← Back to home

Privacy Policy

Last updated: January 2026

Our Philosophy

We believe privacy is a fundamental right. Next Action Hero collects only the data necessary to provide the service, and we never sell or share your personal information.

What We Collect

Account Data

When you sign in with Google, we receive your email address, name, and profile picture. We use this to create and identify your account.

Tasks and Projects

The tasks, projects, and notes you create are stored in our database to provide the service. This data is yours and you can request deletion at any time.

Game Data

Character stats, XP, and progression data are generated from your usage to power the gamification features.

Cookies

We use essential cookies for authentication via Google OAuth. These cookies are necessary for the service to function and cannot be disabled. We do not use any tracking or advertising cookies.

What We Don't Collect

  • We don't use tracking cookies
  • We don't sell your data to advertisers
  • We don't share your data with third parties for marketing
  • We don't read or analyze your task content for any purpose other than providing the service

Analytics

We use Plausible Analytics, a privacy-focused, cookieless analytics service. Plausible collects only anonymous, aggregate data (page views, referrer sources) and does not track individual users.

Data Storage

Your data is stored in a PostgreSQL database. We use standard security practices to protect your data, including encrypted connections (HTTPS) and secure authentication.

Your Rights

You have the right to:

  • Access your data
  • Export your data
  • Request deletion of your data
  • Correct inaccurate information

Contact us through Discord to exercise these rights.

International Users

For EU Users (GDPR)

You have rights to access, rectify, erase, restrict processing, and port your data. You also have the right to object to processing and to withdraw consent. Contact us via Discord to exercise these rights.

For California Users (CCPA)

You have the right to know what personal information we collect, request deletion of your data, and opt-out of the sale of personal information. We do not sell your personal information.

Third-Party Services

Google OAuth: Used for authentication. Google's privacy policy applies to their handling of your data.

Plausible: Used for anonymous analytics. No personal data is shared.

Data Retention

We retain your data as long as your account is active. If you request account deletion, we will remove your personal data within 30 days. Some anonymized data may be retained for analytics purposes.

Changes

We may update this policy as the product evolves. We'll notify users of significant changes through the app or Discord.

Governing Law

This privacy policy is governed by the laws of Australia.

Contact

Questions about privacy? Join our Discord server to get in touch.