Privacy Policy

Effective Date: March 28, 2026 | Last Updated: April 5, 2026

This Privacy Policy describes how Contracts Manager (referred to as "the App", "we", "us", or "our"), developed by TProM Team, collects, uses, stores, and protects your information. The App is available as a web application and on Android (with iOS planned).

We are committed to transparency and to complying with the General Data Protection Regulation (GDPR) and other applicable data protection laws. This policy is based on the actual behavior of the App as implemented in its source code.

Key Points at a Glance

We operate a lightweight serverless proxy for AI requests, but we do not store your contract data on our servers.
Your contract data is stored on your device and, if you opt in, in your own Google Drive account (encrypted with per-user keys).
We do not use analytics, tracking, advertising, or crash-reporting services.
AI-powered contract analysis (via Groq) is optional, user-initiated, requires authentication, and the data is not stored by the AI provider.
You can use the App in guest mode without providing any personal information.

1. Data We Collect

1.1 Personal Data (via Google Sign-In)

If you choose to sign in with Google, we receive the following from your Google account through Firebase Authentication:

Data	Source	Purpose
Email address	Google Account	User identification and account management
Display name	Google Account	Personalization within the App
Profile photo URL	Google Account	Avatar display in the App
Unique user ID (UID)	Firebase Authentication	Internal account identifier
Account creation date	Firebase Authentication	Account metadata
Last sign-in date	Firebase Authentication	Account metadata

Guest Mode: You may use the App without signing in. In guest mode, no personal data is collected. All data remains on your device only.

1.2 Contract Data (User-Provided Content)

You create and manage contract records that may include:

Contract title and description (free text)
Category and custom tags
Financial information: amounts, payment direction (pay/receive), currency
Dates: start date, end date
Reminder settings
Attached documents: PDFs and images (stored as files on your device)

Important: We do not control or review the content you enter into contracts. Your contracts may contain personal or sensitive data (e.g., names, addresses, financial details). The App processes this content to provide its core functionality but does not classify, profile, or make automated decisions based on it.

1.3 App Preferences

The App stores your settings locally, including: language, theme, font size, currency preference, notification preferences, and auto-sync preference.

1.4 Technical Data

Data	When	Purpose
Browser/OS information	During cloud sync	Included in sync metadata to help you identify which device last synced
Google OAuth access token	After sign-in	Authorize access to your Google Drive app folder

1.5 Data We Do NOT Collect

Location data
Contact lists
Call or SMS logs
Camera or microphone data
Device identifiers for advertising
Browsing history
Biometric data

2. Data Sources

2.1 Directly from You

All contract data, settings, and document uploads are provided directly by you through the App's interface.
You initiate sign-in, cloud sync, and AI analysis actions.

2.2 From Third Parties

Third Party	Data Received	When
Google (via Firebase Authentication)	Email, display name, profile photo URL	When you sign in with Google
Groq API	Structured extraction result (JSON) based on text you sent	When you use AI contract analysis

3. How We Store Your Data

3.1 Local Storage (Your Device)

All core App data is stored locally on your device using browser localStorage (web) and native device storage (Android via Capacitor). This includes:

All contract records and attached documents
App settings and preferences
User profile information (if signed in)
Authentication tokens
Reminder schedules and notification history
Sync state and backup data

3.2 Cloud Storage (Your Google Drive)

If you opt in to cloud sync, the App stores data in the hidden application-specific folder (appDataFolder) within your own Google Drive account. This folder is:

Invisible in your Google Drive's normal file listing
Accessible only by the App using your Google OAuth token
Owned and controlled by you within your Google account

The following files are stored in your Google Drive app folder:

File	Content	Encrypted
`contracts.json`	Your contract records (document file contents are excluded — only filenames are synced)	Yes (AES-256-GCM)
`settings.json`	Your app preferences	Yes (AES-256-GCM)
`sync-metadata.json`	Sync version, timestamp, contract count, device info	No

Important: Attached document files (PDFs, images) are never uploaded to the cloud. Only document filenames and extensions are included in the synced contract data. Full document content remains on your device only.

