Privacy Policy - Focal Point Productivity

Introduction

Mile High Software Solutions LLC ("we", "our", or "us") operates the Focal Point Productivity application ("the App"). This Privacy Policy explains how we collect, use, store, and protect your information when you use our App.

Focal Point is a productivity application designed for individuals, households, families, and small businesses. The App allows users to create tasks, notes, projects, and documents, and to share content with other users.

We limit the collection of personal data to what is necessary to provide and improve the App.

Information We Collect

We collect the following categories of information:

Account Information

Email address
Display name and profile photo (optional)
Authentication credentials (managed by Firebase Authentication, Apple, or Google)
Phone number (optional, for friend discovery)

User Content

Tasks, notes, projects, and reminders you create
Documents and images you upload
Comments on shared content
Tags, folders, and organizational structures

Usage Data

AI feature usage and cost (which AI features you use and how often), recorded per account so we can manage operating costs and prevent abuse
Crash reports and error logs (via Firebase Crashlytics)
Device type, operating system, and app version
General geographic region (country-level, not precise location)

Technical Data

FCM push notification tokens (for delivering notifications)
IP addresses (retained for up to 30 days for security, fraud prevention, and system integrity purposes)
We do not collect advertising identifiers (IDFA/IDFV/Android Advertising ID)

Integration Data

When you connect a Google account, we request the following scopes:

Google Calendar (https://www.googleapis.com/auth/calendar.readonly) — read-only access to your calendar events: titles, dates, times, locations, and attendee information.
YouTube (https://www.googleapis.com/auth/youtube.readonly) — read-only access to your YouTube subscriptions and video metadata (titles, thumbnails, channel info).

Both scopes are optional. You can use Focal Point without either integration. Each scope can be connected or disconnected independently.

How tokens are stored. When you connect, Google issues an OAuth refresh token. We exchange it server-side (via a Cloud Function) and store it in Firestore under your Firebase user ID (users/{your_uid}/integrations/google). The refresh token never leaves our backend — client apps never see it, and it is scoped to your Firebase account, not to your device. Access tokens used to make API calls are generated on demand by a Cloud Function and returned to the app short-lived.

Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), we process your data under the following legal bases:

Processing Activity	Legal Basis
Account creation and authentication	Contract performance
Storing and syncing your content	Contract performance
Third-party integrations (Calendar, YouTube)	Consent (opt-in)
Contacts access (friend discovery, attendee suggestions)	Consent (device permission prompt)
Phone number (friend discovery)	Consent (optional, user-provided)
Crash reporting and operational usage logging	Legitimate interest
Push notifications	Consent (opt-in via device settings)
Security and fraud prevention	Legitimate interest
Marketing communications	Consent (opt-in)

Service Providers and Subprocessors

We use the following third-party service providers to operate the App. Each provider processes data on our behalf under appropriate data processing agreements:

Provider	Purpose	Data Processed
Google Firebase	Authentication, database, storage, hosting	All user data
Google Gemini API	AI features (search, chat assistant, receipt scanning, suggestions)	Content you submit to AI features
Firebase Crashlytics	Crash reporting	Error logs, device info
Apple (App Store)	Authentication, payments	Apple ID, subscription status
Google (Play Store)	Authentication, payments	Google account, subscription status
Google Calendar API	Calendar integration	Calendar events (read-only)
YouTube Data API	Video previews	Video metadata

Google's Data Processing Terms apply to Firebase services. For details, see Firebase Data Processing Terms.

AI features (Google Gemini API): Content you submit to AI features — including messages you send to the Ask Focal Point assistant and the snapshot of app data needed to answer them — is processed by the Google Gemini API on a paid service tier. Under that tier, Google does not use this content to train or improve its models and retains it only for a limited period solely to detect and prevent abuse. See Google's Gemini API Terms ("How Google Uses Your Data").

Data Storage and International Transfers

Storage Location: Your data is stored on Google Cloud/Firebase infrastructure primarily in the United States (us-central1 region).

