Privacy Policy
Last updated: February 16, 2026
1. Introduction
Welcome to Life Organizer, operated by Backlog Fejlesztő és Tanácsadó Korlátolt Felelősségű Társaság (Backlog Fejlesztő Kft.), registered office: 2233 Ecser, Szent István utca 41., Hungary. Company registration number: 13-09-242820, Tax number: 32900112-2-13.
We respect your privacy and are committed to protecting your personal data in accordance with the General Data Protection Regulation (GDPR) and applicable Hungarian data protection laws.
This Privacy Policy explains what data we collect, how we use it, who we share it with, and what your rights are.
2. Data We Collect
We collect and process the following categories of personal data:
- Identity DataName, username, profile picture — provided during registration via Clerk (email, Google, or GitHub authentication).
- Contact DataEmail address — provided during registration.
- Usage DataContent you create within the Service, including habits, tasks, goals, journal entries, body metrics (weight, measurements), fasting sessions, meal entries, sleep data, mood entries, workout data, notes, reminders, shopping lists, reviews, and Pomodoro sessions.
- Subscription DataSubscription plan, billing status, payment history, and trial information — processed by Polar.sh.
- Technical DataIP address, browser type and version, operating system, device type, time zone, and page view data — collected automatically via Vercel Analytics.
- Integration DataWhen you connect third-party services (e.g., Strava, Google Calendar), we store OAuth tokens and synced data (workouts, calendar events) necessary for the integration to function.
Some of the data you enter (e.g., body metrics, mood, health-related journal entries) may be considered sensitive personal data. We process this data solely to provide the Service to you and do not use it for any other purpose.
3. Legal Basis for Processing
Under the GDPR, we process your personal data based on the following legal grounds:
- Performance of a contract (Art. 6(1)(b) GDPR)Processing your account data, subscription, and usage data is necessary to provide the Service to you.
- Consent (Art. 6(1)(a) GDPR)Optional integrations (Strava, Google Calendar), AI coaching features, and advertising measurement cookies require your explicit consent. You can withdraw consent at any time by disconnecting the integration, disabling the feature, or changing your cookie settings.
- Legitimate interest (Art. 6(1)(f) GDPR)We process certain data for security purposes, fraud prevention, and improving the Service. Our legitimate interests do not override your fundamental rights.
- Legal obligation (Art. 6(1)(c) GDPR)We may process data to comply with applicable legal requirements, such as tax or accounting obligations.
4. AI Features and Data Processing
The Service includes AI-powered features (AI Life Coach) provided by Google Gemini. When you use AI coaching, the following data may be sent to Google's servers for processing:
- Habit names and completion data
- Task completion history
- Workout data (duration, type, calories)
- Fasting session data
- Body metrics (weight, measurements)
- Sleep and mood entries
- Journal entries
- Goal progress
- Review reflections
This data is sent to generate personalized coaching advice. Google processes this data according to their own privacy policy. AI-generated responses are stored in your account.
AI coaching does not constitute medical, psychological, or any other professional advice. The AI does not have access to your identity data (name, email) — only anonymized usage data is sent for processing.
5. Third-Party Data Processors
We use the following third-party services to operate Life Organizer. Each processes data on our behalf under appropriate data protection agreements:
| Service | Purpose | Data Shared | Privacy Policy |
|---|---|---|---|
| Clerk | Authentication and user management | Email, name, profile picture, authentication tokens | Link |
| Vercel | Hosting, database (Postgres), and analytics | All application data, page views, performance metrics | Link |
| Polar.sh | Payment processing and subscription management | Email, user ID, subscription plan, payment details | Link |
| Google (Gemini AI, Calendar) | AI coaching and calendar synchronization | Usage data for AI coaching (see Section 4), calendar events for sync | Link |
| Strava | Workout synchronization | OAuth tokens, workout data (type, duration, distance, calories, heart rate) | Link |
6. Cookies
We use the following cookies:
| Cookie | Purpose | Duration | Type |
|---|---|---|---|
| locale | Stores your language preference (Hungarian/English) | 1 year | Functional |
| theme | Stores your theme preference (light/dark/system) | Session | Functional |
| Clerk session cookies | Authentication and session management | Session | Essential |
| lo_consent | Stores your cookie consent choice (accepted/rejected) | 180 days | Functional |
| Vercel Analytics | Anonymous page view and performance tracking | Session | Analytics |
| Google Ads (gtag) | Advertising conversion measurement and campaign performance attribution | Varies (set by Google) | Marketing |
Essential and functional cookies are necessary for the Service to operate. Analytics and advertising measurement cookies are only set with your consent via the cookie consent banner.
