Privacy Policy

Effective date: January 31, 2026 · Last updated: March 24, 2026

Introduction

Modus ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application Modus (the "App").

Please read this Privacy Policy carefully. By using the App, you agree to the collection and use of information in accordance with this policy. If you do not agree with the terms of this Privacy Policy, please do not access the App.

Information We Collect

Information You Provide Directly

Account Information

• Email address (required for account creation)
• Display name (optional)
• Profile picture/avatar (optional)

Time Management Data

• Time budgets and weekly hour allocations across life domains (Career, Health, Relationships, Personal Development, Home Life)
• Time entries (activities logged with duration and date)
• Practices and categories you create
• Weekly priorities and commitments
• Planned time blocks

Personal Reflection Data

• Check-in entries including self-reported ratings for energy level, mood, perceived load, sense of agency, and alignment with goals
• Emotion selections
• Optional notes

Identity Statements

• Personal "I am becoming..." statements you create for self-motivation

Information Collected Automatically

Device Information

• Device type and model
• Operating system and version
• Device platform (iOS or Android)
• Push notification token (if notifications are enabled)

Usage Data

• App interaction patterns (for internal analytics only)
• Feature usage statistics
• Error logs for debugging purposes

Information from Third-Party Services

Authentication Providers

When you choose to sign in using Google or Apple Sign-In, we receive your email address, display name (if provided by the authentication service), and profile picture URL (if provided). We do not receive or store your passwords from these services.

Apple Health (Optional)

If you grant Apple Health access, Modus may read health-related data including sleep duration, workout activity, and general activity metrics. Apple Health serves as a hub for data from devices such as Apple Watch, Garmin, Whoop, Fitbit, and Oura. Health data accessed through Apple Health is used solely to provide the Service to you. We do not sell health data, use it for advertising, or share it with third parties. Health data is handled in accordance with Apple's HealthKit guidelines. You can revoke Apple Health access at any time through your device settings.

Calendar Integration (Optional)

If you grant calendar access, we may read calendar names to display available calendars and create calendar events for protected time blocks. We do not read, store, or access your existing calendar events.

Model Context Protocol (MCP) Connection

Modus allows you to connect your declared context to third-party AI tools (such as Claude and ChatGPT) through the Model Context Protocol (MCP). When you establish an MCP connection, the connected AI tool can access your identities, commitments, modes, emphasis settings, check-in data, and time data in a read-only capacity.

The MCP server does not write to or modify your data. It only surfaces the context you have declared in Modus. You control which AI tools are connected and can disconnect any MCP connection at any time, which immediately ends that tool's access to your context.

Modus does not control how third-party AI tools process the context they receive through MCP. Your use of those tools is governed by their respective terms of service and privacy policies.

MCP authentication is handled through OAuth 2.1, and connections require your explicit authorization before any data is shared.

How We Use Your Information

Provide Core App Functionality

• Create and manage your account
• Enable time budgeting, tracking, and planning features
• Store your personal reflections and check-ins
• Display your progress, patterns, and analytics
• Surface your declared context to connected AI tools through MCP

Send Notifications (with your permission)

• Remind you of planned time blocks
• Send weekly reflection prompts
• Notify you about important updates

Improve the App

• Analyze aggregated, anonymized usage patterns
• Identify and fix bugs
• Develop new features

Communicate with You

• Respond to support requests
• Send important account-related notices

Data Storage and Security

Where Your Data is Stored

Your data is stored securely on Supabase, a cloud-hosted PostgreSQL database service. Supabase servers are located in secure data centers with industry-standard physical and digital security measures.

