Privacy Policy
Last Updated: January 25, 2026
Quick Summary
| What we collect | Email, name, emergency contacts, check-in data, device info, location data (optional) |
| Why we collect it | To provide the safety check-in service |
| Who we share with | Your emergency contacts (when you miss check-ins), service providers |
| Do we sell data? | No, never |
| How to delete | Use "Delete Account" in app settings or email privacy@okaytoday.org |
Table of Contents
Welcome to OK Today. We are committed to protecting your privacy and ensuring you understand how we collect, use, and safeguard your personal information.
OK Today is a safety check-in application designed to help people living alone stay safe by allowing them to check in regularly and notify emergency contacts if they miss a check-in.
By using OK Today, you agree to the collection and use of information in accordance with this Privacy Policy.
1. Information We Collect
1.1 Information You Provide Directly
| Data Type | Purpose | Required |
|---|---|---|
| Email Address | Account creation, communication, alert delivery | Yes |
| Display Name | Personalization, identifying you in alerts | Yes |
| Emergency Contact Information | Names and email addresses of people you designate | Yes (at least 1) |
| Check-In Preferences | Your chosen check-in interval (24 hours to 7 days) | Yes |
| Timezone | Accurate deadline calculations and notifications | Yes |
| Custom Email Templates | Personalized alert messages (Premium feature) | No |
1.2 Information Collected Automatically
| Data Type | Purpose |
|---|---|
| Check-In Timestamps | Recording when you mark yourself as "OK" |
| Device Information | Device model, for single-device restriction enforcement |
| Device Token | Unique identifier to enforce one-device-per-account policy |
| Push Notification Token | Firebase Cloud Messaging (FCM) token for sending check-in reminders |
| Notification Preferences | Whether reminders are enabled, reminder timing (minutes before deadline) |
| Usage Data | Feature usage patterns to improve the Service |
| Location Data (Optional) | GPS coordinates captured during check-ins if you enable location tracking |
1.3 Information from Third-Party Services
Google Sign-In: When you sign in with Google, we receive your Google account email address, display name, and profile picture URL (not stored). We do not access your Google contacts, calendar, or any other Google services.
1.4 Payment Information
Google Play Billing: When you subscribe to a paid plan, we receive a purchase token from Google Play to verify your subscription. We do NOT receive or store your credit card number, billing address, or other financial details. All payment processing is handled securely by Google Play.
2. How We Use Your Information
2.1 Core Service Functionality
- Safety Monitoring: Track your check-ins and calculate deadlines
- Alert Delivery: Send email notifications to your emergency contacts when you miss a check-in
- Reminder Notifications: Send you warnings before your deadline expires
- Account Management: Manage your subscription, settings, and preferences
2.2 Service Improvement
- Analyzing usage patterns to improve features
- Identifying and fixing bugs or technical issues
- Developing new features based on user needs
2.3 Location Services (Optional)
If you enable location tracking in app settings:
- Location Capture: We capture your GPS coordinates during check-ins and optionally during periodic updates when approaching your deadline
- Geocoding: We use Google Maps API to convert coordinates to human-readable addresses (e.g., "San Francisco, CA")
- Alert Integration: If you enable "Share location in alerts" AND you miss a check-in, your last known location is included in the emergency email as a Google Maps link
- Privacy Controls:
- Location tracking is disabled by default
- You can disable tracking at any time
- You control whether location is shared in alerts (separate toggle)
- Location data is automatically deleted after 7 days
- You can manually delete all location history anytime
- Abuse Prevention: We implement rate limiting (maximum 500 location updates per day) and fraud detection to prevent cost attacks and GPS spoofing
2.4 Content Moderation
- Safety Screening: We use automated systems including Google's Perspective API to analyze custom email templates for harmful content
- What We Check For: Threats, harassment, hate speech, and other content that violates our community guidelines
- How It Works: Your custom email template text is sent to Google's Perspective API for analysis. The text is processed anonymously (not linked to your account) and is not stored by Google
- Why We Do This: To protect your emergency contacts from receiving harmful or abusive content and to maintain a safe service for all users
2.5 Communication
- Sending service-related emails (verification, alerts, reminders)
- Notifying you of important changes to the Service or this Policy
- Responding to your inquiries or support requests
3. Information Sharing and Disclosure
3.1 With Your Emergency Contacts
When you miss a check-in, your emergency contacts receive an email containing your display name, when you last checked in, when your deadline was, and any custom message you've configured.
