Privacy Policy

Last updated: November 1, 2025

1. Introduction

Welcome to 0focus ("we", "our", or "us"). We are committed to protecting your privacy and handling your data in an open and transparent manner. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and services.

By using 0focus, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our services.

🔒 Google API Services User Data Policy Compliance

0focus's use and transfer of information received from Google APIs to any other app will adhere to Google API Services User Data Policy, including the Limited Use requirements.

We access your Google data only with your explicit consent and use it solely to provide the features you request. We do not sell, share for advertising purposes, or use your Google data for any purpose other than providing our core service functionality.

2. Information We Collect

2.1 Information You Provide Directly

  • Account Information: Email address and name when you sign up via Google OAuth
  • User Preferences: Your content preferences, digest settings, summary style choices, and notification preferences

2.2 Information We Collect from Google Services (With Your Permission)

Gmail API Data Access

When you connect your Gmail account, you explicitly grant us permission to access the following Gmail data:

  • Email Messages: We read email content from newsletters you subscribe to for the purpose of creating summaries
  • Email Metadata: Sender email address, sender name, subject line, date/time received
  • Labels: We may read email labels to identify newsletter content
  • Read/Unread Status: We can mark emails as "read" after you consume the summary (optional feature you can control)

What we DO NOT access:

  • Personal correspondence or non-newsletter emails
  • Draft emails or sent emails
  • Email attachments (unless explicitly needed for newsletter content)
  • Contacts or address book
  • Calendar data

YouTube API Data Access

When you connect your YouTube account, you explicitly grant us permission to access:

  • Subscriptions: List of channels you subscribe to
  • Video Metadata: Video titles, descriptions, publication dates from your subscribed channels
  • Video Transcripts: Public transcripts/captions for summarization

What we DO NOT access:

  • Your viewing history or watch later list
  • Your YouTube comments or likes
  • Your uploaded videos or private playlists

2.3 Information We Collect Automatically

  • Usage Data: Features used, content consumed, digest creation timestamps
  • Device Information: Device type, operating system version, app version
  • Log Data: IP address (for security), timestamps, error reports for debugging

2.4 Generated Content

  • AI Summaries: Text summaries we generate from your newsletters and videos
  • Audio Files: Audio versions of summaries created via text-to-speech
  • Metadata: Summary creation dates, listen timestamps, completion status

3. How We Use Your Information

Limited Use Commitment

We use your Google user data exclusively to provide and improve the features you explicitly request. We do not use your data for advertising, marketing to third parties, or any purpose unrelated to our core service functionality.

3.1 Primary Uses (Core Functionality)

  • Content Aggregation: Collect newsletters and videos from your connected accounts
  • AI Summarization: Generate concise summaries of your content using AI
  • Audio Generation: Convert summaries to audio for listening
  • Deduplication: Identify and remove duplicate content across sources
  • Personalization: Customize content delivery based on your preferences
  • Email Management: Mark emails as read when you consume summaries (if enabled by you)

3.2 Service Improvement

  • Analyze usage patterns to improve features (anonymized data only)
  • Debug and fix technical issues
  • Improve AI summary quality
  • Optimize performance and reliability

3.3 Communication

  • Send service updates and feature announcements
  • Respond to your support requests
  • Send security alerts if necessary
  • Notify you of policy changes

3.4 What We DO NOT Do With Your Data

  • ❌ No Selling: We never sell your data to third parties
  • ❌ No Advertising: We do not use your Gmail or YouTube data for advertising purposes
  • ❌ No Third-Party Sharing: We do not share your Google data with third parties except as required to provide our service (e.g., AI processing)
  • ❌ No Training: We do not use your emails or personal content to train AI models
  • ❌ No Profiling: We do not create marketing profiles from your data

4. How We Share Your Information

We share your information only in the following limited circumstances:

4.1 Service Providers (Data Processors)

We use third-party service providers to help us provide our services. These providers have access to your information only to perform specific tasks on our behalf and are obligated to protect your data:

Anthropic (Claude AI)

Purpose: Generate AI summaries from your content

Data Shared: Newsletter text and video transcripts for summarization

Data Retention: Processed in real-time, not stored by Anthropic per their API terms

Privacy Policy: anthropic.com/privacy

ElevenLabs

Purpose: Convert text summaries to audio

Data Shared: AI-generated summary text only (not original content)

Data Retention: Audio generation only, text not retained

Privacy Policy: elevenlabs.io/privacy

Amazon Web Services (AWS S3)

Purpose: Store generated audio files

Data Shared: Audio files and metadata

Security: Encrypted storage with access controls

Privacy Policy: aws.amazon.com/privacy

Google APIs (Gmail, YouTube)

Purpose: Access your Gmail and YouTube data with your authorization

Data Shared: OAuth tokens only (we access your data, not share it with Google)

Privacy Policy: policies.google.com/privacy

4.2 Legal Requirements

We may disclose your information if required by law, such as:

  • To comply with legal obligations or court orders
  • To protect our rights, property, or safety
  • To prevent fraud or security issues
  • In connection with a merger, acquisition, or sale of assets (with notice to you)

4.3 With Your Consent

We may share your information for other purposes with your explicit consent.

