Privacy Policy

Effective February 15, 2026

This Privacy Policy applies to the FocusCat macOS application (the "App") with bundle identifier com.buildergroup.focuscat, available on the Apple App Store and via direct download, and the website focuscat.app and all its subdomains (the "Sites"), together with all related services (the "Services"), owned and operated by Benno Kohrs (Sole Proprietor Business, collectively, "Benno Kohrs", "we", "us", or "our"). This Privacy Policy describes how we collect, use, share, and secure the personal information you provide to us. It also describes your choices regarding use, access, correction, and deletion of your personal information.

1. Definitions

Personal information is any information about you which can be used to identify you. This includes information about you as a person (such as name, address, and date of birth), your devices, payment details, and even information about how you use an application or online service.

The macOS application (App) refers to the FocusCat application available through the Apple App Store and via direct download. The App provides productivity features including pomodoro timers, activity tracking, focus profiles, and app/website blocking.

The website refers to all public-facing informational pages on focuscat.app. This includes content such as homepage, product descriptions, legal documents, and support resources.

2. What Data We Collect

We collect both information you knowingly and actively provide us when using or participating in any of our services and promotions, and any information automatically sent by your devices in the course of accessing our products and services.

We only collect and use your personal information when we have a legitimate reason for doing so. In which instance, we only collect personal information that is reasonably necessary to provide our services to you.

We do not sell your personal information or any data you enter into our Services in any way.

Third-party Services and Sub-processors

We share certain information with companies that may be considered our "sub-processors" under GDPR. This information is limited to the following:

Required for the Website

The following services are required for the operation of the website:

• Vercel: We use Vercel to host our website and static assets. Privacy Policy of Vercel.

| Company | Purpose | Information Collected | | ------- | ---------------------- | --------------------- | | Vercel | Hosting infrastructure | IP address |

Required for the App

The following services are required for the operation of the App:

• Apple App Store: Distribution and updates of the App. Apple Privacy Policy.

| Company | Purpose | Information Collected | | --------------- | ---------------- | --------------------- | | Apple App Store | App distribution | App usage data |

Please note that these services only receive your personal information when necessary for providing our core service functionality. For example:

• Vercel provides hosting infrastructure and only processes data necessary for website delivery
• Apple App Store handles App distribution and updates in accordance with Apple's platform requirements

Please note that we carefully select our service providers and only work with companies that maintain high standards of security and comply with applicable data protection regulations.

Data Sharing and Disclosure

Beyond our service providers, we may share your personal data in the following circumstances:

Disclosure to Authorities

We may disclose your personal data to authorities when required by law or in response to valid requests by public authorities. This includes disclosing information to:

• Comply with legal obligations, court orders, or government requests
• Protect and defend our rights or property
• Prevent or investigate possible wrongdoing in connection with our services
• Protect the personal safety of users or the public
• Protect against legal liability

Professional Service Providers

We may share your personal data with professional advisors including lawyers, auditors, and accountants who provide services to us and are bound by confidentiality obligations.

Legal Basis for Processing

We process your personal data based on the following legal grounds under Article 6 of the GDPR:

• Legitimate interests (Art. 6(1)(f)) - for improving our services, analytics, and business operations
• Contract performance (Art. 6(1)(b)) - for providing our services and fulfilling our obligations to you
• Consent (Art. 6(1)(a)) - where you have explicitly agreed to specific processing activities
• Legal obligation (Art. 6(1)(c)) - where required by applicable laws and regulations

3. How We Collect Information

We collect the following personal information from you:

Information That You Provide to Us About Yourself

When you use our Services, we may request information such as:

• Contact Information: such as name and email address (if you contact us)
• App Data: Activity logs, timer sessions, focus profiles, and preferences stored locally on your device

We may collect, hold, use, and disclose information for the following purposes, and personal information will not be further processed in a manner that is incompatible with the purpose of providing you with our Service's core features.

Please be aware that we may combine information we collect about you with general information or research data we receive from other trusted sources.

Information Collected Automatically

When you visit our website, our servers automatically log standard data provided by your web browser. This may include your device's Internet Protocol (IP) address, your browser type and version, the pages you visit, the time and date of your visit, the time spent on each page, and other details about your visit.

Additionally, if you encounter certain errors while using the site, we may automatically collect data about the error and the circumstances surrounding its occurrence. This data may include technical details about your device, what you were trying to do when the error occurred, and other technical information related to the problem. You may or may not receive notice of such errors, even in the moment they occur, or what the nature of the error is.

Please be aware that while this information may not be personally identifying by itself, it may be possible to combine it with other data to personally identify individual persons.

Information Collected After Opt-In Permission

Accessibility Permission

The App requests macOS Accessibility permission to monitor which application and window is currently active on your Mac. When you grant this permission, the App can:

• Detect the currently focused application
• Read window titles and positions
• Track application switches

Important: All activity data is processed and stored locally on your device. We do not transmit, store, or access your activity data through our servers. All activity tracking operates entirely on your device, and you can revoke Accessibility permission at any time through macOS System Settings > Privacy & Security > Accessibility.

Input Monitoring Permission

The App requests macOS Input Monitoring permission to detect keyboard and mouse activity during focus sessions. This is used solely to determine whether you are actively using your computer. The App does not record, log, or store what you type or click. It only detects the presence of input activity.

You can revoke Input Monitoring permission at any time through macOS System Settings > Privacy & Security > Input Monitoring.

Favicon Fetching

When the App detects a website domain from your browser activity, it may fetch that website's favicon (icon) directly from the third-party website to display in the activity timeline. These requests go directly to the third-party website, not to our servers. No personal data is transmitted in these requests, but the third-party website may log your IP address.

4. Security

The security of your personal information is important to us. We implement adequate measures to protect the personal information submitted to us, both during transmission and once it is received. The App stores data locally on your device using a SQLite database and JSON configuration files, which are protected by macOS built-in security mechanisms, including FileVault disk encryption and App Sandbox restrictions (for App Store builds). We restrict access to personal information to our employees, contractors and agents who need to know that information in order to operate, develop or improve our service. These individuals are bound by confidentiality obligations and may be subject to discipline, including termination and criminal prosecution, if they fail to meet these obligations. If you have any questions about the security of your personal information, you can contact us at the contact information below.

5. Rights with respect to your information

You always retain the right to withhold personal information from us, with the understanding that your experience of our App or website may be affected. We will not discriminate against you for exercising any of your rights over your personal information. If you do provide us with personal information you understand that we will collect, hold, use and disclose it in accordance with this privacy policy. You retain the right to request details of any personal information we hold about you.

If we receive personal information about you from a third party, we will protect it as set out in this privacy policy. If you are a third party providing personal information about somebody else, you represent and warrant that you have such person's consent to provide the personal information to us.

If you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time. We will provide you with the ability to unsubscribe from our email-database or opt out of communications. Please be aware we may need to request specific information from you to help us confirm your identity.

If you believe that any information we hold about you is inaccurate, out of date, incomplete, irrelevant, or misleading, please contact us using the details provided in this privacy policy. We will take reasonable steps to correct any information found to be inaccurate, incomplete, misleading, or out of date.

If you believe that we have breached a relevant data protection law and wish to make a complaint, please contact us using the details below and provide us with full details of the alleged breach. We will promptly investigate your complaint and respond to you, in writing, setting out the outcome of our investigation and the steps we will take to deal with your complaint. You also have the right to contact a regulatory body or data protection authority in relation to your complaint.

Your rights

• Withdraw your consent at any time. You have the right to withdraw consent where you have previously given your consent to the processing of your Personal Data.
• Object to processing of your Data. You have the right to object to the processing of your Data if the processing is carried out on a legal basis other than consent.
• Access your Data. You have the right to learn if Data is being processed by us, obtain disclosure regarding certain aspects of the processing and obtain a copy of the Data undergoing processing.
• Verify and seek rectification. You have the right to verify the accuracy of your Data and ask for it to be updated or corrected.
• Restrict the processing of your Data. You have the right, under certain circumstances, to restrict the processing of your Data. In this case, we will not process your Data for any purpose other than storing it.
• Have your Personal Data deleted or otherwise removed. You have the right to obtain the erasure of your Data from us.
• Receive your Data and have it transferred to another controller. You have the right to receive your Data in a structured, commonly used and machine readable format and, if technically feasible, to have it transmitted to another controller without any hindrance. This provision is applicable provided that the Data is processed by automated means and that the processing is based on your consent, on a contract which you are part of or on pre-contractual obligations thereof.
• Lodge a complaint. You have the right to bring a claim before your competent data protection authority.

How to exercise these rights

Since all App data is stored locally on your device, you have direct control over it at all times. You can view your data by opening the App's data directory (available via Settings), delete all data by uninstalling the App or removing the data directory, disable tracking at any time in the App's Settings, and revoke permissions via macOS System Settings.

For any other requests, such as requesting or deleting personal information we may hold (e.g., support emails), please contact us through the contact details provided below. Requests can be exercised free of charge and will be addressed by us as early as possible and always within one month.

6. International Data Transfers

Some of our service providers are located outside the European Economic Area (EEA), including in the United States. When we transfer your personal data to these providers, we ensure appropriate safeguards are in place:

• Standard Contractual Clauses (SCCs) - We use European Commission-approved Standard Contractual Clauses with our US-based service providers
• Adequacy Decisions - We transfer data to countries that the European Commission has determined provide adequate protection
• Additional Safeguards - We implement additional technical and organizational measures where necessary to ensure your data remains protected

These transfers are necessary for providing our services and are conducted in accordance with applicable data protection laws.

7. Business Transactions

If we are involved in a merger, acquisition or asset sale, your personal data may be transferred. We will provide notice before your personal data is transferred and becomes subject to a different privacy policy. The new owners may use your personal data in the same way as set out in this privacy policy.

8. Data Retention

Since the App stores all data locally on your device, data retention is entirely under your control. The App does not automatically delete data — all historical data is preserved until you choose to remove it. You can delete all App data at any time by uninstalling the App or deleting the App's data directory.

If you contact us for support, we may retain your contact information and correspondence as needed to resolve your request, comply with our legal obligations, resolve disputes, and enforce our agreements.

If you wish for any personal data we hold to be completely removed, please send us an explicit request via email. Include your details and a brief description of your request to facilitate the prompt processing of your data deletion.

9. Policy regarding children

We do not aim any of our products or services directly at children under the age of 13, and we do not knowingly collect personal information about children under 13.

10. Limits of our policy

Our website may link to external sites that are not operated by us. Please be aware that we have no control over the content and policies of those sites, and cannot accept responsibility or liability for their respective privacy practices.

11. Changes to this policy

At our discretion, we may change our privacy policy to reflect updates to our business processes, current acceptable practices, or legislative or regulatory changes. If we decide to change this privacy policy, we will post the changes here at the same link by which you are accessing this privacy policy.

If the changes are significant, or if required by applicable law, we will contact you (based on your selected preferences for communications from us) with the new details and links to the updated or changed policy.

If required by law, we will get your permission or give you the opportunity to opt in to or opt out of, as applicable, any new uses of your personal information.

12. Contact

If you have questions or concerns about this privacy policy, please contact us at support@focuscat.app.