Back to nowU

Privacy Policy

Effective May 12, 2026

Short version: we keep only what we need to run the service, we never sell your data, and you can delete it any time. The rest of this page is the long version.

1. What we collect

From you

  • Tasks, tags, rules, and contacts you create in the app — including titles, descriptions, durations, scheduled times, and any custom tag names/colors/aliases.
  • Tag-change audit log: when a tag is added or removed, we record the event (which tag, what task title at the time, whether the tag came from a rule, the LLM, or a manual action). This powers the rules engine and never leaves your account.

From Google (when you sign in)

  • Your email address, display name, and profile photo — used to label your account and show your initials in the sidebar.
  • A refresh token scoped to calendar.readonly, stored encrypted at rest (AES-256-GCM) on our server. We use it to fetch your calendar events on demand.
  • Your calendar list and event metadata (title, start, end, calendar color) — fetched live from Google when the calendar pane is open. We do not persist calendar events in our database.

Automatically

  • Standard request logs (IP, user agent, timestamps) retained briefly for debugging and abuse prevention. No third-party analytics, no cookies beyond what the auth session needs.

2. Where data goes

nowU uses a small number of third parties, each with a specific purpose:

  • Supabase hosts our Postgres database and handles authentication. Your tasks, tags, rules, contacts, and encrypted Google refresh token live there. Row-level security ensures each user can only read their own data.
  • Google verifies your identity at sign-in and serves your calendar events when you open the calendar pane. We use the official OAuth flow and the read-only calendar scope.
  • Anthropic (Claude)receives the title of a new task ONLY when the rules engine doesn’t already tag it AND the title passes a length gate. Claude returns suggested tag names. The task title is sent over TLS; we do not include your email, calendar, or any other tasks in the prompt. Anthropic’s API is configured for zero data retention where applicable.

We do not sell or share your data with advertisers, brokers, or any third party other than the infrastructure providers above.

3. What we do NOT collect

  • The contents of your calendar events beyond display metadata.
  • The contents of your Gmail, Drive, or any other Google product.
  • Marketing-grade behavioural analytics or cross-site cookies.
  • Anything we don’t actively need to run the app.

4. Security

  • All traffic to nowU is served over HTTPS. Supabase enforces TLS at the database boundary.
  • Your Google refresh token is encrypted at rest with AES-256-GCM before it’s written to the database. The encryption key lives only in the server environment.
  • Per-user row-level security (RLS) is enforced on every table that holds user data — a logged-in user’s queries can only return their own rows.

5. Retention and deletion

  • Soft-deleted tasks are kept for 30 days (so you can restore them) and then permanently deleted by a scheduled job.
  • Disconnecting a Google account in Settings → Calendars deletes the associated encrypted refresh token and calendar metadata immediately. Google will also let you revoke our access at myaccount.google.com/permissions.
  • Deleting your account removes all your data from our side (tasks, tags, rules, contacts, calendar tokens, audit logs) within 30 days.

6. Your rights

You can export your tasks at any time from your Supabase Postgres rows on request, and you can ask us to delete your account. If you live somewhere with formal data-protection rights (GDPR, CCPA, etc.), those apply: write to us and we will respond.

7. Changes

If we make a material change to this policy, we’ll surface it in the app or via the email on your Google account before it takes effect.

8. Contact

Privacy questions, data requests, or anything else? Email david@daviddouek.com.