asheeve.
Sign In Start free
Legal

Privacy Policy

Last updated: April 29, 2026

Asheeve ("we", "our", or "us") is a personal productivity application. This policy explains what data we collect, why, and how we protect it. By using Asheeve you agree to the practices described here.

1. Data we collect

  • Account data — email address, first and last name, password hash (bcrypt).
  • Content data — visions, objectives, projects, tasks, journal entries, and context tags you create inside the app.
  • Usage data — page views and task-completion events stored in our event log to power KPI dashboards. No third-party analytics.
  • Preference data — dashboard personality, layout style, locale cookie.

2. How we use your data

  • Operate and deliver the Asheeve service to you.
  • Compute behavioral KPIs (alignment, momentum, lead time, etc.) shown in your dashboard.
  • Send transactional emails (email verification, password reset) via Resend. No marketing emails without your explicit opt-in.
  • Monitor application errors via Sentry (stack traces only — no user content).

3. Data sharing

We do not sell your data. We share it only with the sub-processors required to run the service:

  • Resend — transactional email delivery.
  • Sentry — error monitoring (anonymised stack traces).
  • Hosting provider — the server and database hosting Asheeve data.

All sub-processors are bound by data processing agreements.

4. Data retention

Your data is retained for as long as your account is active. You can export all your data at any time from your profile page. Deleting your account permanently removes all associated data within 30 days.

5. Security

Passwords are hashed with bcrypt. All data is transmitted over HTTPS. Access tokens are stored as HTTP-only cookies (not accessible to JavaScript). The database is not publicly accessible.

6. Your rights

You have the right to access, correct, export, or delete your personal data at any time. Use the export feature in your profile, or contact us directly.

7. Cookies

  • access_token — HTTP-only, session authentication (24 h).
  • a_refresh_token — HTTP-only, session refresh (15 days).
  • locale — language preference (1 year).

No advertising or tracking cookies.

8. Changes to this policy

We may update this policy. Significant changes will be notified by email. The "last updated" date at the top reflects the most recent revision.

9. Contact

Questions? Email us at privacy@asheeve.com.

← Back to home