7. Data Storage and International Transfers
Your data is stored on Vercel's infrastructure in the European Union (Frankfurt, Germany).
Some third-party processors (Clerk, Google, Polar.sh) may process data outside the EU. In such cases, data transfers are protected by Standard Contractual Clauses (SCCs) or equivalent safeguards as required by the GDPR.
We do not sell your personal data to any third party.
8. Data Retention
We retain your personal data for as long as your account is active and you use the Service.
When you delete your account, all your data is permanently and irreversibly deleted immediately. This includes all habits, tasks, goals, journal entries, body metrics, and any other personal data associated with your account.
We may retain anonymized, aggregated data that cannot be used to identify you for statistical purposes.
Billing records may be retained for up to 8 years to comply with Hungarian tax and accounting obligations.
9. Your Rights Under the GDPR
As an EU resident, you have the following rights regarding your personal data:
- Right of accessYou can request a copy of all personal data we hold about you.
- Right to rectificationYou can request correction of inaccurate or incomplete data.
- Right to erasure ("right to be forgotten")You can request deletion of your data. You can delete your account at any time from the Settings page, which permanently deletes all your data.
- Right to data portabilityYou can request your data in a structured, machine-readable format. Currently, you can export certain data from the app. For a full data export, contact us at support@lifeorganizer.io.
- Right to restriction of processingYou can request that we limit how we use your data in certain circumstances.
- Right to objectYou can object to processing based on legitimate interests.
- Right to withdraw consentWhere processing is based on consent (e.g., third-party integrations, AI coaching), you can withdraw consent at any time by disconnecting the integration or contacting us.
To exercise any of these rights, contact us at support@lifeorganizer.io. We will respond within 30 days.
You also have the right to lodge a complaint with the Hungarian National Authority for Data Protection and Freedom of Information (NAIH): https://naih.hu
10. Data Breach Notification
In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority (NAIH) within 72 hours of becoming aware of the breach.
If the breach is likely to result in a high risk to your rights and freedoms, we will also notify you directly without undue delay, providing details of the breach and the measures taken.
11. Children's Data
The Service is not intended for users under the age of 18. We do not knowingly collect personal data from children under 18.
If we discover that we have collected data from a user under 18, we will immediately delete their account and all associated data. If you believe a child under 18 is using the Service, please contact us at support@lifeorganizer.io.
12. Marketing Communications
We do not currently send marketing or promotional emails. If we introduce marketing communications in the future, we will only send them with your explicit consent.
You will always have the option to opt out of marketing emails. Service-related communications (e.g., account security, billing notifications) are not considered marketing.
13. Data Security
We implement appropriate technical and organizational measures to protect your personal data, including:
- Encrypted data transmission (HTTPS/TLS)
- Secure authentication via Clerk (with multi-factor authentication support)
- Database-level access controls and row-level security (all queries filtered by user ID)
- Regular security reviews
- Webhook signature verification for all third-party integrations
- Rate limiting on API endpoints to prevent abuse
No system is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.
14. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. If we make material changes, we will notify you via the Service or by email.
We encourage you to review this Privacy Policy periodically. Your continued use of the Service after changes become effective constitutes acceptance of the updated policy.
15. Contact Us
If you have any questions about this Privacy Policy or wish to exercise your data protection rights, please contact us at:
Supervisory authority: Nemzeti Adatvédelmi és Információszabadság Hatóság (NAIH)
https://naih.hu