Privacy Policy

UPDATED: APRIL 21, 2026

01Introduction

This Privacy Policy applies to TaskLaunch features made available through tasklaunch.app and the related signed-in app experience. It is written to describe the information-handling behavior that can be inferred from the current codebase and deployed product flows.

TaskLaunch currently includes a public website, authenticated task and dashboard features, settings and account controls, social and sharing features, push notifications, feedback submission tools, Stripe billing flows, and a launch-updates signup form. Different features handle different categories of data.

02What information we collect

(a)

Sign-in and account details such as Firebase Authentication identifiers, email address, and Google account profile details returned during Google sign-in.

(b)

Profile and account customisation data such as display name, username, username reservation data, avatar selections, uploaded custom avatar data, and rank thumbnail information shown in the app.

(c)

Task and productivity data such as tasks, timers, milestones, time goals, notes, task history, deleted task records, dashboard state, schedule data, reward progress, and related app preferences.

(d)

Social data such as friend requests, friendship records, and shared task summary records when you use friends or sharing features.

(e)

Device and notification data such as push registration tokens, device identifiers, platform markers, app-active state, and push preference settings when notification features are enabled.

(f)

Billing data such as Stripe customer IDs, subscription IDs, price IDs, subscription status, and related entitlement or retention records used to manage paid access.

(g)

Feedback data such as feedback title, message content, attached PNG screenshots, vote records, and author-related fields unless feedback is submitted anonymously.

(h)

Launch-updates signup data such as email address, normalized email, request source, user-agent, and referrer captured when the public signup form is used.

03How we collect information

(a)

Directly from you when you sign in, edit profile settings, create and manage tasks, use social features, configure notifications, submit feedback, start billing flows, or join the launch-updates list.

(b)

Automatically through app runtime behavior such as local storage, session storage, Firebase client state, push registration, and cloud sync between the signed-in client and backend services.

(c)

From service providers that support the product, including Firebase Authentication, Cloud Firestore, Google sign-in flows, Firebase Cloud Messaging, Stripe, and optional Jira mirroring for feedback.

04Local storage and session storage

TaskLaunch stores a substantial amount of runtime data locally on your browser or device. Based on the current implementation, this primarily includes browser or device-local storage mechanisms such as local storage, session storage where applicable, and IndexedDB-backed persistence. This can include task state, history-related state, navigation state, theme and menu style preferences, notification preferences, pending push action state, mode settings, and other app behavior needed to continue the user experience on the same device.

Session storage is also used for short-lived browser behavior and related auth transition state. Current web auth persistence also relies on browser-local persistence and IndexedDB-backed state. TaskLaunch does not treat cookies as its primary app storage layer, but some authentication, security, or abuse-prevention services used with the product may use cookies or similar technologies under their own implementations. Local data can remain on your device until you clear it, reset app data, clear browser storage, or uninstall the app.

05Cloud storage and app infrastructure

When you sign in, TaskLaunch uses Firebase services to support account access and cloud-backed app features. Current code paths show Firebase Authentication for sign-in and Cloud Firestore for many account, task, feedback, subscription, social, and notification-related records. Current web implementation also initializes Firebase App Check with reCAPTCHA Enterprise for security and abuse prevention support.

(a)

Firebase Authentication is used for email-link sign-in and Google sign-in.

(b)

Cloud Firestore records can include user profile fields, tasks, task history, deleted task data, preferences, friend and sharing records, feedback items, feedback limit records, push device records, subscription records, and launch-updates signup records.

(c)

Some additional records are created to support account integrity and lookup behavior, including username reservation records and user email lookup records.

06How we use information

(a)

To sign users in, keep sessions working, and provide access to account-backed features.

(b)

To operate app functionality such as tasks, timing, dashboard views, preferences, history, scheduling, rewards, friends, and shared task summaries.

(c)

To register devices, store push settings, and send notification traffic where those features are enabled.

(d)

To start and manage subscription checkout, billing portal sessions, entitlement state, and subscription retention logic tied to Stripe-backed billing.

(e)

To receive and manage feedback, apply submission and voting limits, and optionally mirror feedback into Jira when that integration is enabled.

(f)

To operate the launch-updates signup list and prevent duplicate subscriptions to that list.

(g)

To support account deletion, cloud cleanup, abuse controls, and other integrity or operational checks implemented in the app and backend routes.

07Third-party services and processors

(a)

Google and Firebase are used for authentication, data storage, app infrastructure, and push delivery support.