International Transfers: If you are located outside the United States, your data will be transferred to and processed in the United States. For users in the EEA, UK, or Switzerland, these transfers are protected by:

Google's compliance with Standard Contractual Clauses (SCCs)
Google's additional safeguards for international data transfers

For more information, see Google Cloud GDPR Compliance.

Data Retention

Data Type	Retention Period
Account and user content	Until you delete your account
Cached integration data	Deleted immediately when you disconnect a service
AI usage & cost logs, crash reports	Retained for operational cost analysis and bug fixing; crash data per Firebase Crashlytics defaults
Server logs (IP addresses)	Up to 30 days
Backups	Automatic infrastructure-level backups are managed by Google Cloud per their standard retention schedule. We do not maintain separate backups beyond this.
Inactive accounts	Free-tier accounts with no sign-in activity for 24 consecutive months are permanently deleted. See the Account Inactivity section below for the full policy. Accounts with an active Premium subscription are exempt from inactivity deletion.

Account Inactivity

To keep our service efficient and to reduce the personal data we retain, we permanently delete free-tier accounts that have been inactive for an extended period.

Threshold: Free-tier accounts with no sign-in activity for 24 consecutive months are subject to deletion.
Premium exemption: Accounts with an active Premium subscription are not subject to inactivity deletion, regardless of when they last signed in. The 24-month clock is paused while your subscription is active and resumes if you return to the free tier.
Advance warnings: Before any account is deleted for inactivity, we send three transactional notification emails to the address on file: 30 days before deletion, 7 days before deletion, and on the day of deletion. These notices describe an imminent change to your account and do not include an unsubscribe option.
How to stop deletion: Signing in to your account at any time before the deletion date immediately cancels the pending deletion and resets your 24-month clock to zero.
Permanence: Inactivity deletion is permanent. Your account, your personal content, and your membership in shared projects are removed. There is no recovery window after deletion.

Shared projects. A shared project is preserved as long as at least one of its administrators is not subject to inactivity deletion — that is, an administrator who is either a Premium subscriber or a free-tier user who has signed in within the last 24 months. A shared project is only deleted when every one of its administrators has themselves been deleted for inactivity. When you are deleted, references to your account are removed from any project you belonged to, whether the project is preserved or deleted.

Trip expense history. When you participate in a trip's expense tracking, your display name and email at the time of each entry are recorded on that entry. These records are preserved as a historical financial record even after your account is deleted. Past entries continue to show the name you used at the time, with a "deleted account" indicator beside the name. Existing settlement calculations are not recalculated.

Account Deletion

When you delete your account (or your account is deleted for inactivity):

All personal data and content is permanently deleted promptly upon your request
Automatic backups maintained by our cloud infrastructure provider (Google Cloud) are subject to that provider's standard retention schedule and will not contain restorable copies of your data after that schedule lapses
Your membership in shared projects (including any administrator status) is removed. Each shared project is preserved as long as at least one administrator remains who is not subject to deletion; if every administrator's account has been deleted, the project and its content are deleted as well
Your comments and contributions on shared content are deleted along with your account
Trip expense entries that reference you remain in place as a historical financial record (see Account Inactivity above)
Connected Google integrations are revoked. If you have connected Google Calendar or YouTube, the account-deletion flow calls Google's token revocation endpoint (https://oauth2.googleapis.com/revoke) with your stored refresh token and deletes our stored credential record. This happens before your Firebase account itself is deleted, so the revoke call has the auth context it needs. After deletion, Focal Point no longer has any access to your Google account, and your cached YouTube data is deleted along with the rest of your account data.
Aggregated, anonymized operational data (e.g., AI usage and crash statistics) may be retained

To delete your account, go to Settings > Account > Delete Account, or contact us at support@milehighsoftwaresolutions.com.

Sharing and Collaboration

Focal Point allows you to share projects, tasks, notes, and whiteboard pages with other users.

