Legal Document

Privacy Policy

We believe in being fully transparent about how we handle your data. Your trust is the foundation of everything we build.

Last Updated: May 25, 2025  ·  Effective Date: May 25, 2025

🔐

Overview

Who we are and what this policy covers

GoalFow ("we," "our," or "us") is a consistency and habit-building platform accessible at goalfow.org and via our Android application. We are committed to protecting your personal information and your right to privacy.

This Privacy Policy applies to all information collected through our website, Android app, and any related services, sales, marketing, or events. By using GoalFow, you agree to the terms of this policy.

Our Core Commitment

We never sell your personal data to third parties. Your data stays within the GoalFow organisation and is used solely to provide and improve our services.

📋

Data We Collect

What information we gather when you use GoalFow

We collect the following categories of information:

Account Information

Name and display name you provide during registration
Email address (used for login and notifications)
Profile photo (if you use Google Sign-In)
Age, class/grade level, and institution name (optional, you provide this)

Activity & Usage Data

Goals you create, complete, or delete
Study timer sessions and time tracked per goal
Pomodoro and Eisenhower Matrix tasks
XP earned, level progression, and daily streaks
AI chat messages you send to Miko or Deep Study
Quiz results and study session history

Device & Technical Information

Device type, operating system, and app version
Firebase Cloud Messaging token (for push notifications)
Crash reports and performance diagnostics (via Firebase Analytics)

Payment Information

Subscription status (free or Pro) stored in our database
Razorpay Subscription ID (reference only — we never store card numbers or bank details)
All payment processing is handled securely by Razorpay, subject to their own privacy policy
⚙️

How We Use Your Data

The purposes for which we process your information

To create and maintain your GoalFow account and sync it across devices
To power the AI features (Miko, Deep Study, Quiz Generator) — your messages are sent to our secure backend and processed by the Gemini AI API
To calculate your XP, levels, and streaks and display your progress
To send you smart reminders and push notifications you have opted into
To process your subscription and verify Pro plan status
To improve, maintain, and debug our platform using anonymised analytics
To comply with applicable legal obligations

We do not use your data for advertising, profiling for third-party marketing, or any purpose beyond providing and improving GoalFow.

🛡️

Data Storage & Security

Where your data lives and how we protect it

Your data is stored on Google Firebase (Firestore and Firebase Authentication), which provides industry-standard encryption at rest and in transit. All communications between your device and our servers use HTTPS/TLS encryption.

Our servers are located in Google Cloud's infrastructure. Firebase is compliant with ISO 27001, SOC 1, SOC 2, and SOC 3 standards.

Data is retained for as long as your account is active
You may request deletion of your account and all associated data at any time
We implement access controls so only authorised GoalFow team members can access user data
👤

Human Review of Data

When a person from our team may access your data

In certain limited circumstances, a member of the GoalFow team may need to review your data. This can occur in the following situations:

Customer Support: If you report a bug or contact us with an account issue, we may review your account data to diagnose and resolve the problem
Safety & Security: If we detect suspicious or potentially harmful activity, our team may investigate the relevant account data
Quality Assurance: Anonymised or aggregated data may be reviewed to improve AI response quality and platform performance
Legal Compliance: If required by applicable law or a valid legal order

All human reviews are conducted only by authorised GoalFow personnel and are governed by strict internal data access policies. We log all access to user data for accountability.

🤝

Partners & Vendors

Trusted third parties who help us operate GoalFow

We work with a limited set of trusted partners and vendors who assist in delivering the GoalFow service. These parties may have access to certain data only to the extent necessary to perform their specific function. They are contractually prohibited from using your data for any other purpose.

Google Firebase

Authentication, database, cloud functions, analytics, and push notifications

Google Gemini AI

Powers Miko AI and Deep Study features — messages are processed securely

Razorpay

Subscription payment processing — they handle payment data under their own policy

GoalFow Development Partners

Vetted developers or agencies working directly on GoalFow, bound by NDAs

We do not share your data with any advertising networks, data brokers, or unrelated third parties.

⚖️

Your Rights

What you can ask us to do with your data

Access: Request a copy of the personal data we hold about you
Correction: Update or correct inaccurate information via your Profile settings
Deletion: Request complete deletion of your account and all associated data
Portability: Request an export of your data in a machine-readable format
Opt-Out: Disable push notifications at any time through your device or app settings

To exercise any of these rights, contact us at privacy@goalfow.org. We will respond within 30 days.

🍪

Cookies & Tracking

How we use cookies on the website

Our website uses minimal, essential cookies required for authentication and session management (powered by Firebase). We do not use advertising cookies or cross-site tracking.

Session cookies: Keep you logged in while using the app
Firebase cookies: Used by Google Firebase for authentication state

You can disable cookies in your browser settings, but this may prevent you from logging into GoalFow.

🎒

Children's Privacy

Our service for student users

GoalFow is designed for students of all ages. We are committed to protecting the privacy of younger users. We do not knowingly collect personal data from children under 13 without parental consent. If you believe a child under 13 has provided us personal information, please contact us at privacy@goalfow.org and we will promptly delete it.

Users between 13 and 18 are encouraged to review this policy with a parent or guardian before using GoalFow.

📝

Changes to This Policy

How we notify you of updates

We may update this Privacy Policy from time to time. When we make significant changes, we will update the "Last Updated" date at the top of this page and, where appropriate, notify you via email or an in-app notification. We encourage you to review this policy periodically. Continued use of GoalFow after changes constitutes acceptance of the updated policy.

✉️

Contact Us

Reach out with any privacy questions

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:

Email: privacy@goalfow.org
Website: goalfow.org
Organisation: GoalFow