Legal Center

1. Acceptance of Terms

By installing or using the Purgd application (the "Service"), you agree to be bound by these Terms of Service and our Privacy Policy. If you do not agree, please discontinue use of the Service.

2. Description of Service

Purgd is a personal productivity and thought-capture tool designed around a local-first architecture. We reserve the right to modify, suspend, or discontinue any part of the Service at any time, with reasonable notice where practicable.

3. Intellectual Property

Your Data: You retain all ownership rights to every thought, task, note, and item you create in Purgd. We claim no ownership over your content. Your data is yours, always.

Our Software: The Purgd application, including its multi-pass routing engine, scoring system, visual design, and underlying code, is proprietary and protected by copyright law. You may not reverse-engineer, decompile, or attempt to extract the source code of the Service.

4. Acceptable Use

You agree not to use the Service to transmit illegal content, abuse the AI processing infrastructure, attempt to extract API keys or bypass rate limits, or interfere with other users' access to the Service.

5. Subscription and Billing

Purgd offers a free tier and a paid Pro tier. Pro subscriptions are processed through the Apple App Store via RevenueCat. All billing disputes must be directed to the respective app store platform. We do not process payment card data directly.

6. Limitation of Liability

Purgd is provided on an "as is" and "as available" basis. To the maximum extent permitted by law, FlyFission Consulting Group LLC shall not be liable for any indirect, incidental, special, or consequential damages arising from your use or inability to use the Service, including but not limited to lost data, missed deadlines, or interrupted productivity sessions.

7. Medical Disclaimer

8. Governing Law

These Terms are governed by the laws of the State of Delaware, United States, without regard to conflict of law principles.

1. Who We Are

Purgd is a product of FlyFission Consulting Group LLC ("we," "us," or "our"). For privacy inquiries, contact us at support@purgd.app.

2. What We Collect (and What We Don't)

We collect only what is necessary to provide the Service:

• Account data (if you create an account): Email address and subscription status. Required for cloud sync and Pro entitlement verification.
• Usage analytics (opt-in only): Behavioral events such as "focus session started," "item captured," or "subscription started." These events include metadata like duration, category, or feature name but never your task content or personally identifiable information. You must explicitly opt in.
• Crash reports (opt-out): Anonymous crash data and stack traces when the app crashes. An anonymous device identifier is used. No task content or personal data is included. You can disable this in Settings.

We do not collect: your task body text, voice transcriptions, personal notes, images you process through the app, HealthKit data, calendar event content, or contact names/numbers. None of this reaches our analytics or logging pipelines.

3. Local-First Architecture

Purgd is designed local-first. All your items, tasks, projects, routing rules, and settings are stored on your device using SQLite. Nothing leaves your device unless you explicitly activate one of the following:

• Cloud Sync (Pro): Tasks, actions, projects, routing rules, energy logs, and settings are synced to our servers (Supabase/PostgreSQL), encrypted in transit (TLS 1.3) and at rest (AES-256). Cloud Sync is Pro-only and requires account creation.
• AI Features: Voice transcription and image OCR require sending your audio or image to our processing proxy. See Section AI Features below.

Voice Transcription (Whisper)

When you record a voice capture, your audio file (M4A format) is uploaded to our backend proxy server over an encrypted connection. The proxy forwards the audio to OpenAI's Whisper API for transcription. The transcribed text is returned to your device. The audio file is not permanently stored by our proxy or by OpenAI under our API terms.

In limited scenarios (Expo Go development builds), the app may send audio directly to OpenAI's API using an API key you supply in Settings. In this case, OpenAI's standard API privacy terms apply to that call.

Image OCR (Vision Model)

When you share an image into Purgd or attach a photo to a capture, the image is uploaded to our backend proxy server. The proxy forwards the image to OpenAI's GPT-4o Vision API to extract readable text. The extracted text is returned to your device. The image is not permanently stored by our proxy or by OpenAI.

Voice Item Splitting (GPT-4o-mini)

After transcription, if a voice capture appears to contain multiple items, the transcript text (not audio) is sent to our proxy, which uses OpenAI's GPT-4o-mini API to intelligently split it into separate tasks. The transcript is processed transiently and not retained.

What OpenAI Receives

OpenAI may receive: audio recordings (for Whisper), images (for Vision), and short text transcripts (for GPT-4o-mini splitting). OpenAI does not receive your identity, account information, or any task data beyond what you explicitly submitted for that single processing call. We use OpenAI's API under their data processing terms, which prohibit training on API inputs.

Opting Out

Voice transcription and image OCR are only invoked when you explicitly use those features. You can use Purgd entirely via text input without triggering any AI processing.

Linear and GitHub Integrations (Pro)

If you connect Linear or GitHub in Settings, Purgd will push action titles and metadata (status, due date, external ID) to those platforms using credentials you provide. Purgd does not store your Linear or GitHub tokens beyond what is needed for the integration. They are stored in your device's secure keychain and optionally encrypted in your cloud sync.

