Privacy Policy

1. Overview

This Privacy Policy explains how DeepFocus Time collects, uses, and protects information from the website and Chrome extension.

2. Data we collect

We collect the minimum data needed to operate the service:

Account data: email address, account identifiers, trial status, and premium entitlement.

Authentication data: session tokens used to keep you signed in.

Extension settings: focus and break durations, reminders, distraction lists, and automation preferences.

Usage signals: local session counts, focus minutes, interruptions, and streaks used to power insights.

Support communications: messages you send to support and diagnostic details you share with us.

Website analytics: basic page usage metrics collected on the website to understand performance and improve the product.

Billing data: subscription status and transaction metadata are processed by Paddle, our Merchant of Record. Paddle handles payment processing, billing, tax calculation, and refunds. We do not store full payment card details on DeepFocus Time infrastructure.

3. How we use data

We use data to authenticate users, provide premium access, deliver reminders and insights, and respond to support requests. We only use user data to provide and improve the core functionality of the service. We do not sell or use data for advertising.

4. Legal bases for processing

Where required by law, we process personal data based on one or more of the following legal bases: to perform a contract (providing the service you request), for legitimate interests (improving product reliability and security), and with consent where applicable (such as optional marketing).

5. Where data is stored

Extension settings and usage signals are stored locally in your browser. Account and entitlement data is stored on our servers so you can sign in and manage premium access.

6. Sharing and third parties

We rely on trusted providers for hosting, authentication, analytics, email delivery, and billing. These providers process data on our behalf under contractual safeguards. We do not sell personal information.

Providers may include Supabase (authentication and account data), Paddle (payment processing as Merchant of Record), Resend (contact email delivery), and Google Analytics (website analytics).

7. Cookies and local storage

We use cookies and local storage to keep you signed in and to remember preferences. You can clear local storage in your browser or extension settings.

8. Payments and Merchant of Record

Paddle is our Merchant of Record and is responsible for payment processing, billing, tax handling, and refunds. When you purchase a subscription, you are transacting with Paddle under their terms.

9. Data retention

We retain account data for as long as needed to provide the service and meet legal obligations. You can request deletion of your account by contacting support@deepfocustime.com, and we will follow applicable laws.

10. Security

We apply reasonable technical and organizational safeguards to protect your data, including access controls and monitoring. We may collect limited diagnostic or error logs to keep the service reliable, but no system can be guaranteed 100 percent secure.

11. Your rights and choices

You may request access, correction, or deletion of your account data by contacting support@deepfocustime.com. We review requests according to applicable law.

12. International transfers

Your information may be processed in countries where we or our providers operate. We apply safeguards required by applicable law.

13. Children's privacy

DeepFocus Time is not intended for children under 13. We do not knowingly collect personal data from children. If you believe a child has provided data, contact us so we can delete it.

14. Contact

For privacy questions, contact support@deepfocustime.com. We aim to respond promptly and transparently.