Privacy Policy

TournaHub Solutions Private Limited (“TournaHub Solutions Pvt. Ltd.”, “we”, “us”, or “our”) operates Finite— the stoic productivity app that counts down your finite days, tracks your goals, and helps you spend less time on apps that steal your attention. This Privacy Policy describes how we collect, use, share, and safeguard your information across the Finitemobile app (iOS and Android), web app, and Chrome browser extension (collectively, the “Platform”).

By using the Platform, you agree to the collection and use of information in accordance with this policy. If you do not agree, please do not use Finite.

We collect different data depending on which surface you use. We collect only what we need to make Finite work for you.

a. Mobile app (iOS & Android)

• Account: first name, email (via Google Sign-in / Supabase OAuth), date of birth (used only to compute your age and remaining days), expected lifespan.
• Goals: goal text you type or speak. Voice goals are streamed to Deepgram for transcription; the audio is processed in transit and is never stored on our servers or yours.
• Screen Time / social-media usage: on iOS, aggregated minutes per app category and (if you opt into Per-app mode) per individual app, via Apple’s Family Controls and Device Activity APIs. On Android, daily minutes from the Usage Access permission. Only durations are recorded — never the content you view.
• Device data: device type, OS version, locale, and crash diagnostics for stability.
• Push notification token: APNs (iOS) or FCM (Android) device token, used solely to deliver reminders you opt into.
• Subscription: RevenueCat purchase tokens and entitlement state. We never see your full payment instrument; billing happens inside Apple, Google, or Stripe.
• On-device cache:your preferences, today’s minutes, and goal lists are cached locally in MMKV under namespaced keys scoped to your user id. Signing out wipes the entire finite_* namespace.

b. Web app

• Email and Google account data via Supabase OAuth.
• Goal text, life-expectancy and DOB if you choose to manage them on the web.
• IP address and basic browser metadata (user-agent, locale) for security, rate limiting, and aggregated analytics.
• If you opt into the leaderboard, your chosen display name and aggregate goal-completion stats are visible to other opted-in users.

c. Chrome browser extension

• Email via Google Sign-in through chrome.identity.
• Time you spend on seven specific social domains — Instagram, YouTube, TikTok, X (Twitter), Reddit, and Snapchat — measured by tab focus, idle, and window-blur events. We do not have, do not request, and cannot read browsing data from any other site.
• Extension version and locale for debug telemetry.

• Apple Family Activity tokens never leave your device. Apple’s privacy model forbids server-side persistence of those tokens; they live only in your device’s Keychain.
• No audio recordings. Voice goals are transient.
• No content of social media you view — only the duration spent in the app.
• No browsing history outside the seven social domains listed above for the extension.
• No precise location, contacts, photos, microphone, camera, or biometric data outside the in-product features that explicitly request and disclose them.

• Operate the death counter, goal tracker, and Time Guardian.
• Validate goal ambition with Google Gemini (text only; never your account email or name) and to power the wisdom-corpus reminder engine.
• Send notifications you have opted into (morning, evening, threshold alerts).
• Render the leaderboard if and only if you opt in.
• Process subscriptions through RevenueCat and the app stores.
• Diagnose crashes and improve performance.
• Detect abuse, comply with legal obligations.

We use the following sub-processors to operate the Platform. Each is bound by their own privacy and security commitments:

• Supabase— authentication.
• MongoDB Atlas — primary data store and Atlas Vector Search.
• Google Gemini — AI goal validation and notification copy (RAG).
• Deepgram— speech-to-text for voice goals.
• RevenueCat— subscription management.
• DigitalOcean — hosting (Mumbai region by default).
• Sentry— error monitoring (crash diagnostics).
• Apple App Store, Google Play, and the Chrome Web Store — distribution and billing.

We do not sell your personal data. We do not share it for advertising purposes.

Data is encrypted in transit (TLS 1.2+) and at rest within our providers. On-device storage is namespaced per user id; signing out wipes the namespace. We use commercially reasonable administrative, technical, and physical safeguards, but no method of electronic transmission or storage is 100% secure.

We retain your data only as long as your account is active or as required by law. You can delete your account at any time from Settings → Profile → Delete account in the mobile app. Account deletion permanently removes your server data and wipes all local finite_* keys on the device where you triggered it. Backups expire within 30 days.

Finite is not directed to anyone under 13. We do not knowingly collect personal information from children under 13. If you believe we have, please contact us and we will delete it promptly.

• With the sub-processors listed in section 4, only as needed to operate the Platform.
• To comply with applicable law, court order, or lawful government request.
• To protect our rights, property, or the safety of our users.
• With your consent (e.g., the leaderboard is visible only because you opted in).
• In connection with a merger, acquisition, or sale of assets — you will be notified before your data is transferred to a new controller.

Your information may be processed in India (our default hosting region) and in countries where our sub-processors operate. We take steps to ensure transfers comply with applicable law and that your data is treated with the same care described here.

Depending on your jurisdiction (notably the EU GDPR and India’s Digital Personal Data Protection Act, 2023), you may have the right to:

• Access and receive a copy of your personal data.
• Correct inaccurate or incomplete data.
• Delete your data (subject to legal retention exceptions).
• Object to or restrict certain processing.
• Withdraw consent at any time, without affecting prior processing.
• Lodge a complaint with your supervisory authority.

To exercise these rights, email us at pritam@tournahub.com. Most account-level rights can also be exercised directly in Settings inside the app.

The web app uses essential cookies for Supabase authentication sessions. We do not use cookies or local storage for advertising or third-party tracking. The Chrome extension uses chrome.storage.localonly for your auth token and today’s minute counters.

If TournaHub Solutions Pvt. Ltd. is involved in a merger, acquisition, or sale of assets, your data may transfer as part of that transaction. We will notify you via email or an in-product notice before any such transfer.

We may update this Privacy Policy from time to time. We will post the revised version at https://finiteapp.pro/privacy with an updated “Effective” date. Material changes will be notified via email or in-product banner.