5. Data Storage, Security, and Retention

5.1 Data Security Measures

We implement industry-standard security measures to protect your data:

  • Encryption: All data in transit uses TLS/SSL encryption (HTTPS)
  • Encrypted Storage: Database and file storage use encryption at rest
  • Access Controls: Role-based access control and authentication
  • OAuth 2.0: Secure authentication via Google's OAuth protocol
  • Token Security: Access tokens stored securely and rotated regularly
  • Regular Audits: Security assessments and vulnerability scanning
  • Minimal Access: Only necessary personnel have access to user data

5.2 Data Retention

We retain your data only as long as necessary:

  • Active Accounts: We retain your data while your account is active
  • Account Deletion: Within 30 days of account deletion, we permanently delete:
    • All email content and YouTube data
    • Generated summaries and audio files
    • Your preferences and settings
    • OAuth access tokens
  • Legal Retention: Some data may be retained longer if required by law or for legitimate business purposes (e.g., financial records, security logs)
  • Anonymized Data: We may retain anonymized usage statistics for service improvement

5.3 Data Location

Your data is stored on secure servers in the European Union (EU-Central-1 region). Data may be processed in other regions where our service providers operate, but always with appropriate safeguards.

6. Your Rights and Controls

6.1 Access Control to Google Data

You have complete control over our access to your Google account:

  • Revoke Access Anytime: Visit Google Account Permissions to revoke 0focus's access immediately
  • Selective Permissions: You control which newsletters and channels we access
  • In-App Controls: Disconnect Gmail or YouTube directly from app settings

6.2 Your Privacy Rights

Depending on your location, you have the following rights under laws like GDPR and CCPA:

  • Right to Access: Request a copy of all personal data we hold about you
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure ("Right to be Forgotten"): Request deletion of your data
  • Right to Data Portability: Receive your data in a machine-readable format
  • Right to Restrict Processing: Limit how we process your data
  • Right to Object: Object to processing of your data
  • Right to Withdraw Consent: Withdraw consent at any time without affecting prior processing
  • Right to Complain: Lodge a complaint with a data protection authority

6.3 How to Exercise Your Rights

To exercise any of these rights, contact us at:

  • Email: privacy@0focus.app
  • Subject Line: "Data Rights Request"
  • Response Time: We will respond within 30 days

6.4 Account Deletion

You can delete your account at any time:

  • In-app: Settings → Account → Delete Account
  • Via email: Request deletion at privacy@0focus.app
  • Upon deletion, all your data will be permanently removed within 30 days

7. Children's Privacy

Our services are not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us at privacy@0focus.app, and we will delete such information immediately.

8. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws different from your jurisdiction.

We ensure appropriate safeguards are in place to protect your information, including:

  • Standard Contractual Clauses approved by the EU Commission
  • Ensuring service providers adhere to data protection frameworks
  • Implementing technical and organizational security measures

9. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to Know: What personal information we collect, use, and share
  • Right to Delete: Request deletion of your personal information
  • Right to Opt-Out: We do not sell your personal information
  • Right to Non-Discrimination: We will not discriminate against you for exercising your rights

To exercise these rights, contact us at privacy@0focus.app with "California Privacy Rights" in the subject line.

10. European Economic Area (EEA) and UK Privacy Rights (GDPR)

If you are located in the EEA or UK, we process your data under the following legal bases:

  • Consent: When you authorize access to your Gmail or YouTube account
  • Contract: To provide the services you requested
  • Legitimate Interests: To improve our services and ensure security
  • Legal Obligation: To comply with applicable laws

You have all rights listed in Section 6, and you may lodge a complaint with your local data protection authority.

11. Cookies and Tracking Technologies

We use minimal tracking technologies:

  • Essential Cookies: Required for authentication and app functionality
  • Analytics: Anonymized usage data to improve the app (opt-out available)
  • No Advertising Cookies: We do not use cookies for advertising or tracking across websites

12. Do Not Track Signals

We do not track users across third-party websites. We respect Do Not Track (DNT) browser settings for web-based analytics.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements.

When we make material changes:

  • We will update the "Last updated" date at the top of this policy
  • We will notify you via email or in-app notification
  • We will request your consent if required by law
  • You can review the updated policy before continuing to use our services

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

📋 Privacy Policy Summary

  • ✅ We only access your Google data with your explicit permission
  • ✅ We use your data solely to provide features you request
  • ✅ We never sell your data or use it for advertising
  • ✅ You can revoke access anytime via Google Account settings
  • ✅ You can delete your account and all data within 30 days
  • ✅ We comply with GDPR, CCPA, and Google's API policies
  • ✅ We use industry-standard encryption and security
  • ✅ We're transparent about all third-party services we use