Privacy Policy

Focii is a parental monitoring and focus-session management platform operated by Samantha Manono, trading as Focii. ("we", "us", or "our"). We are the data controller for the personal information processed under this policy.

For privacy-related questions or requests, contact us at legal@focii.app.

This policy applies to all components of the Focii platform: the web dashboard (focii.app), the Focii Chrome and Firefox browser extensions installed on student devices, and the Focii Windows Companion desktop application. It describes the personal data we collect from parent account holders and from student profiles managed by those accounts.

Focii collects different categories of data depending on which component of the platform you are using.

3.1 Parent Account Data

When you register and use the Focii dashboard, we collect:

• Email address and hashed password (via Supabase Auth)
• Display name and avatar image
• Phone number (if provided)
• A salted PIN hash used to secure parental override approvals
• Account settings and preferences
• Subscription and billing status (plan tier, trial dates, renewal dates)
• Web Push notification subscription tokens used to deliver real-time alerts to your browser
• Device IDs for any Windows machines you have paired to your account

3.2 Student Profile Data

Student profiles are created by the parent account holder. We collect and store:

• Student display name and avatar
• Optional email address (if the student logs in to the extension)
• A Supabase Auth UUID linking the student profile to the parent account
• The parent–student relationship record

3.3 Focus Session & Browsing Activity Data

This is the core operational data that makes Focii work. When a focus session is active on a student's device, a Focii browser extension may record in normal browsing windows:

• Session metadata: session ID, start time, end time, total duration, remaining time, and session status (ACTIVE / PAUSED / COMPLETED)
• URLs evaluated during the session, including full URLs and available page titles
• Final user-visible classification decisions for evaluated URLs: BLOCKED, ALLOWED, or AMBIGUOUS
• AI-generated scores for each visited page: an academic relevance score and a distraction score (0–100), a content category, a confidence level, and a short reasoning string
• Which classification tier resolved the decision: Tier 1 (whitelist, <5 ms), Tier 2 (cached domain intelligence, <50 ms), or Tier 3 (AI semantic analysis, <500 ms)
• Latency in milliseconds for each classification decision
• For search engines (Google, Bing, Yahoo, DuckDuckGo): the search query itself, along with classification of the query's intent
• Override request events: the URL the student requested an exception for, any justification text they submitted, and whether the parent approved or denied the request
• Any per-session override grants in effect

This data is stored in our Supabase database in tables including focus_sessions, analysis_events, site_decision_logs, domain_intelligence, and override_events.

In Firefox private windows, page analysis is performed locally in the extension. Private-window URLs, page metadata, classification decisions, and analysis events are not sent to the Focii AI endpoint or stored in these decision/cache tables.

3.4 Windows Companion App Data

When the Focii Windows Companion application is installed and paired on a student's Windows PC, it collects:

• A complete inventory of installed applications on the device, sourced from the Windows registry and Start Menu shortcuts. This inventory is synced to our database so parents can create app-blocking rules.
• App lock enforcement events: which applications were blocked during a session, timestamps, and enforcement event type
• A unique device ID and platform identifier ("WINDOWS")
• A periodic heartbeat (every 60 seconds) confirming the companion is online, recording a last-seen timestamp
• A local policy cache stored at %APPDATA%\FocusInterceptor\policy_cache.json so blocking enforcement continues during temporary internet outages
• Structured local logs at %APPDATA%\FocusInterceptor\companion.log

This data is stored in our database in the app_inventory, app_lock_events, and device_registrations tables.

3.5 Third-Party Content Metadata

When the extension encounters a YouTube video or Reddit post that has not been previously classified, it may fetch metadata from those platforms to improve classification accuracy:

• YouTube: rendered video title, channel name and available description or page text; if rendered title data is unavailable, the public YouTube oEmbed response may provide a title and channel name
• Reddit: subreddit name, post title, post content (up to 800 characters), and post flair — retrieved via Reddit's public API
• Generic unknown sites: page title and meta description

In normal browsing windows, this metadata is sent to the authenticated Focii server endpoint for classification (see Section 6). The server submits relevant metadata to OpenAI and may store the decision in content cache tables for future reuse. Firefox private-window page metadata is not submitted for AI classification or stored in those tables.

The use of information received from Google APIs will adhere to the Chrome Web Store User Data Policy, including the Limited Use requirements.

3.6 Billing & Subscription Data

Subscription and payment processing is handled by Paddle. We receive webhook notifications from Paddle that include your subscription plan, billing status, trial and renewal dates, and the email address associated with the purchase. We do not store or process raw credit card details — all payment data is handled directly by Paddle on their infrastructure.

3.7 Communications Data

If you use the contact form or email us, we collect your name, email address, your message, and the category of your enquiry. This data is processed by Resend (our email delivery provider) to route and deliver replies.

