Privacy Policy

1. Introduction

HeyDay (“we,” “us,” or “our”) operates the Heyday Focus Chrome Extension (“Extension”) and the website https://heydayfocus.com (“Website”).

We are committed to protecting your privacy and handling your data in accordance with:

• Chrome Web Store Developer Program Policies, including the User Data Policy
  
  
• Applicable data protection laws
  
  
• Industry best practices
  
  

This Privacy Policy explains what data we collect, how we use it, how we store it, and the choices you have. By using the Extension or the Website, you agree to the practices described here.

2. Information We Collect

Heyday Focus collects only the data necessary to provide its single purpose: helping users manage focus by applying user-selected rules, schedules, and insights to chosen websites.

We do not collect full browsing history, page content, or unrelated user activity.

2.1 Data Collected Through the Chrome Extension

a) On-Device Usage Data (Default, Local Only)

Heyday Focus tracks time spent per website domain to provide usage insights and focus features.

By default, this data is processed and stored locally on your device only.

On-device usage data includes:

• Website domain name
  
  
• Time spent on the domain
  
  
• Date of usage
  
  

Heyday Focus does not collect or process:

• Full URLs
  
  
• Page paths
  
  
• Page titles
  
  
• Query strings
  
  
• Page content
  
  

This on-device usage data never leaves your device unless you explicitly enable usage syncing while signed in.

b) Account Information (Optional Google OAuth Login)

If you choose to sign in, we collect only what is required to authenticate and associate your settings with your account:

• Google account email address
  
  
• Google display name
  
  
• Google user identifier (UID)
  
  
• Authentication tokens required for sign-in
  
  

We do not access Google Drive, Contacts, Calendar, or any other Google services.

Signing in is optional, and the Extension can be used without creating an account.

c) User Settings and Configuration

Stored locally and, if you sign in, optionally synced to our backend to enable cross-device functionality:

• Site lists
  
  
• Focus schedules
  
  
• Impact settings
  
  
• Enabled or disabled state of schedules
  
  
• Pause preferences and related extension settings
  
  

This data exists solely to operate the Extension.

d) Optional Usage Sync Data (Explicit Opt-In)

If you explicitly enable usage syncing while signed in, Heyday Focus syncs privacy-minimized daily usage summaries so you can view them across devices.

Synced usage data includes only:

• Website domain
  
  
• Total time spent per day
  
  
• Date bucket (daily only)
  
  

This data is:

• Disabled by default
  
  
• Never synced without your explicit consent
  
  
• Not used for advertising
  
  
• Not sold to third parties
  
  

e) What the Extension Does Not Collect

The Extension does not collect, store, or transmit:

• Full browsing history
  
  
• Page content (text, images, videos, or media)
  
  
• Keystrokes or form entries
  
  
• Clicks, scrolls, or mouse movements
  
  
• Payment or financial information
  
  
• Cookies
  
  
• Sensitive data categories (health, biometrics, precise location)
  
  
• Authentication data for other services
  
  

The Extension does not read or analyze webpage content. It only applies CSS modifications or redirects based on your settings.

3. Information Collected Through the Website

The Website uses Google Analytics to understand aggregate visitor behavior.

We collect:

• Pages visited
  
  
• Browser and device type
  
  
• Operating system
  
  
• Approximate location (city-level only)
  
  
• Referring URL
  
  
• Anonymous engagement metrics
  
  

Analytics data is processed according to Google’s Privacy Policy. We do not combine Website analytics data with Extension data or personal identifiers.

4. How We Use Information

4.1 To Operate the Extension

We use Extension data solely to:

• Apply focus rules and schedules
  
  
• Provide website usage insights
  
  
• Sync settings across devices if you choose to sign in
  
  
• Sync usage summaries only if you explicitly enable usage syncing
  
  
• Maintain authentication sessions
  
  
• Resolve bugs and improve reliability
  
  

We never use Extension data for advertising, profiling, or marketing.

4.2 To Operate the Website

We use Website data to:

• Understand visitor navigation patterns
  
  
• Improve content and design
  
  
• Measure marketing effectiveness
  
  

4.3 Communication

If you contact us directly, we use the information you provide only to respond to your request.

5. Legal Basis for Data Processing

Depending on your jurisdiction, we rely on:

• Performance of a contract to provide the Extension’s core functionality
  
  
• Legitimate interest for stability, security, and improvement
  
  
• Consent for Google Analytics cookies and optional Google OAuth sign-in
  
  
• Explicit consent for optional usage syncing
  
  

6. Data Storage and Security

6.1 Storage Locations

Extension data is stored:

• Locally in your browser by default
  
  
• In our secure Supabase database only if you sign in and enable syncing
  
  

Google OAuth tokens are stored using Google’s secure authentication mechanisms.

6.2 Security Measures

We implement:

• Encryption in transit and at rest
  
  
• Row Level Security (RLS) in Supabase
  
  
• Role-based access controls
  
  
• Restricted internal access
  
  
• Ongoing monitoring
  
  

We never store your Google password or other sensitive credentials.

7. Data Retention

• On-device usage data remains on your device until you delete it or uninstall the Extension
  
  
• Synced usage data is retained for a limited period, up to 90 days, and is automatically deleted afterward
  
  
• You can disable usage syncing at any time, which stops further syncing
  
  

When you request account deletion, we delete all synced data, including:

• Settings
  
  
• Site lists
  
  
• Schedules
  
  
• Usage summaries
  
  
• Authentication records
  
  

Website analytics data is retained according to Google Analytics policies.

8. Data Sharing

We do not sell, rent, or trade your data.

We share data only with:

• Supabase (database and authentication infrastructure)
  
  
• Google OAuth (authentication provider)
  
  
• Google Analytics (Website analytics)
  
  
• Law enforcement when legally required
  
  

We do not use third-party advertising networks or engage in cross-site tracking.

9. Cookies

The Website may use cookies for Google Analytics. You can disable cookies in your browser settings.

The Extension does not use cookies.

10. Children’s Privacy

The Extension and Website are not intended for children under 13. We do not knowingly collect data from children.

11. International Users

Data may be processed or stored in regions where Supabase operates. All transfers comply with applicable privacy regulations and industry standards.

12. Changes to This Policy

We may update this Privacy Policy periodically. The latest version will always be available at:

https://heydayfocus.com/privacy

Significant changes will be communicated through the Website or Extension.

13. Your Choices and Control

You are always in control of your data. You can:

• Use Heyday Focus without signing in
  
  
• Choose whether to sync settings
  
  
• Choose whether to sync usage data
  
  
• Disable syncing at any time
  
  
• Remove your data by signing out or uninstalling the Extension
  
  

14. Contact Us

For questions, concerns, or data requests, contact:

hello@heydayfocus.com