Legal

Privacy Policy

We believe privacy should be straightforward, not buried in legalese. Here's exactly what we collect and why.

Last updated: March 9, 2026

What we collect

We collect the minimum amount of information necessary to provide Lifafa AI:

  • Account information: Your name and email address when you sign up. If you authenticate via Google, Apple, or Microsoft, we receive only what those providers share (typically name and email).
  • Task data: The tasks, notes, captured text, and any content you add to Lifafa AI. This data is synced to our servers so it's available across your devices.
  • Device information: Basic device type and operating system version, used to ensure the app works correctly on your platform. We do not collect unique device identifiers beyond what's needed for push notification delivery.
  • Usage data: Anonymized feature usage metrics (e.g., "voice capture was used") to understand which features are working. We do not track individual task content for analytics purposes.

How we use your data

  • Sync tasks: Your task data is stored securely in our database and synced across your devices whenever you're online.
  • Improve AI extraction: We may use aggregated, anonymized patterns from task extraction to improve the accuracy of our AI models. We do not use the text content of your individual tasks to train AI models without your explicit consent.
  • Authentication: Your account information is used solely to identify you and secure your data. We do not sell or share your email address with third parties for marketing purposes.
  • Service communications: We may email you about important account or service updates. You can opt out of non-essential emails at any time.

API keys

Your AI provider API key (e.g., Anthropic API key) is stored on your device only. It is never transmitted to Lifafa AI servers. AI processing requests are sent directly from your device to the AI provider using your key — Lifafa AI never sees the key or acts as a proxy for AI requests. This is a deliberate architectural choice to protect your data and your API usage.

Data storage and security

  • Task data is stored in Supabase with row-level security enabled — no user can access another user's data at the database level, even in the event of an application-layer bug.
  • Data is encrypted at rest and in transit using industry-standard TLS.
  • Authentication tokens are stored securely using platform-native secure storage (Keychain on iOS/macOS, Keystore on Android).
  • We do not share your personal data with third parties except as required to operate the service (e.g., authentication providers, database hosting).

Third-party services

Lifafa AI uses the following third-party services to operate:

  • Supabase — database and authentication infrastructure
  • Google, Apple, Microsoft — optional OAuth sign-in providers
  • Google Calendar API — if you connect your calendar, we use this to write tasks as events. We request only the minimum required calendar scopes.
  • Expo / React Native — the cross-platform app framework. Expo does not have access to your task data.

Each of these services has their own privacy policy governing how they handle data passed through them.

Your rights and your data

You have full control over your data:

  • Export: You can request an export of all your task data at any time by contacting us at hello@lifafaai.com.
  • Delete: You can delete your account and all associated data at any time from the app settings, or by emailing hello@lifafaai.com. Deletion is permanent and irreversible.
  • Correction: If your account information is incorrect, you can update it in the app settings or contact us.
  • Portability: We will provide your data in a machine-readable format (JSON) upon request.

Children's privacy

Lifafa AI is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us and we will delete it promptly.

Changes to this policy

We may update this Privacy Policy from time to time. When we make material changes, we'll notify you via email or an in-app notice at least 14 days before the changes take effect. Continued use of Lifafa AI after the effective date constitutes acceptance of the updated policy.

Contact

Questions about privacy? We're happy to answer them directly.

Email: hello@lifafaai.com