NoAlibi Privacy Policy

This policy explains how NoAlibi handles personal data in the NoAlibi mobile app and related API. It is written to be clear and practical, but it is not a substitute for independent legal advice.

NoAlibi is available through the Apple App Store and Google Play. Those stores may process download, purchase, device, review, and storefront data under their own privacy policies.

Who We Are

NoAlibi is a personal accountability app for tracking tasks, reminders, and AI weekly summaries. For privacy questions or data deletion requests, contact hello@kingsleyabia.dev. You can also delete your account directly in the app; see Delete your account.

Data We Collect

• Account details such as your name, email address, password hash, email verification state, and Google or Apple sign-in identifier if you use those sign-in options.
• Task information such as titles, categories, deadlines, status, status history, readjustment or missed-task reasons, and notes you add.
• Reminder and communication settings, including reminder timing, email preferences, push notification preferences, vibration preference, and weekly report email preference.
• Device notification records such as Expo push token, platform, device label, active state, and timestamps.
• AI weekly report data, including the report period, generated summary payload, status, model name, prompt hash, and delivery timestamps.
• Authentication and security records such as refresh-token families, revoked tokens, password reset tokens, verification tokens, failed login counts, lockout timestamps, rate-limit counters, and operational logs.

How We Use Data

• To create and secure your account, authenticate sessions, verify email addresses, reset passwords, and support Google Sign-In and Sign in with Apple.
• To provide task tracking, task history, notes, reminders, and notification preferences.
• To send email and push reminders, account emails, password reset emails, verification emails, and AI weekly report emails when enabled.
• To generate AI weekly summaries from your task activity and make those reports available in the app.
• To prevent abuse, investigate errors, maintain reliability, enforce rate limits, and respond to support or deletion requests.

Legal Bases

Where UK or EU data protection law applies, we rely on performance of a contract to provide the app, legitimate interests for security, reliability and abuse prevention, consent for optional push/email notification permissions where required, and legal obligations where we must keep or disclose limited information.

Third Parties And Processors

NoAlibi uses service providers to run the app, including hosting and database infrastructure, SMTP/email delivery, Google Sign-In, Sign in with Apple, and Expo push notifications. Apple App Store and Google Play distribute the mobile app and may process store-related data separately from NoAlibi. AI weekly summaries are processed by the backend AI coach service using the task data needed to generate the report.

What We Do Not Do

The current app does not include advertising SDKs, payment processing, location tracking, contacts access, camera access, photo library access, or a known analytics SDK. We do not sell personal data.

Retention

We keep account, task, reminder, note, and weekly report data while your account exists or while needed to provide the service. Security, rate-limit, token, and operational log records are kept only as long as needed for security, abuse prevention, troubleshooting, and legal or operational requirements. Push tokens may be deactivated when you sign out, disable push notifications, or when a push provider reports the token is no longer valid. When you delete your account (see below) all of the above is erased immediately — there is no grace period.

Your Choices And Rights

You can update task data, reminder settings, email preferences, and push preferences in the app. You can withdraw notification permission through your device settings. Depending on where you live, you may have rights to access, correct, delete, restrict, object to processing of, or request portability of your personal data. You may also have a right to complain to your local data protection authority.

Deleting Your Account

You can permanently delete your account from inside the app: Profile → Danger zone → Delete account, then type DELETE to confirm. The deletion runs immediately and erases your account row, tasks, task status history, task notes, scheduled reminders, weekly AI summaries, registered push devices, active session tokens, and any rate-limit counters keyed to your email. There is no recovery window — once confirmed, the data is gone.

If you can no longer sign in (for example because you lost access to the email or social account linked to your NoAlibi profile), email hello@kingsleyabia.dev from the address on the account and we will delete it on your behalf within a few business days. We may ask for information that proves the request is genuinely yours.

Changes

We may update this policy as NoAlibi changes. Material updates will be reflected on this page by changing the last updated date.