Privacy Policy

Our Privacy-First Commitment

DotFocus is built on a foundation of privacy and transparency. We believe your focus training data belongs to you, and we've designed our entire system around this principle.

1. Information We Collect

1.1 Account Information

When you create an account, we collect:

• Email address (for authentication and account recovery)
• Optional demographic information (gender, birth date) if provided during onboarding
• Your motivation and discovery source (optional, for personalization)

1.2 Session Metrics

During focus training sessions, we store only numeric metrics:

• Session duration and timestamp
• Focus score (0-100)
• Aggregated metrics: blink rate, gaze stability, head movement
• Device quality indicators: lighting quality, tracking reliability

Important: We never store raw video frames, facial images, or any personally identifiable biometric data.

1.3 Usage Data

We may collect anonymous usage statistics to improve the service:

• Page views and navigation patterns
• Feature usage (which features you use most)
• Error logs and performance metrics

2. How We Use Your Information

We use your information solely to:

• Provide and improve the focus training service
• Calculate your focus scores and track progress
• Send you session summaries and progress reports (if enabled)
• Respond to your support requests
• Comply with legal obligations

We will never sell your data to third parties or use it for advertising.

3. On-Device Processing

All webcam video processing happens entirely on your device using MediaPipe Face Mesh:

• Video never leaves your browser
• Facial landmark detection runs locally
• Only computed metrics (numbers) are sent to our servers
• You can use "No Camera Mode" for complete privacy

4. Data Storage and Security

Your data is stored securely using industry-standard practices:

• Encrypted connections (HTTPS/TLS)
• Secure database with row-level security (Supabase)
• Regular security updates and monitoring
• Access controls and authentication

5. Your Rights (GDPR Compliance)

You have the following rights regarding your data:

• Right to Access: Export all your data in JSON or CSV format
• Right to Deletion: Delete all your sessions or your entire account
• Right to Rectification: Update your profile information anytime
• Right to Data Portability: Download your data in machine-readable formats
• Right to Withdraw Consent: Stop using the service at any time

You can exercise these rights directly from your Settings page.

6. Third-Party Services

We use the following third-party services:

• Supabase: Database and authentication (EU/US data centers)
• Stripe: Payment processing (for Pro subscriptions, PCI-compliant)
• Vercel: Hosting and CDN

These services have their own privacy policies and comply with GDPR.

7. Cookies and Tracking

We use minimal cookies for essential functionality:

• Authentication cookies (to keep you logged in)
• Session cookies (for app functionality)
• Preference cookies (dark mode, settings)

We do not use advertising or tracking cookies.

8. Children's Privacy

DotFocus is intended for users aged 13 and above. We do not knowingly collect information from children under 13. If you believe a child under 13 has created an account, please contact us immediately.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by email or through the app. Your continued use of DotFocus after changes constitutes acceptance of the updated policy.

10. Contact Us

If you have any questions about this Privacy Policy or your data:

Email: support@dotfocus.app