Privacy Policy

Based on the codebase review, here are the key elements that should be addressed in your privacy policy:

Personal Data Collection

  • Profile Images: The app requests photo library access to set profile pictures
  • User Goals and Tasks: Data entered by users for task management
  • Notes: Text content users attach to their goals
  • Speech Input: Voice data processed for speech-to-text functionality

Device Permissions

iOS Permissions

  • Photo Library access
  • Microphone access
  • Speech Recognition
  • Background processing

Android Permissions

  • Internet access
  • Vibration
  • Notifications
  • Boot completed (to restore alarms)
  • Wake lock and alarm permissions
  • System alert window
  • Foreground service permissions

Data Storage

  • User data is stored locally on the device using AsyncStorage
  • Goals, settings, and user preferences are stored on-device
  • No indication of server-side storage in the provided code, but should clarify if any cloud syncing exists

Third-Party Services

  • AdMob: The app integrates advertising functionality
  • Expo: Update services are used (may collect usage data)
  • Payment Processing: If you're implementing the donation features, include details about payment processors

Features with Privacy Implications

  • Notifications/Reminders: The app schedules local notifications for goal reminders
  • Voice Recognition: Speech-to-text functionality for goal creation
  • Goal Statistics: The app tracks goal completion metrics

Required Policy Sections

  1. Types of data collected
  2. How data is used
  3. Data storage location and security measures
  4. Third-party service providers
  5. User rights (access, deletion, correction)
  6. Advertising practices
  7. Children's privacy
  8. Changes to privacy policy
  9. Contact information

 

How We Use Google User Data

 


Motive+ integrates with Google services to provide enhanced functionality for users. When a user connects their Google account, the app may request access to specific information, such as calendar data, solely to provide features like goal scheduling, reminders, and synchronization with the user’s Google Calendar.


We only access the minimum data necessary to provide these services and do not store, share, or sell Google user data to any third parties. All data usage is restricted to the scope explicitly granted by the user through the Google OAuth 2.0 authentication process.

 

 

 

Data Usage and Scope

 

 

  • Motive+ uses the Google Calendar API to allow users to create, view, and manage tasks directly within their own calendars.

  • The app does not access, collect, or process any data from the user’s Google account beyond what is essential for the intended functionality.

  • Google user data is used only within the app to enhance user productivity features and is never repurposed for advertising, analytics, or external data sharing.

 

 

 

 

Data Protection and Security

 


We take the protection of your data seriously and have implemented the following safeguards:

 

  • All data transmitted between your device and our servers is encrypted using industry-standard HTTPS encryption.

  • Google account authentication is handled securely through OAuth 2.0 protocols.

  • Access tokens are stored securely and are used solely to maintain authenticated sessions.

  • Google user data is not permanently stored on our servers unless it is required for specific functionality and has been explicitly authorized by the user.

 

 

 

 

Third-Party Sharing

 


Motive+ does not share user data, including Google user data, with any third-party services or advertisers. Any data shared externally will occur only with the user’s informed consent and solely for the purpose of delivering the features described.

 

 

 

User Control and Transparency

 


Users may revoke Motive+’s access to their Google account at any time through their Google Account Permissions settings. Users also retain full control over the data they share and can remove app access without impacting their Google account.

 

 

 

Google API Services Disclosure

 


Motive+’s use and transfer of information received from Google APIs complies with the Google API Services User Data Policy, including the Limited Use requirements.

Users can request data deletion and exercise their privacy rights, particularly important for compliance with regulations like GDPR and CCPA.