Privacy
toT App Privacy Policy
This page covers both the general privacy policy for the toT desktop app and the specific privacy details for the optional Google OCR feature.
General App Privacy
toT is designed to be local-first for writing, editing, counting, reading-time estimation, snapshots, task management, and most day-to-day use. Most app content stays on your device unless you choose a feature that connects to a third-party service.
Data the app stores or processes locally
- current text, saved text snapshots, settings, window state, and task-related data on your device
- local OCR connection and token state when you choose to use Google OCR
How the app uses this data
The app uses locally stored data to provide its writing, counting, planning, snapshot, task, and window-state features. The app may connect to external services only for user-triggered actions such as opening user-requested links, checking release or update information, or running optional OCR flows.
Third-party sharing
The app does not send your local text, snapshots, settings, task data, or window state to the developer. If you contact the developer through email or GitHub Issues, the developer receives only the information you choose to include in that support request.
Storage and protection
Local app data is stored in the app's local data directory on your device. Protection of that local data depends on your device, operating system, and account security. Google OCR token state is stored locally and protected using Electron safeStorage and the operating system encryption facilities available on your platform.
Retention and deletion
Local app data remains on your device until you edit it, delete it, remove the app's local data, or uninstall the app. Support messages and any files or text you voluntarily send to the developer may be retained only as long as reasonably necessary to respond, troubleshoot, or comply with legal obligations. You can request deletion of developer-controlled support data by contacting cibersino@gmail.com.
Google OCR Privacy
Google OCR applies only when you choose that OCR route inside the app.
The OCR route uses the end user's Google account and requests the Google Drive scope drive.file.
toT uses an owner-provided Google Cloud project and OAuth client distributed with the app.
1. Data Accessed
- basic Google authorization and token data needed to connect the app to your Google account for this OCR feature
- the Google Drive file access granted by the
drive.filescope - only the image or PDF files you explicitly choose for OCR
- a temporary converted Google document created during the OCR workflow so text can be exported back to the app
- the extracted text returned from Google to the app after export
2. Data Usage
The app uses this data to authenticate the Google OCR connection, upload and convert the selected file, export extracted text back to the app, reuse the saved connection for future OCR runs, and attempt cleanup of the temporary Google document after export.
3. Data Sharing
Selected OCR files, the temporary converted document, and the related Google authorization data are shared with Google only to provide the Google OCR workflow. The app does not send OCR files or extracted OCR text to the developer. Other than Google services required for OCR and any information you separately choose to send to the developer for support, this feature does not share Google user data with other third parties.
4. Data Storage and Protection
The app stores Google OCR token state locally on your device so the connection can be reused. That token state is protected using Electron safeStorage and the operating system encryption facilities available on your platform. Local app data and OCR results stored by the app remain in the app's local data area on your device, and protection of that data also depends on your device, operating system, and account security. The app attempts to delete the temporary converted Google document from Google after text export.
5. Data Retention and Deletion
The local OCR token state remains until you disconnect Google OCR, remove local app data, or uninstall the app. When the disconnect action completes successfully in the app, it revokes the saved token and deletes the local token file. You can also revoke the app's Google access from your Google Account permissions and security controls. The app attempts to delete the temporary converted Google document immediately after export. This OCR feature does not send OCR files or extracted OCR text to the developer, and it does not create a separate developer copy of that OCR content.
Contact
For privacy questions or deletion requests regarding support communications you intentionally sent to the developer, contact cibersino@gmail.com.