Privacy Policy

Last updated: February 2026 · Effective immediately

      Short version: We collect only what is necessary to run the app. We do not sell your data. You can delete everything at any time from Settings.
    

1. Who we are

DailyDo is a daily micro-challenge app designed to help people build small, consistent habits. References to "we," "us," or "our" refer to the operators of DailyDo.

Contact: gustafvalentine@gmail.com

2. What data we collect

Account data (if you create an account)

Email address — used to identify your account and for password reset
Display name — optional, only if you set one

Usage data

Which daily challenges you complete and when
Time spent on each challenge (in seconds)
Your current and best streak
App preferences: theme (light/dark), language, accessibility settings

Guest / anonymous data

If you use DailyDo without an account, your data is stored only on your device (in your browser's localStorage). We generate a random anonymous ID for your device — this ID contains no personal information. If you generate a transfer code to move progress between devices, a temporary snapshot is stored in our database for 15 minutes then automatically deleted.

What we do NOT collect

IP addresses (we do not store them)
Location data
Device identifiers beyond the anonymous ID you choose to generate
Payment information (we do not accept payments)
Third-party tracking or advertising data

3. Why we collect it (legal basis)

Contract performance — to provide the service you signed up for (syncing your challenge history across devices)
Legitimate interests — to understand how the app is used in aggregate so we can improve it
Legal obligation — to comply with applicable laws

4. How we use your data

To sync your challenge history and settings across your devices
To compute and display your streak
To restore your progress if you switch devices
We do not use your data to serve ads
We do not sell, rent, or share your data with third parties for marketing

5. Data storage and security

Your data is stored in Supabase (a managed PostgreSQL database service). Data is encrypted at rest and in transit (TLS). Supabase infrastructure is hosted on AWS. We use Row-Level Security policies so that each user can only access their own data.

Supabase's privacy policy: supabase.com/privacy

6. Data retention

We keep your account data for as long as your account exists. You can delete your account at any time from Settings → Data → Delete my account. Deletion is immediate and permanent — all your data is removed from our database.

Anonymous transfer codes expire after 15 minutes and are purged from our database automatically.

7. Your rights (GDPR and similar laws)

Depending on where you live, you may have the right to:

Access — request a copy of your data (use Settings → Export Data)
Erasure — delete your account and all associated data (use Settings → Delete my account)
Portability — export your data in JSON format (use Settings → Export Data)
Rectification — correct inaccurate data
Objection — object to certain types of processing

To exercise any right not available through the app's self-service tools, email us at gustafvalentine@gmail.com. We will respond within 30 days.

8. Cookies and local storage

DailyDo stores your settings and challenge history in your browser's localStorage (not cookies). This data never leaves your device unless you create an account and sync. We do not use tracking cookies or third-party analytics cookies.

9. Children

DailyDo is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us and we will delete it.

10. Changes to this policy

If we make material changes to this policy, we will update the "Last updated" date at the top of this page. We encourage you to review this policy periodically.

11. Contact

Questions about privacy? Email us at gustafvalentine@gmail.com