Effective Date: July 30, 2025
When you create an account, we collect your email address for authentication and account management. We use OAuth providers (Google, GitHub, Discord) for secure sign-up, so we only receive basic profile information (name, email) that you choose to share.
We collect minimal usage analytics to improve the service: feature usage patterns, error logs, and performance metrics. For free users, all data is stored locally in your browser. For Pro users with sync enabled, your productivity data (tasks, notes, calendar events) is encrypted and stored on our secure servers to enable cross-device synchronization. We do not track or analyze the content of your personal productivity data.
We collect basic technical information necessary for service operation: IP address for security purposes, browser type for compatibility, and device type for responsive design. This information is not linked to your personal productivity data.
We use your information to:
We do not sell your personal information. We only share data with essential service providers: Stripe for payment processing (Pro plan), OAuth providers for authentication, and our hosting provider for secure data storage. All providers are bound by strict data protection agreements.
Your data is stored locally in your browser by default using encrypted WebAssembly PostgreSQL. Pro plan sync data is stored on secure servers with end-to-end encryption, ensuring only you can access your productivity information. We use industry-standard security practices including HTTPS, encrypted databases, and regular security audits.
We retain your account information as long as your account is active. Your productivity data (tasks, notes, calendar) is retained until you delete it or close your account. Sync data is permanently deleted within 30 days of account closure. Analytics data is aggregated and anonymized after 90 days.
You have the right to:
We use essential cookies for authentication and session management. We do not use tracking cookies or third-party analytics. Theme preferences and local settings are stored in your browser's local storage. You can clear this data anytime through your browser settings.
We integrate with Google and GitHub for OAuth authentication, and Stripe for payment processing (Pro plan). These services have their own privacy policies. We do not use third-party analytics or advertising services.
Our service is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us immediately.
Your data is processed primarily in the United States. For international users, we ensure adequate data protection through standard contractual clauses and encryption. EU users have additional rights under GDPR.
We may update this Privacy Policy from time to time. We will notify you of any material changes by email and by posting the updated policy on this page with a new effective date. Continued use of the service after changes constitutes acceptance of the updated policy.
If you have any questions about this Privacy Policy, please contact us at: [email protected]
Stormlight Labs
Delaware corporation
Austin, TX, United States (Operations)