types, descriptions, and timestamps.

1.4 Information from Third-Party Services

• Google Sign-In: Name, email address, profile picture URL, and Google account identifier.
• Apple Sign-In: Name and email address (which may be a relay email if you choose to hide your real email).

2. How We Use Your Information

We use the information we collect to:

• Provide and maintain the Service: Create and manage your account, authenticate you across Tail Wind Labs applications, and process in-app currency transactions.
• Improve the Service: Analyze usage patterns, diagnose technical issues, and develop new features.
• Communicate with you: Send transactional emails (verification, password reset), respond to support requests, and provide service updates.
• Ensure security: Detect and prevent fraud, unauthorized access, and other illegal activities. Monitor login history for suspicious activity.
• Comply with legal obligations: Meet applicable legal requirements and respond to lawful requests.
• Personalize your experience: Deliver content and features relevant to your interests and preferences.
• Deliver advertising: We may in the future display advertisement content within the app; any advertising data collection will be disclosed in updates to this policy.

3. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

• Within the Tail Wind Labs Ecosystem: Your Breeze identity (user ID, email, username, display name, avatar) is shared with linked applications you use (RepBase, TaDo) via secure internal APIs to enable single sign-on functionality.
• Service Providers: We may share information with third-party vendors who perform services on our behalf, including hosting (Railway), email delivery (SendGrid), analytics (Firebase), crash reporting (Firebase Crashlytics), and push notifications (Firebase Cloud Messaging).
• Legal Requirements: We may disclose information if required by law, regulation, legal process, or governmental request.
• Business Transfers: In connection with a merger, acquisition, or sale of assets, your information may be transferred as a business asset.
• With Your Consent: We may share your information with third parties when you give us explicit consent to do so.

4. Data Retention

We retain your personal information for as long as your account is active or as needed to provide the Service. Specifically:

• Account data: Retained until you request account deletion.
• Login history: Retained for up to 12 months for security monitoring purposes.
• Transaction records: Retained for the lifetime of your account to maintain accurate balance records.
• Refresh tokens: Automatically expire and are purged based on configured expiry (default: 7 days).
• Email verification and password reset tokens: Automatically expire within 24 hours.
• Analytics data: Retained according to Firebase's default retention policies (typically up to 14 months).

When you delete your account, we will delete or anonymize your personal data within 30 days, except where retention is required by law.

5. Data Security

We implement appropriate technical and organizational measures to protect your data, including:

• Passwords are hashed using bcrypt with a cost factor of 12.
• All data is transmitted over HTTPS/TLS encryption.
• JWT-based authentication with short-lived access tokens (15 minutes) and rotatable refresh tokens.
• Rate limiting on authentication endpoints to prevent brute-force attacks.
• Internal service-to-service communication is authenticated with API keys.
• Role-based access control (User, Moderator, Admin).

While we strive to protect your data, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security.

6. Your Rights and Choices

6.1 All Users

• Access: You can access and review your account data within the app at any time.
• Update: You can update your profile information, display name, avatar, and bio through the app.
• Delete: You can request deletion of your account by contacting support@tailwindstud.io.
• Opt-Out: You can unlink OAuth providers and manage notification preferences.

6.2 European Economic Area (EEA) Residents — GDPR Rights

If you are located in the EEA, you have additional rights under the General Data Protection Regulation (GDPR):

• Right of Access: Request a copy of the personal data we hold about you.
• Right to Rectification: Request correction of inaccurate or incomplete data.
• Right to Erasure: Request deletion of your personal data ("right to be forgotten").
• Right to Restrict Processing: Request limitation of how we process your data.
• Right to Data Portability: Receive your data in a structured, machine-readable format.
• Right to Object: Object to processing based on legitimate interests or direct marketing.
• Right to Withdraw Consent: Withdraw previously given consent at any time.

Legal Basis for Processing: We process your data based on: (a) your consent, (b) the necessity to perform our contract with you, (c) compliance with legal obligations, and (d) our legitimate interests (security, fraud prevention, service improvement).

To exercise these rights, contact us at support@tailwindstud.io. We will respond within 30 days.

6.3 California Residents — CCPA Rights

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA):

• Right to Know: Request disclosure of the categories and specific pieces of personal information we have collected.
• Right to Delete: Request deletion of your personal information.
• Right to Opt-Out of Sale: We do not sell personal information. If this changes, we will provide opt-out mechanisms.
• Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.

To submit a verifiable consumer request, email support@tailwindstud.io.

7. Children's Privacy

Breeze is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If we learn that we have collected personal data from a child under 13, we will promptly delete that information. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at support@tailwindstud.io.

8. Third-Party Services

Our Service may integrate with or contain links to third-party services. These third-party services have their own privacy policies, and we are not responsible for their practices:

Service	Purpose	Privacy Policy
Google (Firebase Analytics)	Usage analytics	Google Privacy Policy
Google (Firebase Crashlytics)	Crash reporting	Firebase Privacy
Google (Firebase Cloud Messaging)	Push notifications	Firebase Privacy
Google Sign-In	OAuth authentication	Google Privacy Policy
Apple Sign-In	OAuth authentication	Apple Privacy Policy
Railway	Server hosting	Railway Privacy Policy
SendGrid	Transactional email	Twilio Privacy Notice

9. International Data Transfers

Your information may be transferred to and maintained on servers located outside your country of residence. If you are located in the EEA, UK, or other regions with data transfer regulations, we will ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

10. Push Notifications

We may send push notifications to your device. You can opt out by adjusting your device notification settings or within the app's settings. Even with push notifications disabled, we may still send you in-app messages and transactional emails related to your account.

11. Cookies and Tracking

The Breeze mobile app does not use browser cookies. However, the Breeze admin web panel and associated web services may use cookies and similar technologies for session management and analytics. Third-party services we integrate with may use their own tracking technologies.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new policy within the app or sending you a notification. The "Last Updated" date at the top of this policy indicates when it was last revised. Your continued use of the Service after changes constitutes acceptance of the updated policy.

13. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us:

• Email: support@tailwindstud.io
• Mailing Address: Tail Wind Labs LLC, 212 N. 2nd St. Ste 100, Richmond, KY 40475
• Website: https://tailwindstud.io

For GDPR-related inquiries, you may also lodge a complaint with your local data protection authority.