3.3 Firebase Authentication

Your authentication identity record (email, name, profile photo URL, UID, account timestamps) is stored in our Firebase Authentication project (contracts-manager-e82c5). Firebase is operated by Google and processes this data on our behalf. As the Firebase project administrator, we have access to your email address, display name, and account metadata through the Firebase Console. This data is used solely for account management and support purposes. No contract data is stored in Firebase.

3.4 Our Own Servers

We do not operate our own backend databases to store your data. We operate a lightweight serverless proxy (hosted on Vercel) that forwards AI analysis requests to the Groq API. This proxy verifies your Firebase authentication token to ensure only authenticated users can make AI requests, but it does not store, log, or retain any contract data or AI responses. All contract data resides either on your device or in your own Google Drive account.

3.5 Google Cloud Platform Monitoring

Our use of Google APIs (Firebase Authentication, Google Drive) is managed through Google Cloud Platform. Google Cloud automatically records API usage metrics (such as request counts, error rates, and quota usage) in the Google Cloud Console. This is infrastructure-level monitoring provided by Google and does not contain your personal contract data. However, it may include aggregated usage statistics such as the number of API calls made by the App.

4. How We Use Your Data

Purpose	Data Used	Legal Basis (GDPR)
Provide core App functionality (manage contracts)	Contract data, settings	Contract performance (Art. 6(1)(b))
Authenticate your identity	Google account data via Firebase	Consent (Art. 6(1)(a)) — you initiate sign-in
Cloud sync across devices	Encrypted contract data, settings	Consent (Art. 6(1)(a)) — you opt in to sync
AI-powered contract analysis	Extracted text from uploaded documents (up to 4,000 characters)	Consent (Art. 6(1)(a)) — you initiate each analysis
Send contract reminders	Contract title, amount, end date	Contract performance (Art. 6(1)(b))
Load application fonts	Your IP address (standard HTTP request to Google Fonts CDN)	Legitimate interest (Art. 6(1)(f))

5. Legal Bases for Processing

5.1 European Economic Area (EEA), United Kingdom (UK), and Switzerland

The General Data Protection Regulation (GDPR) and UK GDPR require us to explain the valid legal bases we rely on to process your personal information. We may rely on the following legal bases:

Consent (Art. 6(1)(a)): You have given us permission to use your personal information for a specific purpose. This applies to Google Sign-In, cloud sync, and AI analysis — all of which you initiate. You can withdraw your consent at any time.
Performance of a Contract (Art. 6(1)(b)): Processing is necessary to fulfill our contractual obligations to you, including providing the core contract management functionality and reminders.
Legitimate Interests (Art. 6(1)(f)): Processing is necessary for our legitimate interests, such as loading application fonts from a CDN, provided these interests are not overridden by your rights.
Legal Obligations (Art. 6(1)(c)): Processing is necessary for compliance with a legal obligation to which we are subject.
Vital Interests (Art. 6(1)(d)): Processing is necessary to protect your vital interests or those of another person, such as situations involving potential threats to safety.

If you are located in the EEA or UK and believe we are unlawfully processing your personal information, you have the right to complain to your Member State data protection authority or the UK data protection authority. If you are located in Switzerland, you may contact the Federal Data Protection and Information Commissioner.

5.2 Canada

If you are located in Canada, we may process your information if you have given us specific permission (express consent) to use your personal information for a specific purpose, or in situations where your permission can be inferred (implied consent). You can withdraw your consent at any time.

In some exceptional cases, we may be legally permitted under applicable law to process your information without your consent, including:

If collection is clearly in the interests of an individual and consent cannot be obtained in a timely way
For investigations and fraud detection and prevention
For business transactions provided certain conditions are met
If disclosure is required to comply with a subpoena, warrant, court order, or rules of the court relating to the production of records
If the information is publicly available and is specified by the regulations

6. Data Processing & Flow

6.1 Authentication Flow

You click "Sign in with Google".
Google's OAuth consent screen is shown (managed by Google).
Upon approval, Firebase Authentication receives your Google credentials and creates/updates your identity record.
The App receives your profile (email, name, photo URL, UID) and stores it locally on your device.
A Google OAuth token is stored locally to enable Google Drive access.

