Privacy Policy

At Finish Line, your privacy is paramount. This Privacy Policy explains how we collect, use, protect, and share your personal information.

1. Information We Collect

1.1 Information You Provide

When you use Finish Line, you provide us with:

• Account Information: Email address, name, password (encrypted)
• Project Data: Project titles, descriptions, milestones, completion status
• Ideas Vault: Future project ideas you save
• Affirmation Responses: Your answers to daily identity-building questions
• Payment Information: Processed securely through Stripe (we don't store credit card details)
• Communications: Messages you send us through support or contact forms

1.2 Automatically Collected Information

When you use our Service, we automatically collect:

• Usage Data: Features used, time spent, actions taken within the app
• Device Information: Device type, operating system, app version
• Log Data: IP address, browser type, access times, pages viewed
• Analytics: Aggregated usage patterns to improve the Service

1.3 Information from Third Parties

We may receive information from:

• Authentication Services: If you sign in with Apple or Google
• Payment Processors: Stripe for subscription management
• Analytics Services: Aggregated, anonymized usage data

2. How We Use Your Information

We use your information to:

• Provide the Service: Enable project tracking, milestone management, and core features
• Personalization: Customize your experience and affirmation questions
• AI Features: Power AI-driven suggestions and insights (Pro tier only)
• Communications: Send important updates, support responses, and optional notifications
• Improvements: Analyze usage patterns to enhance features and fix bugs
• Security: Detect and prevent fraud, abuse, and security issues
• Legal Compliance: Comply with applicable laws and regulations
• Business Operations: Process payments and manage subscriptions

3. How We Share Your Information

3.1 We Never Sell Your Data

We do not sell, rent, or trade your personal information to third parties for their marketing purposes.

3.2 Service Providers

We share information with trusted service providers who help us operate:

• Cloud Hosting: Supabase (database and authentication)
• Payment Processing: Stripe (subscription billing)
• Analytics: Anonymized usage analytics
• AI Services: OpenAI for Pro-tier AI features
• Email Services: For transactional emails and notifications

All service providers are contractually obligated to protect your data and use it only for providing services to us.

3.3 Legal Requirements

We may disclose your information if required by law or if we believe it's necessary to:

• Comply with legal obligations, court orders, or government requests
• Enforce our Terms of Service
• Protect the rights, property, or safety of Finish Line, our users, or the public
• Prevent fraud or security threats

3.4 Business Transfers

If Finish Line is involved in a merger, acquisition, or sale of assets, your information may be transferred. We will notify you before your information becomes subject to a different privacy policy.

4. AI and Machine Learning

Our Pro-tier AI features use your project data to provide personalized insights and suggestions. Here's how:

• Processing: Your data is sent to OpenAI's API for analysis
• Retention: OpenAI does not retain your data for training their models (per enterprise agreement)
• Privacy: Your data is never shared with other users
• Control: You can disable AI features at any time in settings

5. Data Security

We implement industry-standard security measures:

• Encryption: All data is encrypted in transit (TLS) and at rest (AES-256)
• Authentication: Secure password hashing with bcrypt
• Access Control: Role-based access and principle of least privilege
• Monitoring: 24/7 security monitoring and logging
• Regular Audits: Periodic security assessments and penetration testing
• Backups: Regular encrypted backups stored in multiple locations

However, no method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

6. Data Retention

We retain your information for as long as necessary to provide the Service and comply with legal obligations:

• Active Accounts: We retain your data while your account is active
• Deleted Accounts: Data is deleted within 30 days of account deletion
• Legal Requirements: Some data may be retained longer to comply with legal obligations
• Backups: Data in backups is deleted according to our backup retention schedule (90 days)

7. Your Privacy Rights

7.1 Access and Portability

You have the right to access and download all your data in a portable format (JSON/CSV). You can do this from the app settings or by contacting us.

7.2 Correction

You can update your account information and project data at any time through the app.

7.3 Deletion

You can delete your account and all associated data at any time. This action is permanent and cannot be undone.

7.4 Opt-Out

You can opt out of:

• Marketing Emails: Unsubscribe link in every email
• Push Notifications: Device settings or app settings
• AI Features: Disable in app settings
• Analytics: Contact us to opt out of analytics collection

7.5 Do Not Track

We respect Do Not Track (DNT) signals. If you enable DNT, we will not track your usage for analytics purposes.

8. Children's Privacy

Finish Line is not intended for users under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us, and we will delete it immediately.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. By using the Service, you consent to the transfer of your information to the United States and other countries where we operate.

We ensure appropriate safeguards are in place to protect your information in accordance with this Privacy Policy.

10. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights:

• Right to Know: What personal information we collect and how we use it
• Right to Delete: Request deletion of your personal information
• Right to Opt-Out: Opt out of sale of personal information (we don't sell data)
• Right to Non-Discrimination: We won't discriminate against you for exercising your rights

To exercise these rights, contact us at app.finish.line@gmail.com

11. European Privacy Rights (GDPR)

If you are in the European Economic Area (EEA), you have additional rights:

• Right to Access: Obtain a copy of your personal data
• Right to Rectification: Correct inaccurate personal data
• Right to Erasure: Request deletion of your personal data
• Right to Restrict Processing: Limit how we use your data
• Right to Data Portability: Receive your data in a structured format
• Right to Object: Object to processing of your personal data
• Right to Withdraw Consent: Withdraw consent at any time

To exercise these rights or if you have concerns, contact us at app.finish.line@gmail.com

12. Cookies and Tracking Technologies

We use cookies and similar technologies to:

• Essential Cookies: Required for the Service to function (authentication, security)
• Analytics Cookies: Understand how you use the Service
• Preference Cookies: Remember your settings and preferences

You can control cookies through your browser settings. However, disabling cookies may affect functionality.

13. Third-Party Links

Our Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies.

14. Changes to Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via:

• Email notification
• In-app notification
• Notice on our website

Your continued use of the Service after changes become effective constitutes acceptance of the updated Privacy Policy.

15. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal information, please contact us:

• Email: app.finish.line@gmail.com
• Support: Contact Page
• Data Protection Officer: app.finish.line@gmail.com