top of page

Privacy Policy

Last Updated: March 16, 2026

Effective Date: As soon as the version 1.1.0. is live.

1. Introduction

This Privacy Policy describes how What Is Next? ("we," "our," or "us") collects, uses, stores, and protects information when you use the What Is Next? mobile application ("App") and related services. By installing, accessing, or using the App, you acknowledge that you have read, understood, and agree to this Privacy Policy. If you do not agree, you must not use the App.

The App is available on iOS, Android, and the web. This policy applies to all of these platforms.

2. Data Controller

The data controller responsible for your personal data in connection with the App is the operator of What Is Next? You may contact us at [support URL: https://www.whatisnext.app/support] for questions about this policy or your data.

3. Information We Collect

3.1 Account and Identity Data

When you create an account using Sign in with Apple, we receive and process:

  • Unique user identifier (Apple-subject identifier and/or our internal user ID)

  • Email address (if Apple provides it; Apple may offer a private relay email)

  • Name (full name, given name, and/or family name, if you choose to share them through Apple)

 

This data is used to create and maintain your account, authenticate you, and display your profile within the App (e.g., display name in Settings).

3.2 Task and Content Data

When you use the App, we collect and store:

  • Task title

  • Task description (optional)

  • Task date

  • Task status (e.g., todo, doing, done, cancelled)

  • Creation and modification timestamps

 

Task data is stored on your device and, when you are signed in, is synced to our cloud infrastructure so it is available across devices.

3.3 App Preference Data (Device-Only)

The following settings are stored locally on your device only:

  • Theme preference (system, light, or dark)

  • Text size preference (normal or large)

 

These settings are not uploaded to our servers and are not used to identify you.

3.4 Technical and Session Data

We automatically collect and use:

  • Authentication tokens (access and refresh tokens) necessary for secure access to your account

  • Device storage usage for session persistence and offline use

  • Network interactions required for syncing your data when connected

 

We do not collect precise geolocation, device identifiers for advertising, or similar tracking identifiers.

3.5 Data You Provide Voluntarily

We process any information you provide when contacting support (e.g., via our support page or email), including message content and any personal information you include.

4. How We Use Your Information

We use the data described above to:

  1. Create, maintain, and secure your account

  2. Provide, operate, and improve the App and its features

  3. Sync your task data across your devices when signed in

  4. Migrate locally stored tasks to your account when you sign in

  5. Respond to support requests and communicate with you

  6. Comply with legal obligations and enforce our Terms

  7. Protect the security and integrity of the App and our systems

 

We do not use your data for advertising, behavioral profiling, or sale to third parties.

5. Legal Bases for Processing (Where Applicable)

For users in the European Economic Area (EEA), United Kingdom, or other jurisdictions requiring a legal basis:

  • Contract performance: Processing necessary to provide the App and its core features.

  • Legitimate interests: Improving the service, securing it, and handling support.

  • Consent: Where you have given clear consent for specific processing.

  • Legal obligation: Where we are required by law to process or retain data.

6. Data Storage and Retention

6.1 Where Data Is Stored

  • Cloud storage: Your account data and task data (when signed in) are stored and processed using Supabase, our service provider, whose infrastructure may be located in various regions.

  • Local storage: Task data (when you are not signed in), app preferences, and session tokens are stored on your device using local storage (e.g., AsyncStorage).

6.2 Retention

  • While your account is active: We retain account and task data for as long as your account exists and you use the App.

  • After account deletion: When you delete your account (see Section 9), we delete your account data and task data from our systems in accordance with our deletion process. Residual copies may persist briefly in backups before being overwritten.

  • Local data: Data stored only on your device remains until you uninstall the App or clear app data.

  • Support communications: We may retain support-related correspondence for a reasonable period for record-keeping and legal compliance.

7. Third-Party Service Providers

We use the following categories of third parties to operate the App:

7.1 Supabase

We use Supabase for authentication, database storage, and server-side functions. Supabase processes your account data and task data on our behalf and in accordance with their privacy practices. Supabase’s privacy policy: https://supabase.com/privacy.

7.2 Apple

When you use Sign in with Apple, Apple processes your authentication request. Apple’s privacy policy governs how Apple handles your data: https://www.apple.com/legal/privacy/.

7.3 No Advertising or Analytics

The App does not currently use advertising networks, analytics SDKs, or similar tracking tools. We do not sell or rent your personal information.

8. International Data Transfers

Your data may be transferred to and processed in countries outside your residence, including countries where data protection laws differ. When we transfer data internationally, we rely on appropriate safeguards such as:

  • Adequacy decisions

  • Standard contractual clauses

  • Other mechanisms recognized under applicable law

You may contact us for more information about these transfers.

9. Your Rights and Choices

9.1 Access, Correction, and Deletion

You may:

  • Access your data through the App (tasks, account information in Settings)

  • Correct your data by editing tasks or updating your profile where possible

  • Delete your account and associated data by using Settings → Delete account in the App. Deletion is permanent and cannot be undone.

9.2 Data Export

A data export feature is planned. Until it is available, you may request an export of your data by contacting us at [support URL].

9.3 Opt-Out of Marketing

We do not currently send marketing communications. If we introduce marketing in the future, we will obtain your consent and provide an easy opt-out.

10. Security

We implement appropriate technical and organizational measures to protect your data, including:

  • Encrypted transmission (e.g., HTTPS/TLS)

  • Secure authentication via Apple

  • Access controls and service-level security provided by Supabase

  • Secure deletion workflows for account and task data

 

No system is entirely secure. You are responsible for keeping your device and credentials secure.

11. Children’s Privacy

The App is not directed at children under 13 (or the applicable age of consent in your jurisdiction). We do not knowingly collect personal data from children. If you believe we have collected such data, please contact us and we will delete it.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will indicate the "Last updated" date at the top and, for material changes, provide additional notice (e.g., in-app or by email). Continued use of the App after changes constitutes acceptance of the updated policy.

13. Contact

For questions about this Privacy Policy or your personal data:

bottom of page