Last updated: 5 May 2026
Your block lists, focus sessions, statistics, and lock configurations stay on your Mac — they are never uploaded. To use AI features or pay for a subscription you create an account; we then store your email, display name, optional age range, and your subscription state. If you enable the AI focus assistant on a paid plan, short text snippets from your screen are sent to our server and onward to Anthropic for classification. They are not logged or used for training. You can export or delete everything we hold about you at any time by emailing us.
When you sign in (Google or Apple OAuth, via Supabase), we store your email address, display name, and an optional age range you choose during onboarding. This is held in our Supabase project hosted in the EU (Frankfurt, Germany). It is used only to: (1) identify you across devices, (2) attach your subscription entitlement to a stable identity, and (3) personalise the in-app greeting. Auth tokens (refresh tokens) are kept on your Mac in macOS Keychain; an HTTP-only Supabase session cookie is set on the website when you sign in there to complete checkout.
If you upgrade to FocusDragon Pro, AI Focus, or AI Focus Max, payment is handled entirely by Stripe. Stripe collects and stores your card number, billing address, and any other payment-method information directly. We never see your card number. We store only: a Stripe customer ID linking your account to your Stripe record, your active subscription status, the tier you're on, and the expiry date of your current period. Receipts and chargeback records are retained by Stripe for 7 years to satisfy accounting law (we cannot delete them earlier even on request).
Every block list, every lock configuration, every focus-session log, every minute of statistics, your taskContext, the blocks you've created — all of this is stored in macOS Application Support and never leaves your computer. There is no "sync" today; if you reinstall on a fresh Mac you start fresh (cross-device sync is on the roadmap but is not built yet).
If you enable the AI focus assistant and you are on a paid plan (AI Focus or AI Focus Max), short snippets of the active tab's visible text (up to 1,200 characters) and the bundle ID / window title of the active app are sent every 30 seconds, while a focus block is running, to api.focusdragon.app. Our server (Vercel-hosted, EU region) verifies your subscription, increments your monthly usage counter, then forwards the snippet to Anthropic's Messages API. Anthropic returns a verdict. We do not log, persist, or train any model on the snippet — our server treats it as a pass-through. Anthropic, under its current API terms, also does not retain the request beyond the period needed to return a response, and does not use API inputs to train its models. The verdict is held in memory only long enough to act on it. We do log per-user monthly call counts (a single integer) for quota enforcement and abuse prevention.
If you bring your own Anthropic API key ($15 lifetime, every AI feature works this way), the Mac app sends snippets directly from your computer to Anthropic, signed with your key. Our servers see nothing in this case. Your traffic, your contract with Anthropic, your bill.
Whichever path you use, the browser extension never reads body text from: banking, payments, brokerage, email, identity / authentication, password manager, or healthcare sites. On those domains only the URL and tab title flow. It also never reads body text from incognito / private browsing tabs. The exclusion list is hard-coded — you can't accidentally opt out of it.
If you do not enable the AI focus assistant, the Chrome / Safari / Firefox extensions read only the URL of pages you visit and match them against your block list. No page body text, no DOM, no cookies, no form contents — just the URL string. The extension communicates with the local FocusDragon app on your Mac via the browser's native-messaging channel; it does not make network requests to any server we operate.
Vercel (our hosting provider) keeps standard HTTP access logs for api.focusdragon.app and focusdragon.app for up to 30 days. These contain timestamp, IP address, request path, response code, and user-agent — used for debugging and abuse prevention. They are not joined to your account or used to profile you.
focusdragon.app uses two cookies, both first-party: an HTTP-only Supabase session cookie when you sign in (so checkout / portal flows work), and a short-lived `fd_post_auth_redirect` cookie that remembers where to send you after sign-in. There are no third-party marketing cookies, no advertising pixels, no Google Analytics on the site.
Inside the Mac app you can opt in to anonymous product analytics (PostHog). It is OFF by default. If you enable it, we receive aggregate, non-identifying event names ("a block started", "AI verdict returned") with no block contents, no app names, no URLs, no page text, and no PII. You can disable it from Settings → General → Privacy at any time; existing events are not retroactively deleted but new events stop.
If FocusDragon crashes, a stack trace is sent to Sentry with all personal context stripped (no block data, no file paths beyond the bundle, no clipboard, no environment). You can disable crash reporting in Settings → General → Privacy. Crash reports help us fix bugs that would otherwise silently affect users.
We use the following providers, each performing the role described: Supabase (auth + accounts + entitlements DB; EU/Frankfurt), Stripe (billing; US/EU); Anthropic (AI classification; US); Vercel (hosting; EU/global edge); Sentry (crash reports; EU); PostHog (optional analytics; EU). Where data is transferred outside the EEA we rely on the EU Standard Contractual Clauses.
If you are in the EU, UK, or California you have the right to access, correct, or delete the personal data we hold about you, and to receive an export in a machine-readable format. To exercise any of these rights, email us at hello@focusdragon.app. We respond within 30 days. Account deletion is also self-serve: Settings → Account → Delete account permanently removes your Supabase row, your subscription, and any entitlements. Stripe records of past payments are retained as required by accounting law (typically 7 years).
FocusDragon is not directed at children under 13. We do not knowingly collect personal data from anyone under 13. EU users under 16 require parental consent. If we learn we've inadvertently collected data from a minor, we delete it.
When we materially change this policy we update the "last updated" date at the top, list the change in the in-app changelog, and — for changes that expand what we collect — surface a notice in the app the next time you open it. Continued use after that notice constitutes acceptance.
Privacy questions, deletion requests, or concerns: hello@focusdragon.app. We aim to respond within two business days.