Privacy Policy

Effective date: March 9, 2026

Snug Planner ("Snug", "we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our web application at snugplanner.com, our Android mobile application, and related services (collectively, the "Service").

1. Information We Collect

Information you provide

• Account information: First name, last name, email address, and password when you register.
• Family information: Family name and family member names you create within the app.
• Content: Tasks, appointments, chores, projects, recipes, shopping lists, budget entries, notes, reminders, and other content you create in the Service.
• Files and attachments: Documents, images, and other files you upload to the Service.
• Payment information: If you subscribe to Snug Plus, payment is processed by Stripe. We do not store your credit card number or bank details — Stripe handles this directly. We store your Stripe customer ID and subscription status.

Information from third-party services

• Google Calendar: If you connect your Google Calendar, we access your calendar events using the Google Calendar API via OAuth 2.0. We only read and sync calendar data — we do not access other Google services. You can disconnect Google Calendar at any time from the calendar page, which revokes our access.

Information collected automatically

• Device tokens: If you use the Android app and enable push notifications, we collect your Firebase Cloud Messaging device token to deliver notifications.
• Error and performance data: We use Sentry for error tracking, which may collect technical information about errors (stack traces, device type, OS version) to help us fix bugs.
• Product analytics: We use PostHog for privacy-friendly product analytics. This collects anonymous usage data such as page views and feature interactions to help us understand how the Service is used and improve it. No personal data or cookies are used for this purpose.

Information we do NOT collect

• We do not use cookies for tracking or advertising.
• We do not use advertising-based analytics services like Google Analytics. We use PostHog for privacy-friendly product analytics to understand how features are used and improve the Service. PostHog does not use cookies for tracking and does not sell your data.
• We do not collect location data.
• We do not sell or share your data with advertisers.

2. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve the Service.
• Create and manage your account.
• Process subscriptions and payments via Stripe.
• Sync your calendar with Google Calendar when you opt in.
• Store and serve files and attachments you upload.
• Send push notifications and email reminders you have configured.
• Send transactional emails (e.g., family invitations, subscription confirmations).
• Monitor and fix errors and technical issues.

3. How We Share Your Information

We do not sell your personal information. We share information only in the following circumstances:

• Within your family: Family members in the same Snug family can see shared content (tasks, appointments, calendar, files, etc.).
• Service providers: We use third-party services to operate Snug:
  • Hetzner (Germany) — server hosting and database
  • Azure Static Web Apps (Microsoft) — web app hosting
  • Cloudflare R2 (Cloudflare) — file and attachment storage
  • Stripe — payment processing for subscriptions
  • Google — Calendar API (when you connect Google Calendar) and Firebase Cloud Messaging (push notifications)
  • Brevo — transactional emails
  • Sentry — error tracking
  • PostHog — privacy-friendly product analytics
• Legal requirements: If required by law, regulation, or legal process.

4. Google Calendar Integration

When you connect Google Calendar to Snug:

• We request access to read and write calendar events using OAuth 2.0.
• We only access your Google Calendar data — no other Google services.
• Calendar data is synced to display events in the Snug shared calendar.
• You can disconnect Google Calendar at any time from the calendar page, which immediately revokes our access.
• Our use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

5. File Storage

Files and attachments you upload are stored on Cloudflare R2, a cloud storage service. Files are associated with your family and accessible to all family members. When you delete a file from Snug, it is permanently removed from storage.

6. Data Storage and Security

Your data is stored on servers located in Germany (Hetzner) and Microsoft Azure (Europe). Files are stored on Cloudflare R2 (European data centers where available). We use industry-standard security measures including:

• HTTPS/TLS encryption for all data in transit.
• Passwords are hashed using bcrypt — we never store plaintext passwords.
• JWT-based authentication with secure token handling.
• Database access restricted to localhost connections only.
• Payment data handled entirely by Stripe (PCI DSS compliant) — we never see or store card numbers.

7. Data Retention

We retain your data for as long as your account is active. If you delete your account, we will delete your personal data and uploaded files within 30 days, except where we are required by law to retain it (e.g., payment records for tax purposes).

Push notification device tokens are automatically cleaned up when they become invalid.

If your subscription expires or is cancelled, your data is preserved in read-only mode — we never delete data due to an expired subscription.

8. Your Rights (GDPR)

If you are in the European Economic Area (EEA), you have the following rights under GDPR:

• Access: Request a copy of the personal data we hold about you.
• Rectification: Request correction of inaccurate data.
• Erasure: Request deletion of your personal data ("right to be forgotten").
• Portability: Request your data in a structured, machine-readable format.
• Restriction: Request that we limit processing of your data.
• Objection: Object to processing of your data.

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.

9. Children's Privacy

Snug is designed for families and may be used by children under parental supervision. We do not knowingly collect personal information from children under 16 without parental consent. Family accounts are created by adults who are responsible for adding family members, including children.

10. Push Notifications

If you use the Android app, you can opt in to push notifications. You can disable notifications at any time through your device settings or within the app. When you sign out, your device token is automatically unregistered.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the new policy on this page and updating the effective date. Continued use of the Service after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy or your personal data, contact us at:

Email: [email protected]
Snug Planner