(b)

Stripe is used for subscription checkout, customer records, billing portal access, and subscription lifecycle events.

(c)

Atlassian Jira may receive mirrored feedback details and screenshot attachments when Jira integration is configured and working.

(d)

Platform push delivery services may be involved when Firebase Cloud Messaging sends notifications to supported web or mobile devices.

These services help operate TaskLaunch features. This page only describes their use as they appear in the current product code and does not replace the separate terms or privacy policies of those providers. Third-party services used for authentication, security, billing, or issue tracking may also use cookies or similar technologies under their own implementations.

09Push notifications

If you enable web or mobile push notifications, TaskLaunch can store per-device records under your account, including token values, device IDs, provider information, native-or-web indicators, app-active state, and timestamps used for delivery logic.

Push preference settings are also stored so the app can determine whether mobile or web push should be used. If you disable notifications or remove access at the device level, future notifications may stop, but notifications already delivered to your device remain under that device's own controls.

10Billing and subscriptions

If you use paid subscription features, TaskLaunch can create Stripe checkout sessions and Stripe billing portal sessions tied to your account. The application stores subscription-related identifiers and status fields needed to determine entitlement and preserve subscription access during some account-deletion flows.

Current code supports storage of Stripe customer IDs, subscription IDs, price IDs, status fields, and related subscription timing fields. TaskLaunch does not intentionally store full payment card details on its own servers.

11Feedback and issue tracking

If you submit feedback, TaskLaunch stores the feedback title and message, and it can also accept PNG screenshot attachments. Depending on whether you submit anonymously, related author data can include your email address, display name, rank thumbnail, and current rank ID.

The current implementation also records vote activity and submission-rate controls. When Jira mirroring is configured, the app may create or update a Jira issue and upload screenshot attachments there as well.

12Launch-updates subscription list

The public launch-updates signup form stores the submitted email address and a normalized copy of that address in Cloud Firestore. The current backend also records the request source, user-agent, referrer, and created/updated timestamps for that signup entry.

This data is used to manage the launch-updates list and reduce duplicate entries. This section describes the current signup implementation only and should not be read as a promise of broader marketing practices.

13Overseas and cross-border handling

TaskLaunch relies on third-party infrastructure providers whose systems can operate across multiple countries. Because Firebase, Stripe, and related provider systems may process or store data outside the country where you use the app, some information may be handled on cross-border infrastructure.

14Security safeguards

The product uses managed authentication, hosted infrastructure, and service-level access controls offered by the providers integrated into the app. The codebase also includes account verification, authenticated API routes, and deletion flows intended to limit unauthorized access to account data.

No internet-connected service can guarantee absolute security. You should also protect your own devices, sign-in methods, and browser or app environment.

15Retention and deletion

(a)

Local device data can remain until you reset the app, clear browser or device storage, or uninstall the app.

(b)

Cloud-backed account data can remain while needed to operate the signed-in product, maintain subscriptions, enforce rate limits, support feedback workflows, or complete deletion and integrity operations.

(c)

Launch-updates signup records can remain while needed to manage that signup list.

(d)

Current account-deletion code removes cloud-backed user records including user data, subscription records, friend requests, friendships, shared task summaries, authored feedback, feedback votes, feedback limits, scheduled push records, usernames, and user email lookup records.

16Your choices, access, and correction

(a)

You can update some account and profile details inside the app, including username and avatar-related settings.

(b)

You can control web and mobile push preferences inside the app where those features are available.

(c)

You can delete your account from Account > Delete Account.

(d)

You can reset local app data from Settings > Reset All Data.

(e)

If you need help correcting data, understanding deletion behavior, or raising a privacy question, use the contact details shown below.

17Account deletion and local reset guidance

The current account-deletion flow removes the Firebase Authentication account and then calls backend cleanup routes to delete cloud-backed records tied to that account. The app also includes logic to retain some subscription access information before deletion when an active subscription exists.

Local app data on your device is separate from cloud deletion. If you want to remove locally stored task and preference data from the same device, use Settings > Reset All Data in addition to any account-deletion action.

18Children

The current codebase does not indicate that TaskLaunch is designed as a children's product. If you believe personal information relating to a child has been submitted through the product, contact TaskLaunch using the address below so the issue can be reviewed.

19Policy updates

This page may be updated as product behavior, integrations, or data flows change. When updates are made, the revised version will be posted on this page.

20Contact

For privacy questions, deletion help, or requests relating to information handled by the current TaskLaunch product, contact support@tasklaunch.app.