Privacy Policy

Privacy Policy

NowDo.AI

Version: 1.1 Effective Date: November 1, 2025 Last Updated: October 31, 2025

1. Introduction

Welcome to NowDo.AI. We are committed to protecting your privacy and ensuring transparency about how we collect, use, and protect your personal information.

Contact us: privacy@nowdo.ai

2. Data We Collect

2.1 Account Information

• Email address (from Google OAuth)
• Display name
• Google user ID
• Authentication tokens

2.2 Task Data

• Task descriptions, priorities, and due dates
• Topics and categories you create
• Task completion status

2.3 Usage Data

• Analytics data (only with your explicit consent)
• Application logs (sanitized, no PII)

3. How We Use Your Data

We use your data to:

• Provide and improve our task management service
• Enable AI-powered task organization (with your consent)
• Authenticate your account
• Communicate important service updates

4. Data Sharing

4.1 Google (Authentication Provider)

• Purpose: OAuth authentication
• Data shared: Authentication tokens only
• Location: United States
• Privacy Policy: Google Privacy Policy

4.2 OpenAI (AI Service Provider)

• Purpose: AI-powered task inference and organization (only with your consent)
• Provider: OpenAI, L.L.C.
• Data shared: Task titles, priorities, due dates, topics (NOT personal memory data)
• Location: United States
• Data Processing Agreement: OpenAI Enterprise Privacy
• Retention: Zero-day retention for API calls (OpenAI does not store API data)

4.3 Google Analytics

• Purpose: Usage analytics and product improvement (only with your explicit consent)
• Data shared: Anonymized usage patterns
• Cookies: _ga, _gid, _gat
• Control: You can opt out anytime in settings

5. Your Rights

Under GDPR and privacy laws, you have the right to:

• Access: Export all your data in CSV format
• Rectification: Update your information
• Erasure: Delete your account and all data (immediate, permanent)
• Portability: Download your data
• Withdraw Consent: Change analytics or AI consent anytime

6. Data Retention

• Active accounts: Data retained as long as account is active
• Deleted accounts: Immediately deleted (hard delete, permanent)
• Analytics data: Retained by Google Analytics per their policy
• Backups: Deleted account data removed from backups within 30 days

7. Security

We implement industry-standard security measures:

• Encrypted connections (HTTPS/TLS)
• Secure authentication (Google OAuth)
• No plaintext password storage
• Regular security audits
• PII-free logging

8. Cookies

Essential Cookies

• session_token: Authentication session (required)
• Duration: Session-based

Analytics Cookies (Optional)

• _ga, _gid, _gat: Google Analytics tracking
• Duration: 2 years (_ga), 24 hours (_gid), 1 minute (_gat)
• Control: Requires explicit consent, can be disabled in settings

9. Children's Privacy

NowDo.AI is not intended for children under 13. We do not knowingly collect data from children.

10. Changes to This Policy

We may update this privacy policy. When we do, we will:

• Update the version number and effective date
• Notify you and request re-consent if changes are material
• Maintain a version history for transparency

11. Contact Us

For privacy questions or concerns:

• Email: privacy@nowdo.ai