Location Sharing (Optional): If you have enabled both location tracking AND "Share location in alerts", the emergency email will also include your last known location as a Google Maps link and human-readable address. This feature is disabled by default and requires your explicit consent.
Important: Your emergency contacts only receive information when you miss a check-in. They do not have access to your account or ongoing check-in status.
3.2 With Service Providers
| Service | Purpose | Data Shared |
|---|---|---|
| Google Cloud Platform | Hosting, database, authentication | All data (encrypted) |
| Firebase (Google) | User authentication, database | Account data, app data |
| Resend | Email delivery | Email addresses, email content |
| Google Play | Subscription management | Purchase tokens |
| Google Perspective API | Content moderation | Custom email template text (anonymized) |
| Google Maps API | Location geocoding (optional) | GPS coordinates (only if location tracking enabled) |
3.3 Legal Requirements
We may disclose your information if required by law, such as responding to valid legal processes (subpoenas, court orders), protecting the rights, property, or safety of OK Today, our users, or others, or detecting, preventing, or addressing fraud, security, or technical issues.
4. Data Storage and Security
4.1 Where We Store Your Data
Your data is stored on Google Cloud Platform servers located in Asia-Northeast1 (Tokyo, Japan). Data may be replicated across Google Cloud regions for reliability and disaster recovery.
4.2 Security Measures
| Measure | Description |
|---|---|
| Encryption in Transit | All data transmitted using TLS 1.3 |
| Encryption at Rest | Database encrypted using AES-256 |
| Authentication | Firebase Authentication with Google OAuth 2.0 |
| Access Controls | Strict access controls on backend systems |
| Secure APIs | All API endpoints require authentication |
5. Data Retention
| Data Type | Retention Period |
|---|---|
| Account Data | Until you delete your account |
| Check-In History | 90 days rolling |
| Alert History | 1 year |
| Emergency Contacts | Until you remove them or delete your account |
| Email Templates | Until you delete them or delete your account |
| Subscription Data | Duration of subscription + 1 year for records |
| Location Data (if enabled) | 7 days automatic deletion |
| Email Hash (fraud prevention) | 1 year after account deletion |
When you delete your account, your account data is permanently deleted within 30 days.
6. Your Rights and Choices
6.1 Access and Portability
You have the right to access your personal data through the app settings and export your data by contacting us at privacy@okaytoday.org.
6.2 Correction
You can update your display name and email (through Google account), timezone and check-in interval (in app settings), emergency contacts (in app), and email templates (in app).
6.3 Deletion
You can:
- Delete individual emergency contacts in the app
- Delete all location history in app settings (Settings > Privacy > Delete Location History)
- Delete your entire account in app settings (Settings > Delete Account)
- Request deletion by emailing privacy@okaytoday.org
Note: Location data is automatically deleted after 7 days, but you can manually delete it anytime before then.
6.4 Regional Rights
For EU/EEA Residents (GDPR): Right to access, rectify, erase your data; right to data portability; right to restrict or object to processing; right to withdraw consent; right to lodge a complaint with a supervisory authority.
For California Residents (CCPA): Right to know what personal information is collected; right to know if personal information is sold or disclosed; right to say no to the sale of personal information (we do not sell data); right to access your personal information; right to equal service and price.
7. Children's Privacy
OK Today is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at privacy@okaytoday.org.
8. International Data Transfers
Your information may be transferred to and processed in countries other than your country of residence. When we transfer data internationally, we use Standard Contractual Clauses approved by the European Commission, Data Processing Agreements with all service providers, and encryption and security measures for data in transit.
9. Third-Party Services
OK Today uses the following third-party services:
- Google Services: Sign-In, Firebase Authentication, Cloud Firestore, Firebase Cloud Messaging (FCM), Cloud Run, Cloud Scheduler, Play Billing - Google's Privacy Policy
- Google Maps API: Geocoding service to convert GPS coordinates to addresses (only if you enable location tracking). Coordinates are sent to Google's servers for processing - Google's Privacy Policy
- Google Perspective API: Content moderation for custom email templates. Text is analyzed anonymously and not stored - Perspective API Privacy FAQ
- Resend: Email delivery - Resend's Privacy Policy
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. Material changes will be communicated via email notification to your registered email. Minor changes will be indicated by the updated "Last Updated" date at the top of this Policy.
Your continued use of OK Today after changes become effective constitutes acceptance of the revised Privacy Policy.
11. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Email: privacy@okaytoday.org
Website: https://okaytoday.org
Response Time: We aim to respond to all privacy-related inquiries within 30 days.