How We Protect Your Data

• Encryption in Transit: All data transmitted between the App and our servers uses TLS/SSL encryption
• Encryption at Rest: Database contents are encrypted at rest
• Row-Level Security: Database access controls ensure you can only access your own data
• Secure Authentication: We use Supabase Auth with secure token management
• Secure Local Storage: Sensitive data on your device is stored using secure storage mechanisms (iOS Keychain / Android Keystore)
• MCP Authentication: MCP connections are secured through OAuth 2.1 with token-based access control

Data Retention

• Your data is retained as long as your account is active
• Upon account deletion, all your data is permanently removed from our systems within 30 days
• Backups containing deleted data are purged within 90 days

Third-Party Services

Supabase

• Purpose: Database hosting, authentication, and backend services
• Data Shared: All user data is stored in Supabase
• Privacy Policy: supabase.com/privacy

Auth0

• Purpose: OAuth 2.1 authentication for MCP server connections
• Data Shared: Authentication tokens and user identifiers for MCP authorization
• Privacy Policy: auth0.com/privacy

Expo

• Purpose: App development framework and push notification delivery
• Data Shared: Push notification tokens, device information for notifications
• Privacy Policy: expo.dev/privacy

Google Sign-In (Optional)

• Purpose: Authentication
• Data Received: Email, display name, profile picture
• Privacy Policy: policies.google.com/privacy

Apple Sign-In (Optional)

• Purpose: Authentication
• Data Received: Email (may be a private relay email), name
• Privacy Policy: apple.com/legal/privacy

What We Do NOT Do

• No Advertising: Modus contains no advertisements
• No Selling of Data: We never sell your personal information to third parties
• No Model Training: Your data is not used to train AI models
• No Third-Party Analytics Sharing: We do not share your behavioral data with external analytics services
• No Social Features: Your data is private and not shared with other users
• No Data Mining: We do not analyze your personal content for marketing purposes

Your Rights and Choices

Access Your Data: You can view all your data within the App at any time.

Export Your Data: You can export a copy of your data through Settings. This provides you with a complete copy of your information in a portable format.

Delete Your Data: You can delete your account and all associated data through Settings. This action is permanent and cannot be undone.

Manage Notifications: You can enable or disable push notifications at any time through your device settings or within the App settings.

Revoke Calendar Access: You can revoke calendar permissions at any time through your device settings.

Revoke Apple Health Access: You can revoke Apple Health permissions at any time through your device settings.

Manage MCP Connections: You can view, connect, and disconnect MCP connections to AI tools at any time within the App. Disconnecting immediately ends that tool's access to your context.

Manage Authentication: You can disconnect third-party sign-in providers through your account settings.

Children's Privacy

Modus is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at the email address below. If we discover that a child under 13 has provided us with personal information, we will delete such information from our servers promptly.

International Data Transfers

If you are accessing the App from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States or other countries where our service providers operate. By using the App, you consent to the transfer of your information to these countries.

California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• Right to Know: You can request information about the categories and specific pieces of personal information we have collected about you
• Right to Delete: You can request deletion of your personal information
• Right to Opt-Out: You can opt out of the sale of your personal information (note: we do not sell personal information)
• Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights

To exercise these rights, please contact us using the information provided below.

European Privacy Rights (GDPR)

If you are in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR):

• Right to Access: Request a copy of your personal data
• Right to Rectification: Request correction of inaccurate data
• Right to Erasure: Request deletion of your data
• Right to Restrict Processing: Request limitation of how we use your data
• Right to Data Portability: Receive your data in a portable format
• Right to Object: Object to processing of your data
• Right to Withdraw Consent: Withdraw consent at any time

Legal Basis for Processing:

• Consent: You have given consent for specific purposes (e.g., notifications, Apple Health access, MCP connections)
• Contract: Processing is necessary for the performance of our service
• Legitimate Interests: Processing for our legitimate business interests where not overridden by your rights

To exercise these rights, please contact us using the information provided below.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy within the App, updating the "Last Updated" date at the top of this policy, and sending you a notification for material changes.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted.

Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us at:

Email: mike@mymodus.app

Mailing Address:
Modus Solutions, LLC
662 Pacific St
Brooklyn, NY 11217

App Store Specific Information

Apple App Store

This app uses the following data types as defined by Apple's App Privacy requirements:

Data Linked to You: Contact Info (email address), Identifiers (user ID), Health (if Apple Health is connected)

Data Used to Track You: None

Data Not Linked to You: Diagnostics (crash data, performance data)

Google Play Store

This app's data safety disclosures:

Data Collected: Email address (account management), Name (account management, optional)

Data Shared: None shared with third parties

Security Practices: Data encrypted in transit, data can be deleted by user request