Permission Levels (Projects & Tasks)

Admin (Owner): Full control. Can edit content, invite or remove members, change permission levels, transfer ownership, and delete the project.
Editor: Can view and edit all content (add, modify, and delete tasks, notes, documents, kanban cards, etc.), but cannot manage members or sharing settings.
Viewer: Primarily read-only. Viewers may mark tasks complete, check off checklist items, and update task kanban status, but cannot add, edit, or delete other content.

Notes Sharing

Individual notes can be shared directly with specific users. Shared notes are read-only for recipients — only the note owner can edit or delete a directly-shared note. To collaborate on a note with edit access, place it inside a shared project and grant Editor permission at the project level.

Whiteboard Pages

Whiteboard pages (sticky-note boards) are shared at the page level. Individual sticky notes inherit the page's sharing settings; you cannot share a single sticky note independently.

What Shared Users Can See

Project, task, note, and whiteboard content you share
Your display name, email address, and profile photo
Activity on shared content (edits, comments, completion status)

Warning: Be cautious about sharing content containing sensitive personal information. You are responsible for obtaining appropriate consent before sharing content that contains others' personal data.

Your Responsibility for Shared Content

When you share content with other users, you are responsible for the personal data contained within that content, including ensuring you have the necessary rights and consents to share such information. We act as a service provider facilitating this sharing and do not control the content users choose to share.

Third-Party Integrations

Google Calendar Integration

Access Type: Read-only access to your calendar events.
Scope: https://www.googleapis.com/auth/calendar.readonly.
Data Accessed: Event titles, dates, times, locations, and attendee information.
How Data is Used: Calendar events are displayed in the Focal Point calendar and planner views alongside your tasks and reminders. We do not copy calendar data into our own database — events are fetched on demand and held only in the app's in-memory cache for the current session.
Storage: Event data is not permanently stored on our servers. OAuth credentials (refresh token and short-lived access tokens) are stored in Firestore under your Firebase user ID. The refresh token is only accessible to our Cloud Functions (using the Firebase Admin SDK); client apps never read or transmit it. Firestore security rules block all client-side reads and writes to this location.
Token Refresh: When your access token is near expiry, the app calls a Cloud Function that uses your stored refresh token to request a new access token from Google. The new access token is written back to Firestore and returned to the app. The refresh token itself is never transmitted to the app.
Disconnecting Calendar: Tapping “Disconnect Calendar” in Settings removes the Calendar scope from your stored integration without affecting YouTube. If Calendar was your only connected Google scope, the full Google integration is revoked and the stored credential document is deleted.

YouTube Integration

Access Type: Read-only access to your YouTube account.
Scope: https://www.googleapis.com/auth/youtube.readonly.
Data Accessed: Your list of YouTube subscriptions and metadata for videos you view within Focal Point (titles, thumbnails, channel names, publish dates).
How Data is Used: Your subscriptions are displayed inside the YouTube tab of Focal Point so you can browse recent videos from channels you follow. Video metadata is cached to avoid repeatedly calling the YouTube API for content you view multiple times.
Storage: A copy of your subscription list and a cache of video metadata you have viewed is stored in Firestore under your Firebase user ID (users/{your_uid}/youtubeData). This cached data is read only by you. OAuth credentials are handled identically to Calendar (see above): refresh token held in Firestore, accessible only via Cloud Functions; client apps never hold it.
Disconnecting YouTube: Tapping “Disconnect YouTube” in Settings removes the YouTube scope from your stored integration without affecting Calendar, AND deletes your cached subscription list and video metadata from Firestore. If YouTube was your only connected Google scope, the full Google integration is revoked and the stored credential document is deleted.

You can disconnect integrations at any time in Settings.

