focusloop logo
focusloop
Sign inStart focusing

Privacy Policy

Last updated: April 26, 2026

1. Introduction

At focusloop ("we", "our", "us"), we respect your privacy and are committed to protecting your personal data. This privacy policy explains how we collect, use, store, and share information when you use our Pomodoro timer application and website (the "Service").

This policy complies with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

2. Data We Collect

2.1 Information You Provide

  • Account Information: Email address, name (optional), and password when you create an account.
  • Session Data: Timer sessions, tasks you create, focus session duration, and completion statistics.
  • Newsletter Subscription: Email address if you subscribe to our productivity newsletter.

2.2 Automatically Collected Information

  • Usage Data: Pages visited, time spent on pages, features used, and interaction patterns.
  • Device Information: Browser type, operating system, IP address, and device identifiers.
  • Cookies: See our Cookie Policy for details.

3. How We Use Your Data

We use your personal data for the following purposes:

  • Provide the Service: Enable timer functionality, save your sessions, and sync data across devices.
  • Improve User Experience: Analyze usage patterns to enhance features and fix bugs.
  • Communication: Send productivity tips, product updates, and newsletters (you can unsubscribe anytime).
  • Analytics: Understand how users interact with our Service using tools like Google Analytics.
  • Security: Detect and prevent fraud, abuse, and security threats.

4. Third-Party Tools & Services

We use the following third-party services that may collect data:

  • Supabase: Database and authentication provider. Data is stored securely in EU/US servers.
  • Google Analytics: Website analytics to understand user behavior (anonymized IP addresses).
  • Email Service Provider: For sending newsletters and transactional emails (we use privacy-focused providers).
  • Payment Processor: If you upgrade to Premium, payment data is handled by Stripe (we do not store credit card information).

5. Data Sharing & Disclosure

We do not sell your personal data. We may share data in the following limited circumstances:

  • Service Providers: Third-party vendors who help operate our Service (hosting, analytics, email delivery).
  • Legal Requirements: When required by law, court order, or to protect our legal rights.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred (you will be notified).

6. Your Rights (GDPR Compliance)

Under GDPR and similar regulations, you have the following rights:

  • Access: Request a copy of all personal data we hold about you.
  • Rectification: Correct inaccurate or incomplete data.
  • Erasure: Request deletion of your account and all associated data ("right to be forgotten").
  • Data Portability: Receive your data in a machine-readable format to transfer to another service.
  • Object to Processing: Opt out of marketing communications or certain data uses.
  • Withdraw Consent: Revoke consent for data processing at any time.

To exercise these rights, email us at privacy@focusloop.app. We will respond within 30 days.

7. Data Retention

We retain your personal data only as long as necessary to provide the Service and comply with legal obligations. Session data and account information are kept while your account is active. If you delete your account, all data is permanently erased within 30 days (except where we must retain data for legal reasons, such as financial records).

8. Security

We implement industry-standard security measures to protect your data, including encryption (SSL/TLS), secure servers, and access controls. However, no method of transmission over the Internet is 100% secure. If you become aware of a security breach, please contact us immediately at security@focusloop.app.

9. Children's Privacy

Our Service is not intended for users under 13 years old. We do not knowingly collect data from children. If you believe a child has provided us with personal data, please contact us and we will delete it.

10. International Data Transfers

Your data may be processed in countries outside your jurisdiction. When we transfer data internationally, we ensure adequate safeguards are in place (such as Standard Contractual Clauses) to protect your information.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. For significant changes, we will notify you via email or a prominent notice on our website.

12. Contact Us

If you have questions about this Privacy Policy or how we handle your data, contact us at: