Privacy Policy

Last updated: May 16, 2026

Paso (“we,” “our,” or “us”) is committed to protecting your privacy.

This Privacy Policy explains how we collect, use, store, and protect your information when you use our mobile and web applications (“the App”), including how Paso accesses and uses Google user data when you connect your Google Account.

By using Paso, you agree to the practices described in this Privacy Policy.

1. Information We Collect

a) Information You Provide

When you create an account, for example by using Google Sign-In, we collect your email address through Firebase Authentication. This account is used to identify you in the App and to store or synchronize your data.

Depending on how you use Paso, we may process the following data:

  • notes, tasks, headers, projects, reminders, and other planning content you create in the App;

  • account information, such as your email address;

  • subscription and billing-related information, if you purchase a paid plan;

  • support messages or other information you send to us directly.

Local data created in the free plan may be stored locally on your device and linked to your account.

If synchronization is enabled, your data may be securely stored and synchronized using our backend infrastructure, including Firebase and/or Supabase.

We do not collect personal data such as your address, contacts, or precise location unless it is required for a specific feature and clearly disclosed.

b) Google Account and Google Calendar Data

If you choose to connect your Google Account to Paso, we may request access to selected Google user data through Google OAuth.

Paso may request read-only access to your Google Calendar events, including the following scope:

https://www.googleapis.com/auth/calendar.events.readonly

This allows Paso to read events from your Google Calendar.

We use Google Calendar data only to provide calendar-related functionality inside Paso, such as displaying your calendar events in the App so you can see the full context of your day and plan your tasks more effectively.

Paso does not use Google Calendar data for advertising, profiling, selling data, or any purpose unrelated to the calendar integration.

Paso does not create, edit, or delete Google Calendar events when using the read-only calendar scope.

c) Automatically Collected Information

We may automatically collect limited technical and usage information to improve the App.

This may include:

  • app version;

  • device type;

  • operating system;

  • crash logs;

  • usage events related to app functionality.

We use the following services:

  • PostHog – to understand how users interact with the App and improve the user experience;

  • Sentry – to collect crash reports and technical error details;

  • Firebase – for authentication, app infrastructure, cloud storage, and related services.

Analytics data is aggregated or anonymized whenever possible.

We do not collect sensitive data such as payment card numbers, contacts, or location unless required for core functionality and clearly disclosed.

2. How We Use Your Information

We use collected information to:

  • provide and improve Paso’s core functionality;

  • create and manage your account;

  • store, synchronize, and back up your data when synchronization is enabled;

  • display your notes, tasks, projects, reminders, and calendar events inside the App;

  • show Google Calendar events in Paso when you connect your Google Account;

  • monitor performance and fix technical issues;

  • analyze aggregated usage trends to improve the user experience;

  • communicate with you about support requests, important updates, or account-related matters.

We do not sell, rent, or trade your personal data.

3. How We Use Google User Data

Paso’s use of information received from Google APIs is limited to the purposes described in this Privacy Policy.

When you connect Google Calendar, Paso accesses your Google Calendar events only to display them in the App and provide calendar-related planning functionality.

We do not use Google user data to:

  • serve advertisements;

  • build advertising profiles;

  • sell or rent user data;

  • train generalized AI or machine learning models;

  • share Google Calendar data with third parties except where necessary to provide and secure the App;

  • access data beyond the permissions you explicitly grant.

Our use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

4. Data Storage and Security

Your notes, tasks, projects, reminders, and calendar-related data remain private and are not shared publicly.

Synced data may be stored using Firebase and/or Supabase. Data is encrypted in transit and, where supported by our providers, encrypted at rest.

Local data is stored on your device. We cannot access or recover local-only data unless synchronization is enabled.

Google Calendar data may be temporarily processed or cached only as needed to provide the calendar integration. We limit access to Google Calendar data to what is necessary for the App’s user-facing functionality.

Access to your account is protected by your login credentials and the authentication systems provided by Firebase and Google.

We follow industry-standard security practices, but no system can be guaranteed to be completely secure.

5. Data Sharing

We do not sell your personal data or Google user data.

We may share limited data with trusted service providers that help us operate the App, including:

  • Firebase / Google Cloud – authentication, infrastructure, and cloud storage;

  • Supabase – optional data synchronization and storage;

  • PostHog – analytics;

  • Sentry – error reporting;

  • Paddle – payment processing for web subscriptions.

These providers process data only as necessary to provide their services to us and are subject to their own privacy and security obligations.

We may also disclose information if required by law, legal process, or to protect the rights, safety, and security of Paso, our users, or others.

6. Data Retention and Deletion

We retain your data for as long as your account is active or as long as necessary to provide the App.

Local data remains on your device and can be deleted by removing it from the App or uninstalling the App.

Synced data is retained on our servers until you delete your account, delete the data in the App, or request deletion.

Google Calendar data is retained only as long as necessary to provide the calendar integration. If you disconnect your Google Account or request deletion of your data, we will delete associated Google Calendar data from our systems, unless we are legally required to retain certain information.

You may request deletion of your account and associated data at any time by emailing:

maciejbrzezinskibm@gmail.com

You may also revoke Paso’s access to your Google Account at any time through your Google Account permissions page.

7. Your Rights

Depending on your jurisdiction, including the European Union under the GDPR or California under the CCPA/CPRA, you may have the right to:

  • access the data we hold about you;

  • request correction of inaccurate data;

  • request deletion of your data;

  • object to or restrict certain processing;

  • request a copy of your data in a portable format;

  • withdraw consent where processing is based on consent.

To exercise these rights, contact us at:

maciejbrzezinskibm@gmail.com

8. Third-Party Services

Paso uses trusted third-party providers to operate and improve the App:

  • Firebase / Google LLC – authentication, infrastructure, and cloud storage;

  • Supabase – optional data synchronization and storage;

  • PostHog – analytics;

  • Sentry – error reporting;

  • Paddle – payment processing for web subscriptions;

  • Google Calendar API – optional calendar integration when you connect your Google Account.

Each provider processes data according to its own privacy policy and applicable laws.

9. Children’s Privacy

Paso is not intended for children under 13, and we do not knowingly collect personal information from children under 13.

If we become aware that we have collected personal information from a child under 13, we will take steps to delete it.

10. Changes to This Policy

We may update this Privacy Policy from time to time.

Updates will be posted in the App or on our website, and the “Last updated” date will be revised.

If we make material changes to how we access, use, store, or share Google user data, we will update this Privacy Policy and, where required, ask users to provide consent again.

11. Contact Us

If you have questions or requests regarding this Privacy Policy, please contact:

Paso
Maciej Brzeziński
Nowodwór 42
08-503 Nowodwór
Poland

Email: maciejbrzezinskibm@gmail.com
Website: https://paso.to