Google API Services — Limited Use Compliance

Focal Point's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically, we affirm that data obtained from Google APIs (including your Google Calendar events and YouTube subscription data) is used solely to provide user-facing features within Focal Point:

Limited Use. Google user data is only used to provide or improve the integration features you see in the app (displaying your calendar events alongside tasks; showing your YouTube subscriptions in the YouTube tab). We do not use Google user data for any other purpose.
No advertising. We do not use Google user data for serving advertisements of any kind, including retargeting, personalized, or interest-based advertising.
No sale or transfer. We do not sell or transfer Google user data to third parties, except to the extent necessary to provide user-facing features (e.g., Google Cloud infrastructure hosting your account), to comply with applicable law, or as part of a merger, acquisition, or sale of assets (with user notification).
No human access. We do not allow humans to read Google user data unless: (a) we have obtained your explicit consent to read specific data, (b) it is necessary for security purposes (such as investigating abuse), (c) it is necessary to comply with applicable law, or (d) the data is aggregated and anonymized and used for internal operations.
Not used for AI training. Google user data received through Calendar or YouTube APIs is not used to train, develop, or improve generalized or non-personalized artificial intelligence or machine learning models.

You can revoke Focal Point's access to your Google account at any time from within the app (Settings → Integrations → Disconnect Calendar or Disconnect YouTube) or directly at Google Account Permissions. When you revoke access — either in-app or via Google — we delete the OAuth credential record and any cached data associated with that integration within our normal processing window.

Phone Number & Friend Discovery

You may optionally provide your phone number in your profile to help friends find you on Focal Point. Your phone number is:

Stored securely in our database (encrypted at rest)
Stored as a one-way cryptographic hash (SHA-256) for matching purposes
Used only for friend discovery (matching against other users who search for you)
Never shared with third parties or used for marketing
Removable at any time via your profile settings

If you remove your phone number, you will no longer be discoverable by phone number.

Contacts Access

With your permission, Focal Point can access your device contacts for two purposes:

Friend Discovery: Check which of your contacts are already using Focal Point
Calendar Attendees: Suggest contacts when adding attendees to calendar events

When you use the friend discovery feature:

Contact phone numbers are converted to anonymous cryptographic hashes (SHA-256) on your device
Only these anonymous hashes are sent to our server for matching
Your actual contacts are never uploaded or stored on our servers
Matching results are returned to your device and not retained on our servers
Contact data is read fresh each time you use the feature — it is not cached or synced

When you use contacts for calendar attendee suggestions:

Contact names and email addresses are read locally on your device
This data is used only for display in the attendee picker and is not uploaded to our servers

You can revoke contacts permission at any time in your device settings (Settings > Focal Point > Contacts on iOS, or Settings > Apps > Focal Point > Permissions on Android). Revoking permission does not affect any other app functionality.

Document Storage

Free accounts: Up to 250 MB storage, 5 MB max file size
Premium accounts: Up to 10 GB storage, 100 MB max file size

If your Premium subscription lapses and your stored documents exceed the free plan 250 MB limit, you enter a 90-day download grace period:

Days 0–90 — Download grace period. You retain the ability to view, download, and delete all of your documents. Uploading new documents and editing existing documents are not permitted while you are over the free plan limit. We send email reminders at the start of this period and again at 7 days remaining.
Day 90 — Cleanup. If your stored documents are still over the 250 MB free plan limit, your oldest documents (in order of upload date) are removed until your account is at or below the limit. We send an email confirming which documents were removed. Your account itself remains active.
Days 90–120 — Recovery window. Removed documents can be restored for 30 days by resubscribing to Premium — this immediately restores every removed document. Recovery is via Premium resubscription only; we do not offer support-channel recovery as a way to extend the 90-day deadline.
Day 120 — Permanent deletion. If you have not resubscribed to Premium, the removed documents are permanently deleted and cannot be recovered.

You can stop the process at any time before day 90 by deleting documents to bring your total under 250 MB, or by resubscribing to Premium. Notes, tasks, projects, bookmarks, and other non-document content are not affected at any stage; your account itself stays fully active.

Inherited overage from transferred content. If another user transfers project ownership to you (for example, when a collaborator deletes their account) and the inherited content pushes you above your storage cap, the same 90-day grace period and day-90 cleanup apply. There is no separate carve-out for inherited content; the limit and the process are the same regardless of how the content arrived in your account.

