Privacy Policy
Plain English, no dark patterns. This explains exactly what we collect, why, and the control you have over it. If anything here is unclear, email us and we'll fix the wording.
01Overview
Pomo Zentra ("we", "us", "the app") is a Pomodoro timer and output tracker operated by Pomo Zentra Ltd. This policy covers our website, the web app, and any account you create. We built this product to help you spend your best hours on the work that matters — collecting more data than we need would run against that, so we don't.
The short version: your task names, sprints and output logs are yours. We use a minimal set of data to run the service, never sell it, and give you a one-click export and delete at any time.
02What we collect
We collect three buckets of data, and nothing outside them:
| Category | Examples | Why |
|---|---|---|
| Account | Email, display name, and Google OAuth identity | To create and secure your account |
| Product data | Tasks, sprint records, output logs, categories, rotation plans, scores | The core function — it's your work record |
| Technical | Browser type, approximate region, anonymised usage events | To keep the app working and improve it |
We do not collect the contents of your emails, calendars or any third-party account. Output logging is a number you type — "18 cold emails" — not a connection to your inbox.
03How we use it
Your data is used to:
- Run the timer, store your sprints, and calculate your daily and weekly scores.
- Sync your account across devices when you're signed in.
- Send essential service email — security notices and (if you opt in) a weekly output summary.
- Understand which features are used, in aggregate, so we know what to improve.
We never use your product data to train advertising models, and we never sell it. We don't run third-party ad trackers on the app.
04Legal basis (GDPR)
If you're in the UK or EEA, we rely on the following bases: contract (to provide the service you signed up for), legitimate interest (to keep the app secure and improve it, balanced against your rights), and consent (for optional emails and non-essential cookies, which you can withdraw any time).
06Data retention
We keep your product data for as long as your account is active. If you delete your account, we remove your personal data within 30 days, except where we're legally required to retain billing records (typically up to 7 years for tax purposes). Anonymised, aggregated statistics that can't identify you may be kept indefinitely.
07Your rights
You can, at any time:
- Access & export — download all your data as JSON or CSV from Settings.
- Rectify — edit your account details and any logged data directly.
- Erase — delete your account and data with one click.
- Object & restrict — opt out of optional processing such as the weekly summary.
- Withdraw consent — for cookies and marketing, via the cookie banner or email footer.
Tip
Everything above is self-serve in the app. You don't need to email us to exercise a right — but you can, and we'll respond within 30 days.
08Security
Data is encrypted in transit (TLS) and at rest. Passwords are hashed with a modern algorithm — we can't read them. Access to production systems is limited, logged, and protected by multi-factor authentication. No system is perfectly secure, but we treat your work record as something worth protecting properly.
09Children
Pomo Zentra is built for working adults and isn't directed at anyone under 16. We don't knowingly collect data from children. If you believe a child has created an account, contact us and we'll remove it.
10Changes to this policy
When we make material changes, we'll update the version number above and email account holders before the changes take effect. Continued use after the effective date means you accept the updated policy.
11Contact
Questions about privacy, or want to exercise a right that isn't self-serve? Email our privacy team at [email protected] or use the contact page. UK/EEA users have the right to lodge a complaint with their local data protection authority.