Privacy Policy

Effective Date: November 3, 2025
Legal Entity: davidhibbs.com ("Company," "we," "us," or "our")

This Privacy Policy explains how we collect, use, disclose, and protect personal information when you use our mobile apps, websites, automated workflows, and blog (collectively, the "Services"). We design our Services to minimize tracking and avoid linking data to individuals unless a user is logged in.

1. Summary of Our Approach

  • Minimal tracking by default. We avoid collecting personal information from unauthenticated users, and we do not attempt to re‑identify individuals from de‑identified data.
  • Account‑linked data. Where login is required, we associate usage and content with the authenticated account.
  • Encryption. We encrypt personal information where feasible in transit and at rest.
  • No selling of personal data. We do not sell personal information.

2. Information We Collect

2.1 Without Login (Unauthenticated Use)

  • Limited device/usage data (e.g., anonymized or truncated IP, coarse location, app version, event counts, crash logs) strictly to operate and secure the Services and to understand aggregate usage. Our aim is not to identify you.
  • Cookies or local storage may be used for strictly necessary functions (e.g., session management, security, preferences). We avoid cross‑site tracking.

2.2 With Login (Authenticated Use)

  • Account information: email, username, password hash (never the raw password), profile settings.
  • Service activity: actions taken in the Services, connected third‑party accounts you choose to link, configuration of automations, job outcomes, and logs associated with your account.
  • Support interactions: messages, tickets, and metadata when you contact us.

2.3 Content & Integrations You Provide

If you connect third‑party services or upload content, we process that data only to provide the Services and at your direction. You are responsible for ensuring you have the right to provide such data and for honoring any third‑party privacy obligations.

2.4 Sensitive Data

We do not intentionally collect sensitive personal information. Please do not submit sensitive categories (e.g., health, financial account numbers, government IDs) unless the feature specifically requests it and you understand the implications.

3. How We Use Information

  • Provide, operate, secure, and troubleshoot the Services (including to detect/prevent fraud, abuse, and security incidents).
  • Authenticate users and maintain accounts.
  • Execute and monitor automations at your direction.
  • Communicate with you about the Services (transactional emails, service announcements).
  • Improve and develop features using aggregated or de‑identified data.
  • Comply with legal obligations.

Where applicable, we rely on: (a) performance of a contract (to provide the Services); (b) legitimate interests (to secure and improve the Services, prevent abuse); (c) consent (where required by law, e.g., certain cookies or marketing); and (d) legal obligations.

5. Sharing & Disclosure

We disclose information only as described below:

  • Service providers/sub‑processors that host, store, process, or support the Services under written agreements (e.g., cloud hosting, email delivery, error logging). They may access information only to perform services for us.
  • At your direction to third‑party integrations you connect.
  • Legal & safety: to comply with law or valid legal process; to protect rights, safety, and property of Company, users, or the public.
  • Business transfers: in connection with a merger, acquisition, or asset sale. We will notify you of material changes.

We do not sell or share personal information, including for cross‑context behavioral advertising.

6. Data Retention

We retain personal information only for as long as necessary to provide the Services, fulfill the purposes outlined in this Policy, comply with legal obligations, resolve disputes, and enforce agreements. Where feasible, we store logs in a de‑identified or aggregated form and apply conservative retention periods.

7. Your Choices & Rights

  • Access/Correction/Deletion. You may access, correct, or delete your account information by contacting us or via in‑product tools.
  • Withdraw consent. Where we rely on consent, you may withdraw it at any time.
  • Do Not Track. Our Services do not respond to browser DNT signals.

We may need to verify your identity before fulfilling requests. Authorized agents may make requests as permitted by law.

8. Security

We implement technical and organizational measures designed to protect personal information, including encryption in transit and at rest where feasible, access controls, and least‑privilege practices. No method of transmission or storage is 100% secure; you use the Services at your own risk.

9. Children’s Privacy

The Services are not directed to children under 13 (or the age of digital consent where you live). We do not knowingly collect personal information from such children. If you believe a child has provided information, contact us to request deletion.

10. Cookies & Local Storage

We use strictly necessary cookies/local storage for core functionality and security. Where optional cookies are used (e.g., privacy‑preserving analytics), we will request consent where required and provide controls to manage preferences.

Our blog and apps may link to third‑party sites/services. We are not responsible for their privacy practices. Review their policies before providing personal information.

12. Changes to This Policy

We may update this Policy from time to time. If changes are material, we will provide notice (e.g., via the Service or email) and update the "Effective Date." Your continued use of the Services after the effective date constitutes acceptance.

13. Contact Us

Questions or requests? Contact us.