Privacy Policy

1. Introduction

Desk Dojo ("we," "our," or "us") operates the Desk Dojo mobile application (the "App"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our App.

Please read this Privacy Policy carefully. By using the App, you agree to the collection and use of information in accordance with this policy. If you do not agree with the terms of this Privacy Policy, please do not access the App.

2. Information We Collect

2.1 Information You Provide

When you create an account, we collect:

• Email Address: Used for account authentication, password recovery, and important account notifications.
• Password: Stored in encrypted (hashed) form. We never store or have access to your plaintext password.

We do not collect your name, profile photo, phone number, age, or any other personal demographic information.

2.2 Learning Progress Data

To provide our educational services and track your learning journey, we collect:

• Lesson completion status and scores
• Quiz and drill performance (attempts, correct answers)
• Experience points (XP) earned
• Daily activity streaks
• Achievement unlocks and timestamps
• World/course completion records
• Swipe game scores and statistics

2.3 Device Preferences (Stored Locally)

The following preferences are stored only on your device and are never transmitted to our servers:

• Theme preference (light or dark mode)
• Sound effects enabled/disabled
• Haptic feedback enabled/disabled
• Keyboard shortcut platform preference (Windows or Mac)

2.4 Automatically Collected Information

When you use the App, we may automatically collect certain information for error tracking and app improvement:

• Error and Crash Data: When the App encounters an error, we collect crash reports, error messages, and the sequence of actions leading to the error. This helps us identify and fix bugs.
• Platform Information: We detect your operating system (iOS, Android, or web) to enable platform-specific features. We do not collect your device ID, device model, or other device identifiers.

Important: Our error tracking system is explicitly configured to not collect personally identifiable information (PII). Your email address is never included in error reports.

2.5 Guest Users

You may use the App as a guest without creating an account. Guest user data is stored only on your local device and is not transmitted to our servers. If you uninstall the App or clear its data, your guest progress will be permanently lost.

3. How We Use Your Information

We use the information we collect to:

• Provide, operate, and maintain the App
• Create and manage your account
• Track and display your learning progress
• Sync your progress across devices (for registered users)
• Send password reset emails when requested
• Identify and fix bugs and errors in the App
• Improve the App based on usage patterns
• Respond to your support requests

4. Third-Party Services

We use the following third-party services to operate the App:

4.1 Supabase (Authentication & Database)

We use Supabase to handle user authentication and store your learning progress data. When you create an account, your email address and encrypted password are stored with Supabase. Your progress data is also stored in Supabase to enable cross-device syncing.

Supabase Privacy Policy: https://supabase.com/privacy

4.2 Sentry (Error Tracking)

We use Sentry to track errors and crashes in the App. Sentry collects error messages, stack traces, and contextual information about how the error occurred. We have configured Sentry to not collect personally identifiable information. Only your anonymous user ID (not your email) may be associated with error reports.

Sentry Privacy Policy: https://sentry.io/privacy/

4.3 Expo (App Platform)

The App is built using Expo, a platform for React Native applications. Expo provides various services including app updates and build infrastructure. Expo does not receive your personal data or learning progress.

Expo Privacy Policy: https://expo.dev/privacy

5. Data Storage and Security

5.1 Where Your Data Is Stored

• Local Storage: Your preferences and, for guest users, all progress data is stored locally on your device.
• Cloud Storage: For registered users, your email and progress data are stored in Supabase's secure cloud infrastructure.

5.2 Security Measures

We implement appropriate technical and organizational security measures to protect your data, including:

• Encryption of passwords using industry-standard hashing algorithms
• Secure token storage using platform-specific secure storage (iOS Keychain, Android Keystore)
• HTTPS encryption for all data transmitted between the App and our servers
• Regular security updates and monitoring

6. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you services. If you delete your account, we will delete your personal data within 30 days, except where we are required to retain it for legal purposes.

Anonymized, aggregated data that cannot be used to identify you may be retained indefinitely for analytical purposes.

7. Your Rights and Choices

7.1 Access and Portability

You have the right to request access to the personal data we hold about you. Contact us at support@deskdojo.co to request a copy of your data.

7.2 Correction

You may update your email address through the App's account settings. For other corrections, please contact us.

7.3 Deletion

You have the right to request deletion of your account and associated data. You can do this by:

• Using the account deletion feature in the App's settings
• Contacting us at support@deskdojo.co

Upon receiving a deletion request, we will delete your data within 30 days.

7.4 Opt-Out

You may opt out of certain data collection:

• Cloud Sync: Use the App as a guest to keep all data local to your device.
• Error Tracking: Contact us to opt out of Sentry error tracking.

8. California Privacy Rights (CCPA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA):

• Right to Know: You can request information about the categories and specific pieces of personal information we have collected about you.
• Right to Delete: You can request deletion of your personal information, subject to certain exceptions.
• Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.

Notice: We do not sell your personal information to third parties.

To exercise your CCPA rights, contact us at support@deskdojo.co.

9. Children's Privacy

The App is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at support@deskdojo.co, and we will delete such information.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Effective Date" at the top. You are advised to review this Privacy Policy periodically for any changes.

For significant changes, we may provide additional notice, such as an in-app notification or email (if you have provided your email address).

11. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

• Email: support@deskdojo.co
• Website: https://deskdojo.co