6.2 Contract Management Flow

You create or edit a contract via the App's form.
Contract data (including any attached documents) is saved to your device's local storage.
If auto-sync is enabled, a sync is triggered after a short delay (2 seconds).
During sync, contract data is encrypted (AES-256-GCM) and uploaded to your Google Drive app folder. Document binary content is excluded from the upload.

6.3 AI Analysis Flow

You upload a PDF or image and choose to analyze it.
Text is extracted from the document entirely on your device (using PDF.js or Tesseract.js OCR).
The App sends the request (up to 4,000 characters of extracted text) to our serverless proxy, which verifies your Firebase authentication token before forwarding it to the Groq API.
Groq returns a JSON result with extracted fields (title, dates, amounts, category).
The AI response is validated and sanitized (schema validation, type enforcement, dangerous character removal) before being used to pre-fill contract form fields locally.

7. AI Processing

The App offers an optional AI-powered feature to analyze contract documents and extract key information.

Property	Detail
AI Service Provider	Groq, Inc. (San Francisco, USA)
AI Model	Llama 3.3 70B Versatile (hosted by Groq)
Data Sent	Up to 4,000 characters of text extracted from your uploaded contract document
When Data Is Sent	Only when you initiate an analysis — never automatically
Authentication	Every AI request requires a valid Firebase authentication token, which is verified server-side (JWT signature validated against Google's public JWKS) before the request is forwarded to Groq
Response Validation	All AI-extracted fields are validated and sanitized (schema validation, type enforcement, maximum length limits, dangerous character removal) before being used in the App
Data Stored by Groq	Per Groq's API terms, input data is not used for model training. Groq may temporarily log API requests for abuse prevention, debugging, and compliance purposes. We recommend reviewing Groq's Privacy Policy for the most current information on their data retention practices.
What May Be Included in Text	Depending on your contract content: company names, addresses, contract numbers, financial figures, IBANs, dates, email addresses, phone numbers, or other information present in the document
User Notice	A privacy notice is displayed in the App before analysis is performed

Note: Text extraction from documents (PDF parsing and OCR) is performed entirely on your device. Only the extracted text (not the original file) is sent to Groq, and only when you explicitly initiate the analysis.

7a. AI-Generated Cancellation Emails

The App includes a contract cancellation assistance feature that uses AI (Groq API, Llama 3.3) to generate draft cancellation email text based on your contract details (provider name, contract number).

This feature is user-initiated only — you must explicitly request it.
Minimal contract metadata (provider name, contract reference) is sent to Groq's API to generate the email text.
The generated text is presented to you for review. The App then opens your device's email client — no email is sent automatically by the App.
Groq's data handling policies apply as described in Section 7 above.

7b. Premium Points System

The App features a points-based system that allows users to unlock AI-powered PDF analysis scans.

Points are earned through promotional codes that can be redeemed within the App.
Point balances and redemption history are stored locally on your device (localStorage).
No payment information, credit card data, or financial transactions are involved.
Point data is included in encrypted backups if you use the export feature, but is not synced to Google Drive.
The premium system does not collect any additional personal data beyond what is already described in this policy.

8. Third-Party Services

The App integrates with the following third-party services:

Service	Provider	Purpose	Data Shared
Firebase Authentication	Google LLC	User authentication (Google Sign-In)	Email, display name, profile photo URL, Google OAuth credentials
Google Drive API	Google LLC	Cloud sync (optional, user-initiated)	Encrypted contract data (excluding document files), encrypted settings, sync metadata — stored in your own Google Drive
Google OAuth 2.0	Google LLC	Authorization for Google Drive access	Standard OAuth credential exchange
Groq API	Groq, Inc.	AI contract text analysis (optional, user-initiated)	Up to 4,000 characters of extracted contract text. Data is sent via our authenticated serverless proxy to Groq's servers in the USA for processing. Not used for model training; may be temporarily logged.
Vercel (Serverless Proxy)	Vercel Inc.	Authenticated proxy for AI requests — verifies Firebase tokens and forwards requests to Groq	Firebase ID token (for verification only), extracted contract text (transient — not stored or logged)
Google Fonts CDN	Google LLC	Loading application fonts	Your IP address (standard HTTP request)
jsDelivr / unpkg CDN	jsDelivr / unpkg	Downloading OCR language model (on first use of document scanning)	Your IP address (standard HTTP request)

