Privacy Policy

Effective Date: June 13, 2025

Information We Collect

OnMyList is designed with privacy in mind. We collect only the information necessary to provide you with our contact management and scheduling services:

  • Account Information: Email address and authentication details when you sign up
  • Contact Information (Optional): Names, phone numbers, and relationship tags you add to organize your contacts
  • Notes and Call History (Optional): Conversation notes and call records you choose to save
  • Scheduling Preferences (Optional): Your frequency settings, preferred contact hours, and scheduling configurations
  • Usage Data: Anonymous app usage statistics to improve our service

How We Use Your Information

We use your information solely to provide and improve OnMyList's services:

  • Schedule and send contact reminders based on your preferences
  • Store your conversation notes and call history for your reference
  • Provide AI-powered conversation suggestions when enabled
  • Sync your data across your devices
  • Improve app performance and fix bugs

Third-Party Contact Information

🔒 Your Consent is Required

Before storing any contact information about your friends, family, or colleagues, OnMyList requires you to confirm that you have their permission to include their personal details in our app.

Contact Information We Store

When you add contacts to OnMyList, we collect and store the following encrypted information, only with your consent:

  • Contact Details (Optional): First name, last name, phone number, email address
  • Relationship Information (Optional): How you categorize your relationship with this person
  • Communication History (Optional): Call notes, scheduled reminders, interaction timestamps
  • Profile Photos (Optional): Optional contact photos you upload
  • Server Storage for Syncing (Optional): Contact information is uploaded to our secure servers to enable syncing across your devices

User Attestation Process

Before storing any third-party contact information on our servers, OnMyList requires you to:

  • Confirm you have permission from each person to store their information
  • Certify that they are aware their information will be used for scheduling reminders
  • Acknowledge your responsibility to respect their privacy preferences

This consent confirmation is recorded with a timestamp and is required only once per user account. You can manage your consent preferences at any time in Settings → Privacy & Data.

Important Limitations

We DO NOT:

  • Contact your app contacts in any way
  • Share or sell contact information to third parties
  • Use contact data to build databases for marketing purposes
  • Send promotional messages to your contacts

Contact Data Deletion

When you delete your OnMyList account, all third-party contact information is permanently removed from our servers. This includes:

  • All contact names, phone numbers, and email addresses
  • Relationship categorizations and notes
  • Communication history and scheduled reminders
  • Profile photos and any other contact-related data

Information Sharing

We do not sell, rent, or share your personal information with third parties for marketing purposes. Your contact lists, notes, and relationship data remain private to you. We may share information only in these limited circumstances:

  • Service Providers: We use trusted services like Firebase for data storage and authentication, which may access your data to provide infrastructure services
  • AI Features: When you use AI conversation suggestions, anonymized conversation context may be processed by OpenAI or other providers to generate suggestions - this data is not stored and is optional
  • Legal Requirements: If required by law, court order, or government request
  • Safety: To protect the rights, property, or safety of OnMyList, our users, or others

Data Security

We implement comprehensive security measures to protect your information using industry-standard encryption and security practices:

🔐 Encryption Protection

  • Encryption at Rest: All data, notes, and personal information are automatically encrypted using AES-256 encryption before being stored on our servers
  • Encryption in Transit: All data transmitted between your device and our servers is protected using TLS (Transport Layer Security) encryption
  • Key Management: Encryption keys are managed by Google Cloud's Hardware Security Modules (HSM) with automatic key rotation and secure key storage
  • Database Security: Your data is stored in Google Cloud Firestore, which provides enterprise-grade security with automatic encryption and access controls

🛡️ Access Controls

  • User Isolation: Your data is completely isolated from other users through strict database security rules
  • Authentication: Secure sign-in methods including Apple Sign-In, Google Sign-In, and email/password with verification
  • Limited Team Access: Only authorized OnMyList team members have access to infrastructure, and no team member can view your personal data
  • Audit Logging: All database access is logged and monitored for security purposes

🔄 Security Practices

  • Regular security audits and vulnerability assessments
  • Automated security updates and patch management
  • Infrastructure hosted on Google Cloud Platform with enterprise-grade security certifications (SOC 2, ISO 27001, GDPR compliant)
  • Data backup and disaster recovery procedures to ensure data integrity
  • Point-in-time recovery enabled to protect against accidental data loss

✅ What This Means for You

Your personal information, call notes, and other personal data are protected by the same enterprise-grade encryption used by banks and healthcare providers. Even if our database were compromised, your personal information would remain encrypted and unreadable.

Your Rights and Choices

You have full control over your data:

  • Access: View all your data within the app at any time
  • Edit: Modify or update your contact information, notes, and preferences
  • Delete: Remove specific contacts, notes, or delete your entire account
  • Export: Download your data in standard formats through the app's export feature
  • Opt-out: Disable AI features, analytics, or notifications at any time
  • Account Deletion: Permanently delete your account and all associated data via our account deletion page

Cookies and Tracking

OnMyList is primarily a mobile app and does not use cookies extensively. Our website may use minimal analytics cookies to understand visitor behavior and improve our content. You can disable cookies in your browser settings.

Changes to Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes through the app or by email. Your continued use of OnMyList after changes are posted constitutes your acceptance of the updated policy.

Account Deletion

You have the right to delete your OnMyList account and permanently remove all your data.

Delete Your OnMyList Account

Learn about the deletion process and options available to you.

Contact Us

If you have any questions about this Privacy Policy, please contact us at [email protected].