Documents within shared projects are not counted toward your personal storage quota. See Shared Project Data Access below for details on shared project documents.

Shared Project Data Access

Focal Point projects support collaboration between multiple users. Editing project content (tasks, documents, sticky notes, kanban boards, and notes) requires an active Premium subscription.

Editing within a shared project requires at least one project administrator with an active Premium subscription. If all project administrators' subscriptions lapse:

The project transitions to read-only mode for all members
All members retain full viewing access to project content
Project documents remain downloadable by all members regardless of subscription status
No project data is deleted — all content is preserved indefinitely
Creating, editing, and deleting content within the project is disabled until a project administrator resubscribes
The project itself is preserved indefinitely while at least one administrator's account is active. A shared project is only deleted if every one of its administrators becomes subject to inactivity deletion (see Account Inactivity above)

You may always:

View and download any content within shared projects you belong to
Transfer project ownership to another Premium subscriber (if you are the primary owner)
Request a full export of your data via Settings > Account or by contacting support

Local Sync (Premium Feature)

Local Sync allows you to sync documents to a folder on your device:

Files are synced over your local network only
Synced files are stored unencrypted in the folder you specify
You are responsible for securing access to your local device and sync folder
Local Sync does not bypass cloud storage—files exist in both locations

Security Note: Local Sync is provided for convenience. If you store sensitive documents, ensure your device has appropriate security controls (encryption, access controls).

Data Security

We implement industry-standard security measures:

Encryption in Transit: All data transmitted using TLS 1.2+
Encryption at Rest: Data encrypted on Google Cloud infrastructure using AES-256
Authentication: Managed by Firebase Authentication with support for email/password, Apple Sign In, and Google Sign In
Access Controls: Principle of least privilege for administrative access
OAuth Tokens: Google OAuth refresh tokens are stored in Firestore under your Firebase user ID, accessible only to our server-side Cloud Functions via the Firebase Admin SDK. Firestore security rules block all client-side reads and writes to the credential path (users/{uid}/integrations/google). The refresh token is never transmitted to the app; client apps receive only short-lived access tokens on demand. You can revoke tokens at any time from Settings, and we also call Google's revocation endpoint when you disconnect a service or delete your account.

Note: Documents are encrypted at rest on our servers but are not end-to-end encrypted. We (the service operator) have technical ability to access user content for support and legal compliance purposes, though we do not routinely access user content.

Offline Cache on Your Device

To enable offline use, Focal Point keeps a local copy of your data (notes, tasks, projects, expenses, trip data) on your device. This local cache:

Is automatically encrypted by the operating system on iOS and Android
Is stored inside the app sandbox on macOS — encrypted at rest only if you have FileVault enabled
Is stored under your user profile on Windows — encrypted at rest only if you have BitLocker or Device Encryption enabled
Is cleared automatically when you sign out or delete your account

Desktop users: if you keep sensitive content in Focal Point, we strongly recommend enabling full-disk encryption — FileVault on macOS (System Settings → Privacy & Security) or BitLocker / Device Encryption on Windows (Settings → Privacy & security). Sign out on shared machines so the local cache is cleared.

Data Breach Notification

In the event of a data breach that affects your personal data:

We will notify affected users within 72 hours of becoming aware of the breach (as required by GDPR)
Notification will be sent via email to your registered email address
We will also notify relevant supervisory authorities as required by law
Notification will include: nature of the breach, data affected, steps we are taking, and recommended actions for you

Security concerns can be reported to support@milehighsoftwaresolutions.com.

