Privacy Policy

Last updated: January 1, 2025

🔒 NexTodo is built with privacy in mind. Your task data belongs to you. We do not sell your personal information to third parties.

This Privacy Policy explains how NexTodo ("we", "us", or "our") collects, uses, and protects your information when you use our service at nextodoapp.com.

1. Information We Collect

Account information: When you sign up, we collect your email address and authentication credentials.

App data: Tasks, projects, areas, labels, focus sessions, and work sessions you create within NexTodo.

Usage data: Basic analytics such as feature usage frequency to improve the product. This data is anonymized and aggregated.

Payment information: Billing is handled by Paddle. We do not store your credit card details. See Paddle's Privacy Policy for details.

2. How We Use Your Information

To provide, maintain, and improve the NexTodo service
To sync your data across devices and restore it when needed
To process payments and manage your subscription
To send important service notifications (not marketing without consent)
To respond to support requests

3. Data Storage

Your data is stored in Supabase (PostgreSQL) on servers located in the European Union. We also use your browser's localStorage for offline functionality. Your data is encrypted in transit (TLS) and at rest.

4. Data Sharing

We do not sell, trade, or rent your personal information. We may share data with:

Supabase — Database and authentication provider
Paddle — Payment processing
Vercel — Application hosting

These providers are contractually bound to protect your data and may not use it for their own purposes.

5. Cookies and Local Storage

NexTodo uses localStorage (not cookies) to store your preferences, cached task data, and authentication tokens locally in your browser. This enables offline functionality. We do not use advertising cookies or third-party tracking.

6. Your Rights

You have the right to:

Access — Request a copy of your personal data
Correction — Update inaccurate information
Deletion — Request deletion of your account and data
Portability — Export your data in CSV or PDF format
Objection — Object to processing of your data

To exercise these rights, contact us at privacy@nextodoapp.com.

7. Data Retention

We retain your data for as long as your account is active. If you delete your account, we will permanently delete your data within 30 days, except where we are required by law to retain it.

8. Children's Privacy

NexTodo is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you become aware that a child has provided us with personal information, please contact us.

9. Security

We implement industry-standard security measures including TLS encryption, secure authentication (via Supabase Auth), and regular security reviews. However, no method of transmission over the internet is 100% secure.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or in-app notification. Continued use after changes constitutes acceptance of the updated policy.

11. Contact Us

For privacy-related questions or data requests, contact us at privacy@nextodoapp.com.