Privacy Policy

Last updated: March 6, 2026

1. Introduction

NeuroTask ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our web application and related services (collectively, the "Service"). Please read this policy carefully. By using the Service, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

We collect the following types of information:

Account Information

When you sign up, we collect your name and email address through our OAuth authentication provider. We do not store passwords — authentication is handled securely through third-party OAuth.

User-Generated Content

This includes quests, missions, time blocks, ideas, mood check-ins, gratitude entries, and focus session data that you create within the Service. This data is stored to provide you with a personalized experience.

Google Calendar Data

If you choose to connect your Google Calendar, we access your calendar events to display them alongside your time blocks. We also create events in your Google Calendar when you create time blocks in NeuroTask. We store OAuth tokens securely to maintain this connection. You can disconnect your Google Calendar at any time from Settings, which immediately revokes our access and deletes stored tokens.

Usage Data

We may collect basic usage analytics such as page views to improve the Service. This data is aggregated and does not personally identify you.

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Service
  • Personalize your experience, including gamification progress, streaks, and levels
  • Display your Google Calendar events alongside your NeuroTask time blocks
  • Create events in your Google Calendar when you add time blocks
  • Respond to your requests and provide customer support
  • Analyze usage patterns to improve the Service

4. Google Calendar API Disclosure

NeuroTask's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

  • We only request the minimum scopes necessary (calendar.readonly and calendar.events)
  • We do not use Google Calendar data for advertising purposes
  • We do not sell Google Calendar data to third parties
  • We do not use Google Calendar data for purposes unrelated to the Service
  • Users can revoke access at any time through NeuroTask Settings or their Google Account

5. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share information only in the following circumstances:

  • Service Providers: We use trusted third-party services for hosting, database management, and authentication. These providers only access data necessary to perform their functions.
  • Legal Requirements: We may disclose information if required by law, regulation, or legal process.
  • Safety: We may disclose information to protect the rights, property, or safety of NeuroTask, our users, or others.

6. Data Security

We implement appropriate technical and organizational measures to protect your personal information. All data is transmitted over encrypted connections (HTTPS/TLS). OAuth tokens are stored securely and encrypted at rest. However, no method of transmission over the Internet is 100% secure, and we cannot guarantee absolute security.

7. Data Retention

We retain your data for as long as your account is active or as needed to provide the Service. If you wish to delete your account and associated data, please contact us. Google Calendar tokens are deleted immediately when you disconnect the integration.

8. Your Rights

You have the right to:

  • Access the personal information we hold about you
  • Request correction of inaccurate information
  • Request deletion of your data
  • Disconnect third-party integrations (e.g., Google Calendar) at any time
  • Export your data in a portable format

9. Children's Privacy

The Service is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected data from a child under 13, we will take steps to delete such information.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. Your continued use of the Service after changes constitutes acceptance of the updated policy.

11. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us through the application.