Privacy Policy for FocusFlow
Last updated: December 16, 2025
TL;DR: Everything is stored locally on your device. When you use AI features, your task or chat message is sent to Groq (using Meta's Llama AI). Spotify integration requires authentication but we only store tokens locally. We collect zero personal information. No tracking, no ads, no data selling.
1. Information We Collect
FocusFlow is designed with privacy-first principles:
- Tasks & Projects: Task titles, descriptions, notes, completion status (stored locally)
- Focus Sessions: Pomodoro timer history, duration, timestamps (stored locally)
- Sound Preferences: Your selected ambient sounds (stored locally)
- Spotify Preferences: Selected playlist URI (stored locally) - only if you use Spotify integration
- Spotify Authentication: OAuth tokens for Spotify access (stored locally in encrypted storage) - only if you connect Spotify
- App Settings: Theme, notifications, timer preferences (stored locally)
- Subscription Status: Premium tier managed by Google Play Billing (no payment data stored by us)
- AI Usage: Weekly quota tracking (15 requests free, unlimited premium - stored locally)
2. How We Use Your Information
Local-Only Storage
All your data is stored exclusively on your device using Android's Room database. We have no servers, no cloud sync, and no remote access to your data.
AI Features (Task Breakdown & Productivity Coach)
When you use any AI features:
- Your task title or chat message is sent to Groq (using Meta's Llama 3.1 70B model)
- For the Coach feature, conversation history and productivity context may be included
- No other personal information, session data, or usage patterns are transmitted
- Groq processes this data according to their Privacy Policy
- Free tier: 15 coach messages per week
- Premium: Unlimited coach messages per week
- All conversations are stored locally on your device
Premium Features
If you subscribe to FocusFlow Pro Plus ($1.99/month or $12.99/year):
- Advanced Analytics: Processed locally on your device
- Weekly Reports: Generated locally using WorkManager
- Smart Notifications: Scheduled locally, no server communication
- Enhanced AI Quota: Unlimited instead of 15 (tracked locally)
3. Third-Party Services
Spotify (Music Integration)
- Purpose: Play focus music during your productivity sessions
- Data Sent: Authentication requests, playlist fetch requests, playback control commands
- Data Received: Your Spotify display name, playlist names/images, currently playing track info
- Authentication: Uses OAuth 2.0 with PKCE - we never see your Spotify password
- Tokens Stored: Access and refresh tokens stored locally in encrypted Android storage
- Premium Required: Spotify Premium subscription required for playback control
- Privacy Policy: Spotify Privacy Policy
- Terms: Spotify Terms of Service
Note: FocusFlow uses Spotify's official Android SDK for playback control. All music streaming is handled by the Spotify app - we do not access, download, or store any music content.
Groq AI (All AI Features)
- Purpose: Power all AI features including task breakdown and the "Flow" productivity coach
- Data Sent: Task titles, chat messages, conversation history, and productivity context
- Model: Meta Llama 3.1 70B Versatile
- Privacy Policy: Groq Privacy Policy
- Terms: Groq Terms of Use
Google Play Billing
- Purpose: Process FocusFlow Pro Plus subscriptions
- Data Handled: Payment information (managed entirely by Google Play)
- What We See: Only subscription status (active/inactive), not payment details
- Privacy Policy: Google Privacy Policy
Firebase Crashlytics (Optional)
- Purpose: Monitor app crashes to improve stability
- Data Collected: Device model, Android version, crash logs (no personal data)
- Privacy Policy: Firebase Privacy
4. Data Security
- Local Storage: All data stored using Android's encrypted Room database
- HTTPS Encryption: All API communications use TLS 1.3
- No Authentication: No accounts, passwords, or login credentials = no credential theft
- No Cloud Sync: Your data never leaves your device (except when using AI features)
- API Key Security: API keys stored in secure build configuration, not in source code
5. Your Rights
You have complete control over your data:
- Access: All data is already on your device in the app
- Delete: Uninstall the app or clear app data in Android Settings > Apps > FocusFlow > Storage
- Opt Out of AI: Don't use the AI Breakdown feature (you control when data is sent)
- Disconnect Spotify: Use the "Disconnect" button in Settings to revoke Spotify access and delete stored tokens
- Revoke Spotify Access: Visit Spotify Account Apps to fully revoke FocusFlow's access
- Cancel Subscription: Manage in Google Play Store > Subscriptions
- Data Portability: Not applicable (data is already local, no export needed)
6. Children's Privacy
FocusFlow is rated for users aged 13+. We do not knowingly collect data from children under 13. If you're a parent and believe your child has used the app, simply uninstall it to remove all data.
7. Data Retention
Since all data is local, you control retention:
- Data persists until you delete tasks/sessions manually
- Clear app data to delete everything
- Uninstalling removes all data permanently
- AI requests are not logged or stored by us
8. International Users
FocusFlow is available globally. Your data stays on your device regardless of location. AI requests are processed by Groq according to their regional policies and data handling practices.
9. Changes to This Policy
We may update this policy to reflect new features or legal requirements. Changes will be posted here with an updated "Last updated" date. Continued use after changes constitutes acceptance.
10. Contact & Data Requests
For privacy questions, data deletion requests, or concerns:
- Email: mwangistanley746@gmail.com
- Response Time: Within 24 hours
- Data Deletion: Simply uninstall the app (we have no servers to delete from)
11. Legal Compliance
FocusFlow complies with:
- GDPR: European data protection regulations (minimal data collection)
- CCPA: California privacy rights (no data selling, ever)
- Google Play Policies: Android app privacy requirements
- COPPA: Children's privacy (age 13+ rating)
12. What We DON'T Do
To be absolutely clear:
- ❌ No user tracking or analytics
- ❌ No data selling to third parties
- ❌ No targeted advertising
- ❌ No location tracking
- ❌ No contact access
- ❌ No background data collection
- ❌ No cross-app tracking
- ✅ Just a productivity app that respects your privacy
Summary: Your productivity data is private and stays on your device. We only send data to Groq AI when you explicitly use AI features. Spotify integration is optional and only accesses your playlists when you choose to connect. No tracking, no ads, no data selling, no BS. Just a simple, privacy-respecting Pomodoro timer app with intelligent AI assistance powered by Llama and optional Spotify music integration.
Spotify Trademark Notice: Spotify® is a registered trademark of Spotify AB. FocusFlow is not affiliated with, endorsed by, or sponsored by Spotify AB.