Privacy Policy

Last updated: April 13, 2026

PomoDo ("we", "our", "the app") is a pomodoro timer and todo list application. We respect your privacy and are committed to protecting your personal data.

1. Information We Collect

When you sign in with Google, we receive your:

• Name and email address — to identify your account
• Profile picture — to display in the app

We also store your todo list data, timer settings, and subscription status.

2. How We Store Your Data

• All user data is stored in Google Firebase Firestore.
• Your todo data and settings are encrypted with AES-256-GCM before being stored. The encryption key is derived from your unique account identifier and is never stored on our servers.
• Only you can decrypt and read your own data.

3. How We Use Your Information

• To provide and maintain the app's functionality
• To sync your data across devices
• To process payments via Razorpay for PRO subscriptions
• To generate reports that only you can access

4. Third-Party Services

• Google Firebase — Authentication and data storage
• Razorpay — Payment processing (PCI DSS compliant)
• Vercel — Web hosting

We do not sell, trade, or share your personal data with any other third parties.

5. Data Security

We implement industry-standard security measures including:

• Client-side AES-256-GCM encryption
• Firebase Security Rules for per-user data isolation
• HTTPS encryption for all data in transit

6. Data Retention & Deletion

Your data is retained as long as you have an active account. You can delete your data at any time by contacting us at pomodo.support@gmail.com.

7. Your Rights

You have the right to access, correct, or delete your personal data. Contact us at pomodo.support@gmail.com.

8. Changes to This Policy

We may update this policy from time to time. Changes will be posted on this page.

9. Contact

For questions about this privacy policy, contact: pomodo.support@gmail.com

← Back to PomoDo