PrivacyPomodoro Timer

Privacy Policy

This policy explains how Pomodoro Timer handles personal data when you use the site, the timer tools, and the contact form.

Effective date: 5 April 2026

Controller and contact details

Pomodoro Timer is the controller for the personal data described in this policy.

For privacy questions or rights requests, use the contact form.

What we process

We do not require accounts. Most timer functionality runs in your browser. We process information in the following situations.

Local browser storage

We store timer settings and saved task data on your device using localStorage. This can include your theme, alarm and sound preferences, custom timer durations, saved tasks and notes, tracked task time, daily and weekly focus history, whether task details open automatically, and whether you have dismissed the storage notice.

Contact form data

If you contact us through /contact, the form opens your email app with your name, email address, and message. We process that information only if you choose to send the email.

Email app hand-off

The contact form uses a mailto link. Your browser or email app may handle the draft before you send it, and your email provider may process the message under its own terms and privacy policy.

Analytics

We do not currently run Google Analytics or other non-essential site analytics. If that changes, we will update this policy and request consent where required before enabling them.

How we use and share data

We use browser storage to provide the timer features you ask us to remember, and we use contact form data to respond to messages and related enquiries. We do not sell your personal information.

Lawful basis

For contact enquiries, we generally rely on our legitimate interests in replying to messages and operating the site. Where you contact us about potential work or collaboration, we may also process that information to take steps at your request before entering into a contract.

Who we share data with

Cloudflare, which hosts and protects the static site.
Your email provider and ours, when you choose to email us.
Regulators, advisers, or authorities where disclosure is required by law or reasonably needed to establish, exercise, or defend legal claims.

International transfers

Some service providers may process data outside the UK. Where that happens, we rely on the safeguards they make available under their contracts, privacy documentation, and applicable data protection law.

Retention

Local browser data stays on your device until you delete it, clear your browser storage, or overwrite it with new values. Contact form messages are usually kept for up to 12 months after the last substantive correspondence, unless we need to keep them for longer for security, legal, or administrative reasons.

Your choices and rights

You can clear local browser data at any time through your browser settings. If UK data protection law applies to your request, you may also have rights to ask for access, correction, erasure, restriction, objection, and data portability. You can contact us through the contact form and you can complain to the UK Information Commissioner’s Office if you believe your data has been handled unlawfully.

Changes

We may update this policy when our practices, providers, or legal requirements change. When we do, we will update the effective date shown above.