Privacy Policy

FocusMirror is a private AI work journal operated as a sole proprietorship by James Mbualungu, based in Virginia, USA ("FocusMirror," "we," "us"). This policy explains what we collect, how we use it, who processes it, and the rights you have. It covers our website, the waitlist, and the FocusMirror desktop app.

This is a pre-launch version (v0.1). It is accurate to the product as built today and will be expanded and formally reviewed before paid accounts open.

We collect only what the product needs to do its job:

• · Account: your email address, time zone, and a preferred day-end time.
• · Activity metadata: while a tracking session runs, the name of the active app, its bundle identifier, the site domain (e.g. github.com — never the full URL), and the start/end times of each stretch. After classification, a category label.
• · Your words: the session goal and any "what shipped" note you choose to type.
• · Diagnostics: device platform and app version.
• · Product analytics: pages you view and key in-product actions (sign-up, sign-in, upgrade), tied to your account, so we can understand how the site and app are used. This covers website/product behavior only — never your tracked activity.
• · Billing: subscription status and identifiers held with Stripe. Your card details are held by Stripe, not by us.
• · Waitlist: if you join the waitlist, your email and the channel you came from.

These are excluded by design — most of them structurally, not by policy:

• · Keystrokes or anything you type into other apps.
• · Window titles. They are read on your device to apply your exclusion rules and then discarded. They are never uploaded, and our database has no column to store them.
• · Full URLs, search queries, or page content — only the bare domain.
• · Screenshots or screen contents.
• · Message, file, or document content.
• · Anything from apps or domains you exclude — filtered on your device before anything uploads. Clinical software and password managers are excluded by default.
• · Anything while a session is paused or stopped.

To classify your activity into categories, group it into time blocks, and — only if you opt in to AI processing — generate your interval check-ins, a daily review, and one recommendation. We also use your account and billing data to run your subscription and respond to support. We also use a product-analytics provider (PostHog, acting as our service provider) to understand how the website and app are used — it never receives your tracked activity. We do not use your data for advertising, and we do not sell or share it.

Most activity is classified by a deterministic catalog lookup with no AI involved. Only the strings for apps or domains we don't yet recognize, and your time-block summaries, involve our AI provider — and even then the model receives a deliberately narrow slice of data.

AI is opt-in. If you decline AI processing, no data is ever sent to the AI provider; you still get your timelines and totals, just without the written summaries.

Our AI provider, Anthropic, processes inputs solely to return a result and, under its commercial API terms, does not use them to train its models. The full list of third parties that process your data:

We will keep this list current. If we add or change a sub-processor in a way that affects your data, we'll update this page.

Your data is stored in a Supabase Postgres database in the United States (us-east-1). Every row is scoped to its owner by row-level security — an automated test proves that one account can never read another's data. Derived tables (your blocks, reviews, and summaries) are written only by our server-side jobs, never by clients. Data is encrypted in transit (TLS) and at rest.

Retention. Raw activity events are kept 7 days on the Free plan and 90 days on Pro, then purged automatically each night. Your time blocks, daily reviews, and summaries are kept 7 days on Free and until you delete them on Pro.

Deletion. Deleting a session is a hard delete that cascades to every insight derived from it — an automated test requires zero orphaned rows. Each deletion is recorded in an audit log. Deleting your account removes your personal data; we retain minimal billing records only as long as the law requires.

You can access, correct, export, and delete your data. Export gives you everything we hold about you as JSON (available on request until the one-click export ships). Depending on where you live, you may have rights under the GDPR (access, rectification, erasure, portability, objection) or the CCPA/CPRA (know, delete, correct, opt out). One right we can state plainly for everyone: we do not sell or share your personal information. To exercise any of these, email the address below.

Where the GDPR applies, we process your data to perform our contract with you (running the service), with your consent (AI processing and marketing email), and for our legitimate interests in keeping the service secure and supporting you. You can withdraw consent at any time.

Our infrastructure and AI provider are in the United States. If you are in the EU, UK, or another region, your data is transferred to the US under appropriate safeguards, such as Standard Contractual Clauses.

FocusMirror is not directed to anyone under 16, and we do not knowingly collect data from children. If you believe a child has used the service, contact us and we'll delete the data.

We'll post any changes here and update the "last updated" date. For material changes, we'll give notice — by email or in the app — before they take effect.

Privacy questions or requests: security@focusmirror.app, or via the contact page.