Privacy Policy for My Life Assistant

Last Updated: 15 April 2026
Policy Version: 2026-04-15

1. Who We Are (Data Controller)

My Life Assistant is provided by João Reis (“Developer”, “we”, “us”).
Contact email: hello.lifeassistant@gmail.com
Location: Portugal

If you have questions about this Privacy Policy or want to exercise your rights, contact us at the email above.

2. Scope

This Privacy Policy explains how we collect, use, store, and protect personal data when you use My Life Assistant (the “App”), currently in Alpha.

3. Data We Collect

We may collect the following categories of personal data:

• Account and identity data: name/display name, username, email address, and account identifiers.
• Optional profile data: may include optional profile fields such as date of birth, if provided.
• User content: text, notes, tasks, routines, categories, planning data, and other data you voluntarily input or store within the App.
• Technical and security data: limited technical information needed to operate, secure, debug, and maintain the App (such as service logs and error diagnostics).

We do not intentionally collect special category data unless you choose to provide it in user content.

4. Why We Process Your Data (Purposes and Legal Bases)

We process personal data for the following purposes:

1. To provide and operate the App (account creation, login, profile display, and core features).
   Legal basis: performance of a contract (GDPR Art. 6(1)(b)).

2. To maintain security and prevent abuse (security monitoring and protection of systems and users).
   Legal basis: legitimate interests (GDPR Art. 6(1)(f)).

3. To debug issues and maintain reliability (technical troubleshooting and service continuity).
   Legal basis: legitimate interests (GDPR Art. 6(1)(f)).

4. To comply with legal obligations where applicable.
   Legal basis: legal obligation (GDPR Art. 6(1)(c)).

If we introduce optional non-essential features (such as analytics or optional communications) that require consent, we will request consent where required by law.

5. Analytics

My Life Assistant does not currently use non-essential usage analytics for user behavior tracking.

If analytics is introduced in the future, we will update this Privacy Policy and, where required by law, request consent before collecting non-essential analytics data.

6. Data Sharing and Processors

We do not sell your personal data.

We use third-party service providers (processors) to operate the App, including:

• Keycloak for identity and authentication services.
• PostgreSQL for managed database storage and processing.
• Oracle Cloud Infrastructure (Oracle) for hosting and deployment infrastructure.
• Grafana Loki for operational logging, monitoring, and debugging support.

These providers process personal data only on our behalf, under contractual safeguards, and only to the extent necessary to provide, secure, and maintain the App.

For the current list of processors/subprocessors, contact us at hello.lifeassistant@gmail.com.

7. International Data Transfers

Your data may be processed outside the EEA/UK depending on infrastructure configuration and service providers.

Where this occurs, we rely on appropriate safeguards (such as Standard Contractual Clauses) and additional measures where needed.

You may contact us to request information about the safeguards used for relevant international transfers.

8. Data Retention

We keep personal data only as long as necessary for the purposes described above:

• Account/profile/content data: retained while your account is active.
• Deletion requests (Alpha): after request confirmation (and identity verification where needed), we permanently delete associated personal data from live systems within 30 days.
• Backups: we do not maintain routine backups containing personal data in this Alpha phase.
• Security logs (Loki): retained for up to 30 days.
• Application error/debug logs: retained for up to 14 days.
• Abuse-prevention and incident investigation records: retained for up to 180 days, unless a longer period is strictly required for an active legal claim, legal obligation, or security investigation.

Some minimal records may be retained longer where legally required or strictly necessary for dispute handling, security, or abuse prevention.

9. Security

We implement reasonable technical and organizational safeguards, including access controls and secure transmission measures appropriate to deployment architecture.

No system is 100% secure, particularly during Alpha operation. Please use strong, unique passwords and avoid sharing unnecessary sensitive information.

10. Your GDPR Rights

If you are in the EEA/UK, you may have rights to:

• Access your personal data.
• Rectify inaccurate data.
• Erase your data.
• Restrict processing.
• Object to processing based on legitimate interests.
• Data portability.
• Withdraw consent at any time where processing relies on consent.

To exercise your rights, contact hello.lifeassistant@gmail.com.
We may request identity verification before processing requests.
We will respond to rights requests within 30 days of receipt of a valid request. If requests are complex or numerous, we may extend this by up to an additional 60 days where permitted by law, and we will inform you of the extension and reasons within the initial 30-day period.
You also have the right to lodge a complaint with your local supervisory authority (including Portugal’s CNPD, where applicable).

11. Account Deletion and Data Requests

• In-App Deletion: You can initiate permanent deletion of your account and associated data from within the App.
• Alpha Deletion Practice: once deletion is confirmed (and identity is verified where needed), we permanently delete associated personal data from our active systems within 30 days.
• Backups: we do not maintain routine backups containing personal data in this Alpha phase.
• Retention Exceptions: we may retain limited information where legally required or strictly necessary for security, abuse prevention, or dispute handling.
• Data Access / Portability Requests: during this Alpha phase, data access and portability requests are handled by email at hello.lifeassistant@gmail.com. In-app export tooling may be introduced in a future release.

12. Children and Minors

My Life Assistant is for a general audience and is not intended for unlawful use by children under the age at which they can validly consent to data processing in their country.

If you are below that age, you must have permission from a parent or legal guardian.

We do not knowingly process children’s data in violation of applicable law.
If you believe this occurred, contact hello.lifeassistant@gmail.com and we will review and take appropriate action.

13. Changes to this Policy

We may update this Privacy Policy from time to time.
If changes are material, we will provide notice in the App and update the “Last Updated” date and policy version.

14. Contact

João Reis
Portugal
Email: hello.lifeassistant@gmail.com