1. Introduction

Pomodo ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our web application.

By using Pomodo, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our service.

2. Information We Collect

2.1 Personal Information

When you create an account with Pomodo via Google OAuth, we collect:

Your name
Your email address
Your Google profile picture

2.2 Usage Data

We collect information about your use of Pomodo, including:

Pomodoro session data (duration, start/end times)
Timer settings and preferences
Blocked websites list (stored locally on your device)
Daily wisdom card dismissal status

2.3 Analytics Data

With your consent, we may use Google Analytics to collect:

Browser type and version
Operating system
Pages visited and time spent
Referral source

3. How We Use Your Information

We use the collected information for the following purposes:

To provide and maintain our service: Process your sessions, save your preferences, and provide personalized features.
To improve our service: Analyze usage patterns to enhance user experience and develop new features.
To communicate with you: Send service-related announcements and respond to your requests.
To ensure security: Detect and prevent fraud, abuse, or technical issues.

4. Data Storage and Security

Your data is stored securely using Supabase, a PostgreSQL database with enterprise-grade security:

Encryption: All data is encrypted in transit using HTTPS and at rest.
Authentication: We use secure OAuth 2.0 via Google for authentication.
Access Control: Only you can access your personal data through your authenticated account.

Some data (timer settings, blocked sites) is stored locally on your device using localStorage and is not transmitted to our servers.

5. Third-Party Services

We use the following third-party services:

Google OAuth: For secure authentication (Google Privacy Policy)
Supabase: For database hosting (Supabase Privacy Policy)
Google Analytics (optional): For usage analytics (Google Privacy Policy)

6. Your Rights (GDPR)

Under the General Data Protection Regulation (GDPR), you have the following rights:

Right to Access: Request a copy of your personal data.
Right to Rectification: Request correction of inaccurate data.
Right to Erasure: Request deletion of your personal data.
Right to Restrict Processing: Request limitation of data processing.
Right to Data Portability: Receive your data in a structured format.
Right to Object: Object to processing of your data.
Right to Withdraw Consent: Withdraw consent at any time.

To exercise any of these rights, please contact us at: contact@pomodo.app

7. Cookies

We use cookies and similar technologies. For detailed information, please see our Cookie Policy.

8. Data Retention

We retain your personal data only for as long as necessary to provide our services and fulfill the purposes outlined in this policy. You can delete your account at any time through your account settings, which will permanently delete all your personal data from our servers.

9. Children's Privacy

Pomodo is not intended for use by children under the age of 13. We do not knowingly collect personal information from children under 13. If you become aware that a child has provided us with personal data, please contact us.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date. You are advised to review this policy periodically for any changes.

11. Contact Us

If you have any questions about this Privacy Policy, please contact us:

By email: contact@pomodo.app
Developer: Zacharie Elbaz