Google OAuth Scopes

When you sign in and authorize Google Drive access, the App requests the following OAuth scope:

https://www.googleapis.com/auth/drive.appdata — Access only to the hidden, app-specific folder in your Google Drive. The App cannot access your regular Google Drive files.

Standard Firebase Authentication scopes (email, profile, openid) are included implicitly.

Google API Services User Data Policy

Our use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Social Login (Google Sign-In)

The App offers you the ability to register and log in using your Google account. Where you choose to do this, we receive certain profile information from Google, specifically: your name, email address, and profile picture. We do not receive your friends list, contacts, or any other social information.

We will use the information we receive only for the purposes described in this Privacy Policy. We do not control, and are not responsible for, other uses of your personal information by Google. We recommend that you review Google's Privacy Policy to understand how they collect, use, and share your personal information.

Third-Party Websites

The App may contain links to third-party websites or services that are not operated by us. We are not responsible for the privacy practices of any third-party websites. We encourage you to review the privacy policies of any third-party services you access through the App.

Business Transfers

We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company. If such a transfer occurs, the acquiring party will be bound by the terms of this Privacy Policy.

9. Cookies & Tracking

9.1 Cookies

The App uses one functional cookie:

Cookie Name	Purpose	Duration	Type
`sidebar_state`	Remembers whether the sidebar is open or closed (stores `true` or `false`)	7 days	Strictly necessary / Functional (first-party)

The App does not use any tracking, advertising, or third-party cookies.

9.2 Analytics & Tracking

The App does not use any analytics or tracking services. Specifically:

No Google Analytics — while a measurement ID exists in the Firebase configuration, the Analytics SDK is not loaded or initialized. No analytics data is collected or transmitted.
No other analytics — no Mixpanel, Amplitude, or similar services.
No advertising SDKs or ad tracking.
No device fingerprinting.

9.3 Crash Reporting

The App does not use external crash reporting services (no Sentry, Crashlytics, or similar). Application errors are logged locally on your device for debugging purposes only and are never transmitted to any external server. Sensitive data (such as contract text content and AI responses) is not included in any local diagnostic logs.

9.4 Do-Not-Track Signals

Most web browsers and some mobile operating systems include a Do-Not-Track ("DNT") feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. Since the App does not use any analytics, tracking, advertising, or profiling technologies, DNT signals have no practical effect on how the App operates — we do not track you regardless of whether DNT is enabled.

10. Data Security

10.1 Encryption

Cloud sync data is encrypted using AES-256-GCM with PBKDF2 key derivation (100,000 iterations, SHA-256) before being uploaded to your Google Drive. Encryption keys are derived on a per-user basis from your Firebase UID, ensuring that each user's cloud data is encrypted with a unique key that only their account can decrypt.
Local backup exports (.cmbackup files) are encrypted using AES-256-GCM.
Local device storage is protected by your device's own security mechanisms (device lock, OS-level encryption).

10.2 Data Transmission

All communication with third-party services (Firebase, Google Drive, Groq) uses HTTPS/TLS encryption in transit.
Google OAuth tokens are stored locally and transmitted only to Google APIs.
The App enforces a Content Security Policy (CSP) that restricts which domains can serve scripts, styles, frames, and network connections, reducing the risk of cross-site scripting (XSS) and data injection attacks.
Additional security headers are deployed: X-Frame-Options (DENY), X-Content-Type-Options (nosniff), strict Referrer-Policy, and a Permissions-Policy that limits browser feature access.

