Privacy Policy

Introduction

Welcome to NudgeMe. We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, store, and protect your data when you use our reminder service.

By using NudgeMe, you agree to the collection and use of information in accordance with this policy.

Information We Collect

Account Information

When you create an account, we collect:

• Email address (for authentication and account recovery)
• Password (encrypted and stored securely)
• Account creation date and last login information

Reminder Data

To provide our reminder service, we collect and store:

• Reminder text content you create
• Scheduled dates and times for reminders
• Repeat rules and recurrence patterns
• Completion status of reminders
• Delivery channel preferences (push, SMS, email)

Contact Information

If you choose to enable additional notification channels:

• Phone number (for SMS notifications, verified via confirmation code)
• Push notification subscription details (device tokens)

Google Calendar Integration

If you connect Google Calendar:

• OAuth access tokens (encrypted)
• Calendar event data synced to NudgeMe
• Last sync timestamp

Usage Information

We automatically collect:

• Device information (browser type, operating system)
• Usage patterns to improve AI parsing accuracy
• Notification delivery status and timestamps

How We Use Your Information

We use the information we collect to:

• Deliver reminders at your scheduled times via your preferred channels
• Parse natural language input to create accurate reminders
• Sync events between NudgeMe and Google Calendar
• Send SMS notifications to your verified phone number
• Send push notifications to your registered devices
• Improve AI parsing accuracy based on usage patterns
• Provide customer support and respond to your inquiries
• Detect and prevent fraud or abuse of our service
• Analyze usage to improve service features and performance

Data Storage and Security

Your data security is our top priority:

• Encryption: All data is encrypted in transit using HTTPS/TLS and at rest in our Supabase database
• Access Control: Row Level Security (RLS) policies ensure you can only access your own data
• Password Security: Passwords are hashed using industry-standard bcrypt algorithms
• OAuth Tokens: Google Calendar tokens are encrypted before storage
• Infrastructure: We use Supabase's secure, SOC 2 Type II certified infrastructure
• Backups: Regular automated backups ensure data recovery capability

Third-Party Services

We integrate with third-party services to provide full functionality:

Supabase

Our database and authentication provider. Data is stored in secure, encrypted databases.

Google Calendar API

When you connect Google Calendar, we access your calendar data to sync events. We only request the minimum necessary permissions and you can revoke access at any time.

Twilio (SMS Provider)

For SMS notifications, we use Twilio to send messages to your verified phone number. Your phone number is shared with Twilio only for message delivery.

Push Notification Services

Browser push notifications use the Web Push API and service worker technology built into your browser.

Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information only in these limited circumstances:

• Service Providers: With third-party services (Twilio, Google) necessary to deliver our service
• Legal Requirements: When required by law, court order, or government regulation
• Safety and Security: To protect the rights, property, or safety of NudgeMe, our users, or the public
• Business Transfers: In connection with a merger, acquisition, or sale of assets (users will be notified)

Your Rights and Choices

You have the following rights regarding your data:

• Access: View all your personal data and reminders in your account settings
• Correction: Update or correct your account information at any time
• Deletion: Delete your account and all associated data permanently
• Export: Download a copy of your reminder data
• Opt-Out: Disable SMS or push notifications at any time
• Revoke Access: Disconnect Google Calendar integration from settings

To exercise these rights, access your account settings or contact us at privacy@nudgeme.rip.

Cookies and Tracking

NudgeMe uses minimal cookies and local storage:

• Authentication: Session tokens to keep you logged in
• Preferences: Local storage for app settings and theme preferences
• Analytics: We do not use third-party analytics or tracking cookies

Data Retention

We retain your data as follows:

• Active Accounts: Data is retained while your account is active
• Completed Reminders: Stored indefinitely unless you delete them
• Deleted Accounts: All data is permanently deleted within 30 days
• Backup Data: May persist in encrypted backups for up to 90 days

Children's Privacy

NudgeMe is not intended for users under the age of 13. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately at privacy@nudgeme.rip.

International Users

NudgeMe is operated in the United States. If you are accessing our service from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States where our servers are located.

GDPR Compliance (EU Users)

If you are in the European Economic Area (EEA), you have additional rights under GDPR:

• Right to data portability
• Right to restrict processing
• Right to object to processing
• Right to lodge a complaint with a supervisory authority

Our legal basis for processing your data is your consent and the performance of our contract with you.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by:

• Posting the new Privacy Policy on this page
• Updating the "Last Updated" date
• Sending an email notification for material changes

Your continued use of NudgeMe after changes become effective constitutes acceptance of the updated policy.

Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us: