Privacy Policy

This Privacy Policy explains how CountMyDay handles personal information when you use the CountMyDay web application and related services. For residents of the United Kingdom, this policy also describes our roles and your rights under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

CountMyDay is operated by CountMyDay, based in the United Kingdom. Contact: support@countmyday.com

Account and identity data — email address, username, password (hashed), account ID, email verification status, and subscription tier.

Billing and subscription data — Stripe customer IDs, subscription IDs, plan, status, and renewal dates. We do not store full payment card numbers.

Run and task data — run names, task names, daily completions, streaks, difficulty settings, and run history.

Group run data — group run participation, member status, task completions, notifications, and results.

Usage and session data — IP address, browser and device information, session cookies, and authentication activity.

We collect information directly from you when you create an account, purchase a subscription, create runs and tasks, or contact us. We also collect information automatically from your browser including session data and authentication activity needed to run the service.

To provide, secure, maintain, and improve CountMyDay.

To authenticate users, manage accounts, and enforce subscription or feature access controls.

To process purchases, renewals, cancellations, and customer support requests.

To store and display your run, task, and streak data within the app.

To calculate and display analytics within your account.

To detect abuse, fraud, and security incidents.

To send account-related emails such as email confirmation and password reset.

To comply with legal obligations and enforce our agreements.

We process your personal data only where we have a lawful basis to do so:

Performance of a contract — creating and operating your account, providing the services you sign up for, storing your run and task data, and processing payments.

Legitimate interests — protecting the security of our service, preventing fraud and abuse, maintaining audit logs, and measuring product performance.

Legal obligation — keeping billing and tax records and complying with applicable law.

Consent — where we ask you to opt in to non-essential communications. You can withdraw consent at any time by contacting us.

We share information only with service providers that help us operate CountMyDay:

Stripe — payment processing

Supabase — database hosting and authentication

Vercel — application hosting

We do not sell your personal information. We do not share your data for advertising purposes. We may share information when required by law or to protect the rights and security of our users.

CountMyDay uses essential cookies for authentication and session management. We do not use advertising or tracking cookies. Strictly necessary cookies do not require consent.

We retain your personal information for as long as your account is active. On account deletion, your personal data will be removed within 30 days. Billing records are retained for the period required by applicable tax and accounting law.

We use HTTPS encryption, secure authentication via Supabase, access controls, and industry-standard infrastructure to protect your personal data. No method of transmission or storage is perfectly secure and we cannot guarantee absolute security.

As a UK resident you have the following rights, subject to the conditions and exceptions set out in the UK GDPR:

Access — to obtain confirmation of whether we process your personal data and receive a copy.

Rectification — to correct inaccurate or incomplete personal data.

Erasure — to request deletion of your personal data.

Restriction — to request that we limit processing in certain circumstances.

Portability — to receive your personal data in a machine-readable format.

Objection — to object to processing based on legitimate interests.

To exercise any of these rights, contact us at support@countmyday.com. We will respond within one month. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

The service is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided personal information to us, contact us so we can review and address it.

Your data is stored and processed in the United Kingdom and European Economic Area via our service providers (Supabase, Vercel). Where transfers outside these regions occur, we ensure appropriate safeguards are in place in accordance with UK GDPR requirements.

We may update this Privacy Policy from time to time. If we make a material change we will update the date above and provide additional notice where appropriate.

Privacy questions or requests may be sent to: support@countmyday.com