Privacy Policy

Last updated: May 29, 2026

Thank you for using Plan Todo ("we", "our", or "us"). We built this app with a privacy-first approach — collecting only what's needed to deliver the service and nothing more.

1. Information We Collect

Account Information. When you sign up, we collect your email address via secure authentication (Supabase Auth). We do not require your real name, phone number, or social media profiles.

App Data You Create. Your tasks, habits, focus sessions, and settings are stored securely and synced across your devices via Supabase (hosted on AWS). This data belongs to you — we never read, sell, or share it.

Usage Analytics. We use Mixpanel to understand how the app is used so we can improve it. We track anonymized events such as:

• Screen views and feature usage (e.g., focus timer started, task created)
• Onboarding progress and subscription events
• Crash-related diagnostics

We do not collect personal health data, location, contacts, photos, or browsing history.

2. How We Use Your Information

• To provide and sync your tasks, habits, and focus data across devices
• To authenticate your account securely
• To process in-app subscriptions via Apple's App Store (StoreKit 2)
• To analyze aggregate usage patterns and improve the product
• To communicate critical service updates (e.g., security notices)

3. Third-Party Services

Plan Todo integrates with the following third-party services:

• Supabase — Authentication and cloud data sync. Data is encrypted in transit (TLS) and at rest. Supabase Privacy Policy
• Mixpanel — Anonymized product analytics. No personally identifiable information is sent. Mixpanel Privacy Policy
• Apple / StoreKit 2 — In-app purchases and subscriptions. Payment processing is handled entirely by Apple. We do not see or store your payment details. Apple Privacy Policy

4. Data Storage & Security

Your data is stored on Supabase's secure infrastructure (AWS-hosted) with encryption in transit and at rest. We follow industry best practices to protect your information, but no system is completely immune to risk.

5. Data Retention & Deletion

You can delete your account at any time from within the app (Settings → Delete Account). Upon deletion, all your data — including tasks, habits, focus history, and account credentials — is permanently removed from our servers within 30 days.

6. Children's Privacy

Plan Todo is not directed at children under 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

7. Your Rights

Depending on your location, you may have the right to:

• Access the personal data we hold about you
• Request correction or deletion of your data
• Opt out of analytics tracking
• Export your data in a portable format

8. Changes to This Policy

We may update this privacy policy from time to time. Changes will be posted on this page with an updated "Last updated" date. Continued use of the app after changes constitutes acceptance.

9. Contact Us

If you have questions about this policy or your data, please reach out:

• Email: support@plantodo.co
• Website: plantodo.co