3.8 Technical & Device Data

The dashboard sets two authentication cookies (described in Section 8). No third-party analytics, advertising pixels, or fingerprinting scripts are used. The Chrome extension does not use cookies; it uses chrome.storage.local to persist authentication tokens and session state within the browser profile.

We use the data we collect to:

• Create and manage parent and student accounts
• Operate, start, pause, and end focus sessions in real time
• Classify websites and applications as educational or distracting so the extension can enforce blocking rules
• Present session activity, analytics, and blocked-content summaries in the parent dashboard
• Generate AI-powered session reports and weekly digest emails for parents (see Section 6)
• Deliver real-time override request notifications to the parent's browser via Web Push
• Enforce app blocking on paired Windows devices by syncing lock policies to the Companion app
• Process subscription payments and manage plan access
• Respond to support and contact enquiries
• Detect and prevent misuse, abuse, or unauthorised access
• Improve the accuracy and performance of our AI classification models

We do not use your data for advertising or sell it to any third party.

If you are located in the European Economic Area or United Kingdom, we rely on the following legal bases:

• Contract performance — processing necessary to provide the Focii service you have signed up for
• Legitimate interests — improving service quality, preventing misuse, and caching classification results to reduce AI processing costs
• Consent — sending optional marketing or digest emails (you may withdraw consent at any time)
• Legal obligation — retaining records where required by law

Focii uses OpenAI's GPT-4o-mini model to power two distinct features. It is important you understand what data is shared with OpenAI and why.

6.1 Real-Time Site Classification (Tier 3)

In normal browsing windows, when the extension encounters a URL that is not resolved by local rules or cache, it sends the URL and available page metadata to an authenticated Focii server endpoint. The server requests classification from OpenAI, which returns an academic score, a distraction score, a category label, a confidence level, and a student-facing reasoning summary. Final decisions may be stored in our database and cached to reduce repeated AI processing. Firefox private-window page analysis stays local and is not submitted to this endpoint.

6.2 Session Reports & Weekly Digests

At the end of a focus session and in weekly digest emails, we generate an AI-written summary for the parent. To produce this summary we send an aggregated session record to OpenAI that includes: total session duration, counts of blocked and allowed events, a list of blocked domain names, app names that were blocked, the number of override requests, and aggregate academic and distraction scores. We do not send full URLs or page titles in these summary requests — only aggregated counts and domain-level data.

OpenAI's data usage policies govern how they handle API request data. We use the API under terms that restrict OpenAI from using our requests to train their models. For details, see openai.com/policies/api-data-usage-policies.

We share data only with the service providers necessary to operate the platform:

Infrastructure & Database

• Supabase — our primary database, authentication provider, and serverless function host. All session data, user profiles, and event logs are stored in Supabase PostgreSQL hosted in West Europe (London) eu-west-2. Supabase processes data as a data processor under our instructions.
• Vercel — hosts and serves the Next.js dashboard. Vercel may retain edge function invocation logs for a short period per their standard retention policy.

AI Processing

• OpenAI — receives URL metadata and session aggregates for classification and report generation as described in Section 6.
• YouTube Data API v3 (Google) — queried server-side to retrieve video metadata for YouTube URLs that require AI classification.

Email & Notifications

• Resend — our transactional email provider. Delivers account emails, override notifications, and weekly digests. Resend retains delivery logs per their standard policy.
• Web Push services — browser push notifications are delivered through the push service built into the parent's browser (e.g. Firebase Cloud Messaging for Chrome). We send your browser's push subscription token to our Supabase Edge Function which relays the notification.

Billing

• Paddle — acts as the Merchant of Record for all Focii subscriptions. Paddle collects your payment details, handles tax compliance, and processes billing directly. Your payment relationship is with Paddle, not with us. We receive webhook notifications from Paddle confirming subscription status, plan, and renewal dates. See Paddle's Privacy Policy at paddle.com/legal/privacy for details.

Security (CAPTCHA)

• Cloudflare Turnstile — used on login and registration forms to detect bots. Cloudflare receives a challenge completion signal but no personal data beyond what Cloudflare's standard infrastructure processes.

We do not share data with advertisers, data brokers, or any party for purposes unrelated to operating the Focii service. We may disclose information if required by law, court order, or to protect the safety and security of our users.

Dashboard Cookies

The Focii dashboard sets exactly two cookies when you log in, both of which are required for authentication. No advertising, analytics, or tracking cookies are used.

• ACCESS_TOKEN — a short-lived Supabase JWT that authenticates your requests to the dashboard. Set as HttpOnly and Secure.
• REFRESH_TOKEN — a longer-lived Supabase JWT used to obtain a new access token when the current one expires. Set as HttpOnly and Secure.

