Privacy Policy

Last updated: 2026-05-08 · Terms of Service

1. Data Controller

Hindsight ("the Service", "we", "us") is operated by Jheniffer Janice Gonsalves, a Brazilian sole proprietor registered as MEI (Microempreendedor Individual) under CNPJ 66.944.482/0001-46. For any privacy-related questions or to exercise your data subject rights, contact us at hindsightsupport@gmail.com.

2. Data We Collect

We collect the minimum amount of personal data needed to operate the Service:

• Account data: your Google account identifier (sub), email address, display name, and profile picture URL — all received from Google when you sign in.
• Content you create: tasks (title, body, due date, checklist), lists, snooze metadata, and recurrence rules.
• Activity data: append-only events recording when tasks are created, completed, edited, snoozed, deleted, etc. — used for personal insights and AI features.
• Device and locale data: timezone, preferred language, app version, and operating system version.
• Crash reports (Android only): when the app crashes, we collect a stripped diagnostic report containing a random per-install identifier, the exception type and source-code location (file, line, method, class), the device model, Android version, locale, and free disk space. The report deliberately excludes the content of your tasks, lists, search queries, account email, and any free-form text from the exception message — fields that could contain personal data are filtered out before transmission.

3. When We Collect Data

Data is collected at three moments: when you sign in (account data from Google), when you interact with the app (content + activity events), and during background sync (no new data — only synchronization of what you already created).

4. Legal Basis for Processing

We process your data under two legal bases of LGPD Art. 7 and the corresponding GDPR provisions: (i) performance of the contract (operating the Service you signed up for), and (ii) your consent (for optional features such as AI-generated suggestions on the PREMIUM_AI plan).

5. Purposes of Processing

We use your data exclusively to: operate the todo service across devices, send reminders for tasks you created, generate AI-powered suggestions when you have an eligible plan, and respond to your support or legal inquiries. We do not use your data for advertising, profiling, or any third-party marketing purpose.

6. Sharing With Third Parties

We share data with the following operators, only as needed to provide the Service:

• Google LLC: identity verification (OAuth) and JWT key distribution.
• Amazon Web Services (AWS): hosting, database (Aurora PostgreSQL), object storage (S3), and email delivery (SES). All data is stored in the AWS region us-east-1 (United States).
• Anthropic / AWS Bedrock: only for users on the PREMIUM_AI plan, your task and list content is sent to a large language model to generate aggregation suggestions. The model provider does not retain your content for training.

We do not sell your data and do not share it with advertisers.

7. International Data Transfer

Your data is stored on servers located in the United States (AWS us-east-1). For users in Brazil, this constitutes an international transfer under LGPD Art. 33. For users in the European Union, this transfer is covered by Standard Contractual Clauses under GDPR Art. 46. By using the Service, you consent to this transfer.

8. Data Retention

We retain your data as long as your account exists. When you delete your account, we apply a 30-day recovery window during which your data is soft-deleted but recoverable by signing back in. After 30 days, your data is permanently removed via cascade-delete (your User record, all Tasks, all Lists, all Activity Events). Backups are retained for an additional 30 days for disaster recovery, after which they are also purged.

9. Your Rights Under LGPD and GDPR

You have the right to:

• Access: request a copy of your data — available in-app via Settings → Export my data.
• Rectification: correct inaccurate data — available in-app by editing your tasks and profile.
• Erasure: delete your account and data — available in-app via Settings → Delete account.
• Portability: receive your data in a machine-readable JSON format — same as the Access right above.
• Withdrawal of consent: revoke your Google sign-in and delete your account at any time.
• Objection: object to specific processing activities — contact us at the email below.
• Information: this Privacy Policy is the source of information about our data practices.

10. How To Exercise Your Rights

For Access, Erasure, and Portability, use the in-app buttons (Settings → Export, Settings → Delete account). For all other requests, email hindsightsupport@gmail.com. We will respond within 15 business days as required by LGPD Art. 19, §1.

11. Children's Data

The Service is not directed at children under the age of 13. We do not knowingly collect data from children under 13. If you believe a child has signed up, contact us and we will delete the account.

12. Cookies and Local Storage

We use only strictly necessary cookies: a Django session cookie (HttpOnly, Secure, SameSite=Lax) to keep you signed in, and a CSRF cookie required by Google Sign-In (g_csrf_token). We do not use any third-party tracking cookies, analytics cookies, or advertising cookies.

13. Security

We protect your data with: TLS 1.2+ encryption in transit, AWS KMS encryption at rest for the database and object storage, IAM least-privilege roles for all service components, SHA-256 hashing for API tokens, and AWS SSM Parameter Store SecureString for application secrets. The Django administrative interface is not exposed publicly.

14. Breach Notification

In the event of a data breach that creates real risk or relevant damage to data subjects, we will notify affected users by email within 72 hours of becoming aware, as required by LGPD Art. 48 and GDPR Art. 33.

15. Changes to This Policy

For material changes (changes that affect what data we collect, who we share it with, or how we use it), we will notify you by email and via an in-app dialog at least 30 days before the change takes effect. For non-material changes (typo fixes, contact email update), we will simply update the "Last updated" date at the top of this page.

16. Governing Law and Jurisdiction

This Privacy Policy is governed by Brazilian law (Marco Civil da Internet and LGPD). For data subjects based in Brazil, any disputes shall be resolved in the courts of the Comarca de Dourados, Mato Grosso do Sul. For users in the European Union, GDPR Standard Contractual Clauses and the laws of your country of residence apply.

17. Contact

For all privacy-related questions, requests, or complaints, contact us at hindsightsupport@gmail.com. You also have the right to file a complaint with the Brazilian National Data Protection Authority (ANPD) or with your local European data protection authority.