Legal · v1.0

Privacy Policy

How my applications and services collect, use, and protect your information — including data accessed through Google APIs.

EffectiveMay 4, 2026 Last updatedMay 4, 2026 OperatorLuke Huxley

Scope

This Privacy Policy describes how I, Luke Huxley, the individual operator of the applications, websites, and services described on this site (collectively, the "Service"), handle personal information. It applies to anyone who interacts with the Service, including by signing in with a Google account.

This policy works alongside the Terms of Service. Capitalised terms not defined here have the meanings given in those Terms.

What I collect

I try to collect as little as I need to make a feature work. The categories below cover everything the Service may collect:

CategoryExamplesSource
Account identifiers Your email address, Google account ID, display name, and profile picture URL You, via your identity provider (e.g. Google sign-in)
Authorisation tokens OAuth access and refresh tokens scoped to the permissions you grant Your identity provider, on your authorisation
Google user data Only the data covered by the OAuth scopes you have approved (see Section 4) Google APIs, on your authorisation
Content you submit Text, files, settings, and other input you provide to the Service You
Technical logs IP address, user-agent string, request timestamps, error traces Automatically, when you use the Service

I do not intentionally collect special-category data (such as health, religion, or political views), and I do not buy personal data from third parties.

How I use it

I use the information I collect only to:

I do not use your information for advertising, profiling for marketing, or training generalised machine-learning models.

Google user data

When you authorise the Service to access your Google account, the Service uses Google API Services and is bound by the Google API Services User Data Policy, including the Limited Use requirements. The following commitments apply to all data the Service receives from Google APIs ("Google user data").

Limited Use commitments

Scopes I request

The Service only requests OAuth scopes that are required for a feature you have asked for. You will see the requested scopes on Google's consent screen before you grant access; the Service does not request additional scopes silently after that point.

Revoking access

You can revoke the Service's access to your Google account at any time at myaccount.google.com/permissions. Once you revoke access, the Service can no longer call Google APIs on your behalf and any cached Google user data is deleted within the timeframe described in Section 7.

In plain English

Your Google data is used to make the feature you authorised work, and nothing else. It is not sold, not used for ads, and not used to train AI models.

Sharing & transfers

I do not sell or rent personal information. I share it only in these limited cases:

Storage & security

Personal data and authorisation tokens are stored on infrastructure provided by reputable cloud platforms, with access restricted to me. I take reasonable technical and organisational measures to protect your information, including:

No system is perfectly secure. If I become aware of a security incident affecting your information, I will notify you and any required authority as soon as reasonably practicable.

Data retention

I keep personal information only as long as needed for the purposes described in this policy:

Your rights

Depending on where you live, you may have rights under privacy laws such as the GDPR (EU/UK), the CCPA/CPRA (California), or similar regimes. These typically include the right to:

To exercise any of these rights, email me using the address in Section 13. I will respond within the timeframe required by the applicable law (typically 30 days).

Cookies & local storage

The Service uses a small number of strictly necessary cookies and browser local-storage entries to keep you signed in and to remember preferences such as your chosen colour theme. It does not use third-party advertising or analytics cookies.

Children

The Service is not directed at children under 13, and I do not knowingly collect personal information from children under 13. If you believe a child has provided me with personal information, please contact me and I will delete it.

International transfers

The Service may be operated from, and your information may be processed in, countries other than the one you live in. Where such transfers are subject to data-protection law, I rely on appropriate safeguards (such as standard contractual clauses) to protect your information.

Changes to this policy

I may update this policy from time to time. If I make a material change, I will update the "Last updated" date at the top of this page and, where reasonable, notify you through the Service. Your continued use of the Service after the change becomes effective constitutes acceptance of the updated policy.

Contact

Questions, requests about your data, or anything else privacy-related — email me directly. I read every message.

Get in touch