Privacy Policy

Key Points

The KiteTasks app has no backend server. Your task data, and the calendar events you choose to display alongside it, reside locally on your device and within Google's ecosystem — we never store, sell, or analyse them. The app itself ships with zero telemetry: no usage tracking, no crash analytics, no phone-home. The kitetasks.com marketing website uses basic, anonymised web analytics (Google Analytics 4 and Vercel Analytics) to measure traffic; details in the “This Website” section below.

Data Access

The app accesses only the minimum information required to provide its task management and calendar overlay features.

Google Tasks (read and write). To let you view, create, edit, and complete tasks, KiteTasks reads and writes:

• Task list names
• Task titles, notes, due dates, and completion status

Google Calendar (read-only). To display events alongside your tasks in the Upcoming view, KiteTasks reads:

• The list of calendars on your Google account, so you can choose which ones to display
• Event titles, times, and details for events on the calendars you choose to show

Calendar access is requested through Google's read-only OAuth scopes (calendar.calendarlist.readonly and calendar.events.readonly). The app cannot create, modify, or delete any calendar or event — it only reads events so they can appear next to your tasks.

Account. The app also reads your Google account email address, for display purposes only.

KiteTasks does not access or store your Google password. Authentication is handled via OAuth 2.0 (see Data Security below).

Data Security

KiteTasks protects your data through multiple layers of security:

• All communication with Google's servers is encrypted using HTTPS/TLS.
• OAuth 2.0 authentication tokens are stored in macOS Keychain, Apple's hardware-backed secure credential storage.
• All app data is sandboxed within Apple's app sandbox, preventing access by other applications.
• No data is transmitted to or stored on any server other than Google's own APIs.

Data Retention & Deletion

Cached task data and preferences are retained locally only while KiteTasks is installed on your device. No data is backed up to any external server. To delete all locally stored data, simply uninstall the application — this removes all cached tasks, preferences, and authentication tokens from your device. You can also revoke KiteTasks's access to your Google account at any time via Google's Security Settings.

Storage & Third Parties

All preferences and cached data are stored locally within Apple's app sandbox on your Mac. The application communicates directly with Google's APIs over HTTPS — no data passes through any intermediary server. Consult Google's Privacy Policy for their data handling practices.

We do not sell, share, transfer, or disclose your Google user data to any third party, advertising platform, data broker, or information reseller.

User Rights (GDPR & CCPA)

Since KiteTasks does not store any data on remote servers, there is no server-side data to request, export, or delete. All data resides locally on your device and can be fully removed by uninstalling the app (see Data Retention & Deletion above). You may also revoke access at any time via Google's Security Settings.

Google API Compliance

KiteTasks's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

• Data is used only to provide and improve the user-facing task management features visible in the app.
• Data is not transferred to any third party, except as necessary to provide the app's core functionality, or as required by law.
• Data is not used for serving advertisements, retargeting, or interest-based advertising.
• Data is not used for developing AI or machine learning models.
• No human reads your Google user data unless you provide explicit consent, it is necessary for security purposes (e.g., investigating abuse), or it is required by law.

This Website

The kitetasks.com marketing website is a separate surface from the KiteTasks app and uses basic web analytics to measure traffic and understand how visitors find the product. Specifically, the site loads Google Analytics 4 and Vercel Analytics, which record:

• Anonymised page views, referrers, and time on page
• Country, aggregated browser and device information (from the User-Agent header)
• Download-button click events, used to measure which sections of the site convert

What these analytics do not collect: your Google Tasks data, your Google account, your tasks, or any information from inside the KiteTasks app. The app itself has zero telemetry and never communicates with our analytics pipeline — your tasks only ever travel between your Mac and Google's servers. We do not use cross-site tracking, ad retargeting, or sell any data to third parties.

You can opt out of Google Analytics at any time using the official Google Analytics opt-out browser add-on or any standard content blocker.

Contact

Questions about this privacy policy can be directed to tocopocolabs@gmail.com.