Privacy Policy

This service is operated by [Your Company Name] (“we,” “us,” “our”). Questions? Contact privacy@example.com or use our contact form.

• Account & Profile: name, email, password hash, profile picture (if provided).
• App Content: Projects, WorkSessions (written text, word/page counts, time spent), Mindmaps (nodes/links), Todos, and Suggestions/likes.
• Uploads: Images inserted via the Quill editor (if you use this feature).
• Usage & Device: app activity (e.g., pages viewed, features used), coarse location derived from IP, device/browser info, timestamps, diagnostics, and cookies/SDK signals.
• Payments: We use Stripe to process payments. We don’t store full card numbers. Stripe may collect your name, email, billing address, and payment method details.

• Provide and maintain the service (projects, sessions, maps, todos).
• Sync and display your content across devices.
• Calculate analytics, forecasts, and progress summaries.
• Process subscriptions, trials, and invoices via Stripe.
• Prevent abuse, secure accounts, and debug performance issues.
• Improve features and user experience (aggregate insights).
• Send essential notices (account, billing, service updates).
• With consent where required, send product tips and announcements (you can opt out anytime).

• Contract: To provide the service you requested.
• Legitimate interests: Improve and secure the service, prevent fraud.
• Consent: Optional communications and certain cookies.
• Legal obligations: Compliance, tax, and accounting.

• Processors: We use trusted providers to host, store, and process data (e.g., MongoDB Atlas for database; object storage/CDN for images; email provider for notifications; analytics).
• Payments: Stripe processes subscriptions and may act as an independent controller for certain financial data.
• Suggestions: Content posted in Suggestions may be visible to other users, who can like entries.
• Legal/Compliance: We may disclose information to comply with law, enforce terms, or protect rights and safety.
• Business transfers: In a merger, acquisition, or sale of assets, information may be transferred as part of the transaction.

We use cookies/SDKs for authentication, preferences (including dark mode), analytics, and fraud prevention. You can control cookies via your browser settings. Some features may not function without essential cookies.

• We retain account data while your account is active. You can delete your account to remove personal data from active systems, subject to limited legal/backup retention.
• Content (Projects, WorkSessions, Mindmaps, Todos, Suggestions) persists until you delete it or delete your account.
• Backups are kept for a limited period and then purged on a rolling basis.

Depending on your location, you may have rights to:

• Access, correct, or delete your personal data.
• Port your data (export where available).
• Object to or restrict certain processing.
• Withdraw consent (where processing relies on consent).

To exercise rights, contact privacy@example.com. You can also manage many settings directly in the app (profile, notifications, subscription).

We may process data in countries outside your own. Where required, we use appropriate safeguards (e.g., Standard Contractual Clauses) to protect personal data during transfers.

• We use industry‑standard measures to protect data in transit and at rest (encryption, access controls, monitoring).
• No system is 100% secure; please use a strong, unique password and keep your device/software up to date.

The service is not directed to children under 13, and we do not knowingly collect data from them. If you believe a child has provided us personal data, contact us to remove it.

• Profile pictures and Quill‑inserted images are stored via an object store/CDN. We may transcode, resize, or compress media to optimize delivery.
• Do not upload content you don’t have rights to share. Avoid sensitive personal data in uploads.

• We offer a 7‑day trial for new users, with a valid payment method required to start. If you don’t cancel before the trial ends, you’ll be charged the monthly rate (e.g., $11.99) unless pricing changes.
• Stripe acts as our payments provider and may collect additional data to prevent fraud and comply with legal obligations.

We may update this policy to reflect changes to our practices or legal requirements. We’ll post updates here and adjust the “Last updated” date. If changes materially affect your rights, we’ll provide additional notice where appropriate.

For privacy questions or requests, email privacy@example.com or visit our Contact page. You may also have the right to lodge a complaint with your local data protection authority.