Privacy Policy

1. Who we are

Maxxer ("we", "us", "our") is a productivity tracker for macOS. This Privacy Policy explains what we collect, how we use it, and the choices you have. If you have questions, reach us at privacy@maxxer.app.

2. What we collect

a) Account information

When you create an account you sign in with your email address or a Google account through our authentication provider, Clerk. We store your email and an account identifier — not a password. If you subscribe, payments are handled by Paddle, our Merchant of Record, which collects your billing details. We never receive or store your full card number.

b) On-device activity

Maxxer records keystroke and mouse-click counts, the active application (and, for browsers, the domain of the active tab), idle/away state, and focus-session metadata — all locally. If you turn on the optional Webcam Attention or eye-tracking features, your camera is analyzed on your Mac to sense whether you're at your desk; those camera frames are processed entirely on-device and are never stored or transmitted. This data stays on your device by default and is used only to render your dashboard, streaks, and goals. We do not transmit the contents of what you type — only aggregate counts.

c) Optional cloud sync and leaderboards

If you opt into leaderboards or multi-device sync, aggregate metrics (APM per minute, focus-time totals, session start/end timestamps) are sent to our servers under your account. You can turn this off at any time; existing cloud data is deleted on request.

d) Diagnostic telemetry

When Maxxer crashes we may send a minimal report including OS version, app version, and a stack trace. Reports contain no personal content. You can disable crash reporting in Settings → Privacy.

3. What we don't collect

4. How we use your data

5. Sharing

We share data only with the vendors we depend on to run the service: Paddle (payments and Merchant of Record), Clerk (account sign-in), Cloudflare (hosting and database), Resend (transactional email), and Sentry (crash diagnostics, only if you opt in). Each is bound by data-processing terms. We disclose data to law enforcement only when compelled by a valid legal request.

6. Retention

We keep account data for as long as your account is active, plus up to 12 months after cancellation for accounting and dispute purposes. You can request earlier deletion at any time — see Section 8.

7. Security

Data in transit is encrypted with TLS. Data at rest in our databases is encrypted with industry-standard algorithms. Local on-device data is protected by macOS's user-account isolation. No system is perfectly secure; we make our best commercially reasonable effort.

8. Your rights

Depending on where you live (GDPR, CCPA, and similar laws), you have the right to access, correct, delete, or export your personal data, and to object to certain processing. Email privacy@maxxer.app from the address on your account and we'll respond within 30 days.

9. Children

Maxxer is not directed at children under 13, and we do not knowingly collect data from them.

10. Changes

If we make material changes to this policy we'll notify you by email and update the "Last updated" date above.