Privacy & Data
How your data is stored, protected, and 100% under your control
Our Core Privacy Promise
GoingOffline stores 100% of your productivity data locally in your browser. Your tasks, projects, goals, and focus sessions never leave your device.
What we do store: We use Supabase (a secure auth provider) to store your email and payment status for trial/license verification. This allows us to manage your account while keeping your actual productivity data 100% local.
What Data Goes Where?
We use a hybrid approach: productivity data stays local, account data lives on secure servers (Supabase). Here's the complete breakdown:
Stored Locally (IndexedDB)
- β’ Tasks: All tasks, subtasks, completion history
- β’ Projects: Project structure and organization
- β’ Goals: Goal hierarchies, milestones, progress
- β’ Focus Sessions: Time tracking, interruptions, session data
- β’ Settings: Preferences (timer duration, theme, etc.)
- β’ OpenAI API Key: If you add one (encrypted)
This is your actual work - it never leaves your device.
Stored on Servers (Supabase)
- β’ Email address: For login and communication
- β’ User ID: Anonymous identifier
- β’ Trial start date: To track your 7-day trial
- β’ Plan type: Trial, annual, or lifetime
- β’ Payment status: Active, expired, or trial
- β’ OAuth tokens: If you use Google/X login
This is just account metadata - no productivity data.
What We DON'T Collect:
- β’ No analytics: We don't track which features you use
- β’ No telemetry: We don't collect crash reports or errors
- β’ No usage data: We don't know how often you use the app
- β’ No task content: We never see what you're working on
- β’ No location tracking: We don't track where you are
Why Supabase? We use Supabase (an open-source Firebase alternative) for authentication and payment verification. This allows us to manage trials and licenses without building custom auth infrastructure. Supabase is SOC 2 Type II certified and stores data in encrypted PostgreSQL databases. View Supabase's Privacy Policy
Where is Your Data Physically?
Your data lives in these locations on your device only:
π₯οΈ Desktop (Chrome/Edge)
~/Library/Application Support/Google/Chrome/Default/IndexedDB
π¦ Desktop (Firefox)
~/Library/Application Support/Firefox/Profiles/[profile]/storage/default
π Desktop (Safari)
~/Library/Safari/Databases
π± Mobile (iOS/Android)
Inside the browser's sandboxed storage (inaccessible to other apps)
Important: This data is isolated per-browser. If you use Chrome on your laptop and Safari on your phone, they have separate databases. There's no sync (by design).
How is Your Data Protected?
- βBrowser-level encryption
Modern browsers encrypt IndexedDB data at rest using your operating system's encryption. On macOS, this is FileVault. On Windows, it's BitLocker.
- βSame-origin policy
Browsers prevent other websites from accessing GoingOffline's data. Only our app (goingoffline.app) can read it.
- βHTTPS-only
GoingOffline is served over HTTPS, preventing man-in-the-middle attacks when you load the app.
- βNo network requests
The app works 100% offline after first load. Your data never leaves your device (except when you explicitly use AI features with your own OpenAI key).
Export Your Data Anytime
You own your data. You can export everything as JSON anytime:
- 1.Go to Settings β Data Management
- 2.Click "Export All Data"
- 3.A JSON file downloads with all tasks, projects, goals, and settings
Use cases for export:
- β’ Backup your data to Dropbox/Google Drive
- β’ Move to a different browser
- β’ Analyze your productivity data in Excel/Python
- β’ Keep a snapshot before major changes
Delete Your Data Anytime
Want to start fresh or stop using GoingOffline? You can permanently delete all data:
- 1.Go to Settings β Data Management
- 2.Click "Delete All Data"
- 3.Confirm the action (this is irreversible!)
β οΈ This is permanent
Once deleted, your data is gone forever. We can't recover it (because we never had it). Export a backup first if you're unsure.
Alternatively, you can clear browser data via your browser's settings (e.g., Chrome β Settings β Privacy β Clear browsing data β Cookies and site data).
What About Browser Sync (Chrome, Firefox, etc.)?
Some browsers (like Chrome) offer to sync data across your devices. Does this affect GoingOffline?
The Short Answer: No
Browser sync (like Chrome Sync) does not sync IndexedDB data by default. It syncs bookmarks, passwords, and settingsβbut not web app databases.
This means your GoingOffline data on your laptop stays on your laptop. Your phone's GoingOffline data stays on your phone. They're separate.
Why no sync? We deliberately avoid cloud sync to protect your privacy. If you want your data on multiple devices, you can export from one and import to another.
What About AI Features and Privacy?
If you use AI features (task breakdown, goal slicing), here's what happens:
We don't proxy requests. Your browser talks directly to OpenAI.
We don't bulk-send your entire task list. You control what gets processed.
By default, OpenAI doesn't use API data for training. Check their data usage policy.
The AI communication happens entirely between your browser and OpenAI.
For more details, see the AI Integration docs.
The Bottom Line
GoingOffline is built on a simple principle: your data belongs to you. Not us, not investors, not advertisers. You.
We can't access your tasks because we literally don't have the technical capability. There's no database to hack, no server to subpoena, no cloud to breach.
Your productivity data lives in your browser, on your device, under your control. Period.