سياسة الخصوصية

1. عام

The Service can be used locally without Google sign-in. If you choose to connect Google Calendar, we process the Google account identifier, email address, display name, profile image URL, session cookie, Daily Loop project/section/task data, calendar event identifiers, and an encrypted Google refresh token needed to keep Calendar sync working. We do not read your full calendar contents for general profiling; Calendar access is used to create, update, or delete events requested from Daily Loop and to read calendar list metadata so tasks can be placed on a matching calendar when available.

2. الجمع التلقائي ومعالجة الطرف الثالث (عند التفعيل)

وفقًا لإعدادات النشر، قد تكون البنود التالية مفعّلة. إذا كانت معطّلة فلا تنطبق.

• Google OAuth: sign-in profile, email address, consented scopes, and session handling
• Google Calendar API: creating, updating, and deleting Daily Loop time-block events; reading calendar list metadata to choose a matching calendar name when available
• Cloudflare Workers/D1/KV: account profile, Daily Loop project/section/task data, sync metadata, and encrypted integration credentials
• Google Analytics: usage statistics (cookies and similar identifiers, when enabled)

Google user data is used only for the user-facing features described in this policy and is not sold, used for advertising, or used to train AI models. Google API data handling is also subject to the Google API Services User Data Policy: https://developers.google.com/terms/api-services-user-data-policy.

3. أغراض المعالجة

1. Providing local vision, goal, and Daily Loop features
2. Authenticating with Google when you choose to sign in
3. Syncing projects, sections, tasks, and time blocks for Daily Loop
4. Creating, updating, or deleting Google Calendar events that correspond to your timed tasks
5. Selecting a Google Calendar whose name matches a Daily Loop section when possible
6. Improving quality, reliability, and security of the Service

4. الاحتفاظ والحذف

Local data remains on your device until you clear browser or app data. Server-side Daily Loop records and encrypted integration credentials are retained while you use sync features, unless you delete or revoke them where the Service provides that control or request deletion. You can also revoke Google access from your Google Account permissions page.

5. المشاركة مع أطراف ثالثة

We do not sell personal information or Google user data. We share data only with infrastructure providers needed to operate the Service, with Google APIs as necessary to perform Calendar actions you request, or where required by law. Google user data is not transferred to advertising platforms, data brokers, or AI model training systems.

6. البنية التحتية والمعالجون

قد نستخدم ما يلي للاستضافة والخدمات ذات الصلة:

7. حقوقك

You can delete local data through your browser or device settings. You can revoke Google access in your Google Account security settings. If server-side sync data exists, you may request deletion or remove integration credentials where the Service provides that control.

8. ملفات تعريف الارتباط

The Service uses essential cookies for Google OAuth state and signed-in sessions. Analytics cookies or similar technologies may be used when analytics is enabled. You can refuse non-essential cookies in your browser, but sign-in or analytics may be affected.

9. تغييرات على هذه السياسة

If we update this policy, we will post the revised text and effective date in the Service. If the way we use Google user data materially changes, we will ask for consent where required before using the data in the new way.

10. Security safeguards

We use HTTPS for network communication where applicable, signed HTTP-only cookies for authentication sessions, and AES-GCM encryption for stored integration credentials such as Google refresh tokens and Obsidian tokens. Access to server-side sync data is scoped to the signed-in user. No internet service can be guaranteed completely secure, but these safeguards are intended to protect the confidentiality and integrity of Google user data and other sensitive integration data.