Sessions expire after one hour of inactivity. Tokens are refreshed automatically while you are actively using the dashboard.

Browser Extension Local Storage

The Focii Chrome and Firefox extensions do not use browser cookies. They use chrome.storage.local — which is scoped to the extension and not accessible to websites — to store:

• Authentication tokens (parent access token and refresh token)
• The paired student ID and parent ID
• A device UUID that persists across browser restarts to uniquely identify the extension installation
• Supabase project URL and public API key
• Pending analysis events awaiting upload
• Active session override grants

This data is removed from the browser if the extension is uninstalled. It is not accessible to any website you visit.

Windows Companion Local Files

The Windows Companion stores configuration and a policy cache in %APPDATA%\FocusInterceptor\. These files are local to the machine and are not transmitted beyond what is described in Section 3.4.

If you grant notification permission in your browser, Focii will send you real-time alerts when a student requests an override during a focus session. We use the Web Push protocol with VAPID keys. Your browser's push subscription endpoint is stored in our database. You can revoke notification permission at any time in your browser settings, which will stop future pushes.

We retain your data for as long as your account is active. Specifically:

• Parent and student profile data — retained for the lifetime of the account
• Focus session records, analysis events, override events, and app lock events — retained for the lifetime of the account to power historical analytics in the dashboard
• Domain intelligence and content cache — retained indefinitely to avoid re-classifying the same URLs (a 24-hour minimum staleness check is applied before refreshing entries)
• Billing records — retained as required by applicable financial and tax regulations
• Email delivery logs — retained per Resend's standard policy (typically 30 days)
• After account deletion: all personal data is deleted or anonymised within 30 days except where retention is required by law

You can request deletion of your account and associated data at any time by contacting us at legal@focii.app.

We implement the following technical measures to protect your data:

• All data in transit is encrypted using TLS
• Passwords are hashed by Supabase Auth (bcrypt); we never store plaintext passwords
• The parental PIN is stored only as a salted hash — each account has a unique random salt preventing rainbow-table attacks
• Dashboard authentication tokens are stored in HttpOnly, Secure cookies not accessible to JavaScript
• Extension tokens are stored in extension-local storage, which is isolated from web content
• Supabase Row-Level Security policies are used to ensure parents can only access their own students' data
• Native Messaging communication between the extension and the Windows Companion uses a local pipe not exposed to the network

No system can guarantee absolute security. We encourage you to use a strong, unique password and to set a PIN for your Focii account.

Focii is a parental monitoring tool. The account holder is always an adult parent or guardian — students do not independently create Focii accounts or administer the service. Student profiles are created within the parent's account, and all session data collected from a student's device is visible only to that student's linked parent.

Because students may be under the age of 13, Focii is designed so that the parent — not the child — is the consenting party who controls what is monitored, what data is retained, and how the service is configured. This structure is intended to align with the requirements of the U.S. Children's Online Privacy Protection Act (COPPA).

We do not knowingly collect personal information directly from children for our own purposes. Browsing and application activity recorded during a focus session is collected on the parent's behalf and is accessible only to that parent. We do not use student activity data for advertising, profiling, or any purpose beyond operating the service for the parent.

Parents may review, export, or delete a student profile and all associated session data at any time from the Focii dashboard or by contacting legal@focii.app.

Depending on your location, you may have the following rights regarding your personal data:

• Access — request a copy of the data we hold about you
• Rectification — ask us to correct inaccurate or incomplete data
• Erasure — request deletion of your account and associated data
• Restriction — ask us to limit processing of your data in certain circumstances
• Portability — receive your data in a structured, machine-readable format
• Objection — object to processing based on legitimate interests
• Withdraw consent — where processing is based on consent (e.g. marketing emails), withdraw at any time without affecting prior lawful processing

To exercise any of these rights, contact us at legal@focii.app. We aim to respond within 30 days. If you believe we have not handled your data correctly, you have the right to lodge a complaint with your local data protection authority.

Our primary database is hosted by Supabase in West Europe (London) eu-west-2. When you use Focii, data may also be processed by our sub-processors in the United States (OpenAI, Resend, Vercel, Paddle, Google/YouTube, Cloudflare). Where data is transferred from the EEA or UK to countries without an adequacy decision, we rely on Standard Contractual Clauses or the sub-processor's own certification under an approved transfer mechanism.

We may update this Privacy Policy as the product evolves or as legal requirements change. When we make material changes, we will update the effective date at the top of this page and, where appropriate, notify you by email or via an in-dashboard notice. Continued use of the service after the updated policy takes effect constitutes acceptance of the revised terms.

For any privacy-related questions, data requests, or concerns, please contact us:

• Email: legal@focii.app
• Legal entity: Samantha Manono, trading as Focii