10.3 Access Control

Your Google Drive app folder is accessible only via your own Google OAuth token — we cannot access it.
Firebase Authentication records are managed within our Firebase project, but contract data is not stored there.
AI analysis requests require server-side verification of your Firebase ID token (JWT signature validated against Google's public JWKS) — unauthenticated requests are rejected.

11. Data Retention

Local data: Retained on your device until you delete it, clear the App's data, or uninstall the App.
Google Drive data: Retained in your Google Drive until you delete it via the App's "Delete All Cloud Data" option, or revoke the App's access in your Google account settings.
Firebase Authentication record: Retained until you delete your account via the App or we remove inactive accounts.
Groq AI processing: Per Groq's API terms, your text data is not used for model training. Groq may temporarily log requests for abuse prevention and compliance. See Groq's Privacy Policy for details.

12. Your Rights (EEA, UK, Switzerland — GDPR)

If you are located in the EEA, UK, or Switzerland, you have the following rights under applicable data protection laws:

Right	How to Exercise
Right of Access (Art. 15)	All your data is stored locally on your device and visible within the App. You can also view your cloud data by syncing.
Right to Rectification (Art. 16)	You can edit any contract or setting directly within the App.
Right to Erasure (Art. 17)	You can delete individual contracts within the App. You can delete all cloud data via Settings → "Delete All Cloud Data". You can delete your account via Settings → "Delete Account" (removes your Firebase identity record). You can clear all local data by clearing the App's browser/app storage.
Right to Data Portability (Art. 20)	You can export all your contracts as an encrypted backup file (.cmbackup ZIP) or as PDF documents via the App's export features.
Right to Restrict Processing (Art. 18)	You can use the App in guest mode without signing in. You can disable cloud sync at any time. AI analysis is always optional.
Right to Withdraw Consent (Art. 7(3))	You can sign out at any time. You can disconnect Google Drive sync at any time. You can choose not to use AI analysis.
Right to Object (Art. 21)	Contact us using the details below.

13. US State Privacy Rights

If you are a resident of California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, Virginia, or other US states with privacy laws, you may have additional rights regarding your personal information.

13.1 Categories of Personal Information We Collect

Category	Examples	Collected?
A. Identifiers	Email address, display name, unique user ID, IP address	Yes
B. Personal information (California Customer Records)	Name, email address	Yes
C. Protected classifications	Race, gender, age, etc.	No
D. Commercial information	Purchase history, payment information	No
E. Biometric information	Fingerprints, voiceprints	No
F. Internet or network activity	Browsing history, search history	No
G. Geolocation data	Device location	No
H. Audio, electronic, sensory data	Images, audio recordings	No
I. Professional or employment information	Job title, work history	No
J. Education information	Student records	No
K. Inferences from collected data	Profiles or predictions about preferences	No
L. Sensitive personal information	Health, race, religion, sexual orientation, etc.	No

We retain collected personal information (Categories A and B) for as long as you have an account with us.

13.2 Your Rights Under US State Privacy Laws

Depending on your state of residence, you may have the right to:

Know whether we are processing your personal data
Access your personal data
Correct inaccuracies in your personal data
Request deletion of your personal data
Obtain a copy of the personal data you previously shared with us
Non-discrimination for exercising your rights
Opt out of the processing of personal data for targeted advertising, sale of personal data, or profiling

Note: We do not sell your personal information. We do not use your personal information for targeted advertising. We do not engage in profiling that produces legal or similarly significant effects.

13.3 How to Exercise Your Rights

To exercise these rights, you can contact us at contract.manager.tprom@gmail.com or by submitting a data subject access request. We will verify your identity before processing your request by matching information you provide against the information we hold.

13.4 California "Shine The Light" Law

California Civil Code Section 1798.83 ("Shine The Light") permits California residents to request information about personal information disclosed to third parties for direct marketing purposes. We do not disclose personal information to third parties for direct marketing purposes.