CalDAV Integration (Pro)

If you configure CalDAV sync, Purgd will perform two-way sync of due-dated actions with the CalDAV server URL, username, and password you provide. Your credentials are stored in your device's secure keychain. CalDAV data is transmitted only between your device and your CalDAV server. We do not proxy or store CalDAV credentials on our servers.

On-Device Storage

All task data is stored locally using SQLite via expo-sqlite. HealthKit data (sleep/HRV) is read-only and stays on-device. It is never transmitted to our servers or included in any analytics.

Cloud Infrastructure (Supabase)

When Cloud Sync is enabled, your data is stored in a PostgreSQL database hosted by Supabase (Supabase Inc.), encrypted at rest using AES-256 and in transit via TLS 1.3. Each user's data is row-level isolated by user ID. Supabase is SOC 2 Type II certified.

Analytics (PostHog)

PostHog is our analytics provider. Analytics are strictly opt-in and no events are sent unless you explicitly consent during onboarding or via Settings. Events include behavioral metrics (which features you use, session duration, focus session count) and never include task body text, voice content, or any identifiable personal information. You can revoke consent at any time in Settings → Privacy.

Crash Reporting (Sentry)

Sentry is our crash reporting provider. Crash reporting is enabled by default but can be disabled in Settings → Privacy. When a crash occurs, Sentry receives: an anonymous device identifier, a stack trace, app version, device OS, and breadcrumb events (navigation actions). Sentry is configured to redact credential patterns and task content before transmission. No task body text or personal information is included in crash reports.

Subscription Management (RevenueCat)

RevenueCat manages subscription entitlements for app-store entitlements. RevenueCat receives: your app store receipt, an anonymous app user ID, and entitlement status. RevenueCat does not receive payment card details (those remain with the app store platform). For RevenueCat's privacy terms, see revenuecat.com/privacy.

OpenAI

OpenAI is used for voice transcription (Whisper), image OCR (Vision), and voice splitting (GPT-4o-mini). See Section AI Features for full details. OpenAI's API data processing terms prohibit training on API inputs. For OpenAI's privacy terms, see openai.com/policies/privacy-policy.

Device Permissions Summary

• Microphone: Required for voice capture. Audio is processed locally (on-device speech recognition where available) or via our secure proxy. Never stored permanently.
• Camera / Photo Library: Used when you attach an image to a capture or share an image into the app. Images are processed for OCR and not permanently stored on our servers.
• Calendar (read-only): Used to display upcoming events alongside your task list. Calendar data stays on-device and is never synced to our servers.
• Contacts (read-only): Used for the "Waiting For" feature, letting you tag a person to a task. Contact names and thumbnails are read locally only and are never transmitted to our servers.
• Health (read-only, iOS): Sleep duration and HRV are read to bias Focus Mode toward lighter tasks on poor-sleep days. This data never leaves your device and is never synced or logged.
• Notifications: Used to send focus session reminders and due-date alerts. Notification preferences are managed entirely on-device.

Right to Access

You can view all data Purgd holds about you directly within the app. For cloud-synced accounts, a full data export is available in Settings → Account → Export My Data.

Right to Deletion

You can delete all your data, both on-device and cloud, from Settings → Account → Delete Account. This triggers a cascade deletion of all Supabase records linked to your user ID. For formal deletion requests or confirmation, email support@purgd.app. We will confirm deletion within 30 days.

Right to Opt Out of Analytics and Crash Reporting

You can toggle both PostHog analytics and Sentry crash reporting independently in Settings → Privacy. Toggling off takes effect immediately, and no events are sent from that point forward. For PostHog, we also call posthog.reset() to disassociate your device from any prior anonymous ID.

No Sale of Personal Data (CCPA)

We do not sell, rent, or trade your personal data to any third party. We do not share your data with advertising networks or data brokers. California residents have the right to request disclosure of any data shared with third parties in the past 12 months. See our contact section to submit such a request.

GDPR — EU/UK Residents

If you are in the European Economic Area or United Kingdom, you have additional rights including: the right to data portability, the right to rectification, and the right to lodge a complaint with your local data protection authority. Our lawful basis for processing is legitimate interests (local-first functionality) and explicit consent (Cloud Sync, Analytics). You may withdraw consent at any time.

Data Retention

On-device data is retained until you delete the app or explicitly delete your account. Cloud-synced data is retained for the duration of your account and deleted within 30 days of a deletion request. Anonymous analytics events are retained by PostHog per their default retention policy (up to 7 years, but not linked to your identity after opt-out). Crash reports are retained by Sentry for 90 days.

Cookies are small files placed on your device by websites. The Purgd mobile app does not use browser cookies. It uses device-native storage (SQLite and SecureStore).

The Purgd marketing website (purgd.app) may use strictly necessary cookies to maintain your session if you log into the web companion. We do not use third-party advertising or tracking cookies on our website. Our website analytics (if any) use cookieless, privacy-preserving methods.

You can instruct your browser to refuse all cookies, though this may affect session-based features on the website. It has no impact on the mobile app.