Legal Requests and Disclosure

We may disclose your information if required to do so by law, subpoena, or other legal process, or if we believe such action is necessary to:

Comply with legal obligations
Protect and defend our rights or property
Prevent fraud or abuse of our services
Protect the safety of users or the public

Sensitive Data

Focal Point is a general-purpose productivity tool. While you may store various types of content, we recommend:

Do not store highly sensitive data such as government IDs, financial account numbers, or health records unless necessary
If you store sensitive content, understand it is encrypted at rest but not end-to-end encrypted
Be cautious when sharing content that may contain sensitive information about others

Usage and Crash Reporting

We collect a limited amount of operational data to keep the App reliable and sustainable:

AI usage logging: When you use an AI feature, we record which feature was used and its processing cost, associated with your account, so we can manage operating costs and prevent abuse.
Firebase Crashlytics: Collects crash reports including device type, OS version, and error stack traces to help us fix bugs.

We do not use Firebase Analytics, advertising identifiers, or any third-party cross-app tracking. This operational data is used only to run and improve the App, never for advertising.

Payment Processing

Premium subscriptions are processed through:

iOS: Apple In-App Purchases
Android: Google Play Billing

We do not collect, store, or process payment card information. All payment processing is handled directly by Apple or Google. We only receive confirmation of subscription status.

Children's Privacy

We do not knowingly collect personal data from children under 13 (or 16 in the EEA). Users must be at least 13 years old to create an account independently.

Families may share access to Focal Point through Apple Family Sharing or Google Play Family Library, which are managed by the respective platform. Parents or guardians using these features are responsible for supervising their children's use of the App and consent to the processing of their data as described in this policy.

If you believe a child under 13 has created an account independently, please contact us immediately at support@milehighsoftwaresolutions.com and we will delete the account.

Your Rights

Depending on your location, you have the following rights:

Access: Request a copy of your personal data
Correction: Update inaccurate information
Deletion: Delete your account and associated data
Portability: Export your data in a machine-readable format
Restriction: Request we limit processing of your data
Objection: Object to processing based on legitimate interests
Withdraw Consent: Withdraw consent for optional processing (integrations, marketing)

How to Exercise Your Rights

You can exercise most rights directly in the App (Settings > Account). For formal requests:

Email support@milehighsoftwaresolutions.com with your request
Include the email address associated with your account
We will verify your identity before processing
Requests will be processed within 30 days (or 45 days for complex requests, with notice)

There is no fee for reasonable requests. We may decline requests that are manifestly unfounded or excessive.

California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have additional rights:

Right to Know: What personal information we collect, use, and disclose
Right to Delete: Request deletion of your personal information
Right to Correct: Request correction of inaccurate information
Right to Opt-Out: Opt out of sale or sharing of personal information
Right to Non-Discrimination: We will not discriminate against you for exercising your rights

We Do Not Sell or Share Your Personal Information for cross-context behavioral advertising or other purposes that would constitute a "sale" or "share" under California law.

Do Not Track: The App does not respond to "Do Not Track" signals from browsers or devices.

To submit a request, email support@milehighsoftwaresolutions.com with subject line "California Privacy Request."

International Users (GDPR)

If you are located in the EEA, UK, or Switzerland:

See "Legal Basis for Processing" above for how we justify processing your data
You may withdraw consent at any time by disconnecting integrations or deleting your account
You have the right to lodge a complaint with your local data protection authority
See "Data Storage and International Transfers" for information about transfers outside the EEA

Marketing Communications

We may send you marketing communications about new features or offers if you have opted in. You can opt out at any time by:

Clicking "Unsubscribe" in any marketing email
Contacting us at support@milehighsoftwaresolutions.com

Opting out of marketing does not affect transactional emails (account confirmations, security alerts, subscription receipts).

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

Posting a notice in the App
Sending an email to your registered address
Updating the "Last Updated" date at the top of this page

Continued use of the App after changes constitutes acceptance of the updated policy. For significant changes, we will provide at least 30 days notice before the changes take effect.

Business Transfers

In the event of a merger, acquisition, restructuring, or sale of assets, user information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice in the App before your personal data becomes subject to a different privacy policy.

Contact Us

If you have questions about this Privacy Policy or our data practices:

Mile High Software Solutions LLC

2057 Arroyo Ct

Windsor, CO 80550

United States

support@milehighsoftwaresolutions.com