13.5 Appeals

If we decline to take action regarding your request, you may appeal our decision by emailing us at contract.manager.tprom@gmail.com. We will inform you in writing of any action taken or not taken in response to the appeal. If your appeal is denied, you may submit a complaint to your state attorney general.

14. Data Deletion

14.1 Available Deletion Actions

Action	What Is Deleted	Permanent?
Delete individual contract	Contract record, associated reminders, and status tracking from local storage	Yes (locally). Reflected in cloud on next sync.
Delete All Cloud Data	All files in your Google Drive app folder (contracts, settings, sync metadata)	Yes. Local data is not affected.
Delete Account	Your Firebase Authentication identity record and local authentication tokens	Yes. Your local contracts and Google Drive data should be deleted separately.
Sign Out	Authentication session and OAuth tokens from local storage	Your data remains on device and in cloud.
Disconnect Google Drive	Local sync state only	Cloud data remains in your Google Drive until you delete it.
Clear App Data (browser/OS)	All local storage, session storage, cookies, and cached data	Yes for local data. Cloud data is not affected.

14.2 Cloud Sync & Deletion

When you delete a contract locally, it is marked as deleted for sync purposes and will be removed from the cloud on the next sync.
During sync, if a contract was deleted on one device but still exists on another, you will be prompted to confirm the deletion or restore the contract.
A pre-sync backup is automatically created before any sync operation, allowing recovery if needed.

15. Notifications

The App can send local notifications to remind you about upcoming contract expirations.
Notifications are scheduled and delivered entirely on your device (using the browser's Notification API on web, and Capacitor Local Notifications on Android).
No push notification server (such as Firebase Cloud Messaging) is used.
Notification content includes: contract title, amount, currency, and days until expiry.
You can enable or disable notifications per contract and globally in Settings.

16. Children's Privacy

The App is not directed at children under the age of 16. We do not knowingly collect personal data from children. If you believe a child has provided personal data through the App, please contact us and we will take steps to delete that information.

17. Android Permissions

The Android version of the App requests the following permissions:

Permission	Purpose
Internet	Required for authentication, cloud sync, and AI analysis
Storage (Read/Write)	Import and export contract files and backups
Post Notifications	Deliver local contract reminder notifications (Android 13+)
Vibrate	Haptic feedback for notifications
Schedule Exact Alarm	Schedule precise contract reminder notifications
Receive Boot Completed	Re-schedule reminder notifications after device restart

The App does not request access to your location, camera, microphone, contacts, or phone.

18. International Data Transfers

Your data may be processed outside your country of residence through the following services:

Firebase Authentication — operated by Google LLC (USA). Google complies with international data transfer frameworks.
Google Drive — operated by Google LLC (USA). Data is stored in your Google account under Google's terms.
Groq API — operated by Groq, Inc. (USA). Used only when you initiate AI analysis; data is not stored.

These services may process data in the United States or other countries. We rely on these providers' compliance with applicable data protection regulations, including appropriate safeguards for international data transfers as required by the GDPR.

19. Changes to This Policy

We may update this Privacy Policy from time to time. The updated version will be indicated by an updated "Last Updated" date at the top of this page. If we make material changes, we may notify you by prominently posting a notice within the App. We encourage you to review this policy periodically for any changes. Continued use of the App after changes are posted constitutes acceptance of the updated policy.

20. Contact Us

If you have questions about this Privacy Policy or wish to exercise your data protection rights, please contact us:

Developer: TProM Team
Email: contract.manager.tprom@gmail.com

You also have the right to lodge a complaint with your local data protection supervisory authority if you believe your data has been processed in violation of the GDPR.

21. How Can You Review, Update, or Delete Your Data?

Based on the applicable laws of your country or state of residence, you may have the right to request access to the personal information we collect from you, details about how we have processed it, correct inaccuracies, or delete your personal information. You may also have the right to withdraw your consent to our processing of your personal information.

To review, update, or delete your personal information, you can:

View and edit your contract data directly within the App
Export your data via the App's backup/export features
Delete individual contracts, cloud data, or your account through the App's Settings
Submit a data subject access request by contacting us at contract.manager.tprom@gmail.com