Privacy Policy

Effective: April 21, 2026

1. Roles under GDPR

pauza, Inc. ("pauza", "we") operates two products with different data roles:

  • pauza for Teams dashboard (teams.pauza.ai) — We act as processor on behalf of your employer, who is the controller of any data about your participation (activation status, team membership, reward payouts from their wallet). Processing is governed by a Data Processing Agreement (DPA) between pauza and the employer.
  • pauza iOS app (on your personal device) — We act as controller for your individual account, focus sessions, and reward balance. Your employer never becomes controller of this data; they only fund the wallet that redeems your tokens.

2. What we collect

From the employee, via the iOS app:

  • Email address (for magic-link sign-in and reward delivery)
  • Focus session metadata — start time, duration, outcome. This stays on-device and is transmitted only as aggregate counters.
  • Reward transactions (tokens earned, redeemed, balance). No individual Screen Time data — that remains on the device under Apple's ManagedSettings framework and is never readable by us.

From the admin:

  • Name, work email, organization name, role within the org
  • Billing contact and (via Stripe) payment method token
  • Audit trail of admin actions inside the dashboard

3. What the employer can see

Aggregate, team-level metrics only, gated by a minimum cohort size of threepeople. Teams smaller than three render as "too small to report" to prevent re-identification from a one- or two-person chart.

  • Count of seats invited, activated, and active this month
  • Focus minutes and challenge outcomes, summed per team
  • Rewards distributed from the wallet (total, not per-user)
  • Admin audit log (their own admins' actions only)

4. What the employer cannot see

  • Which apps any individual uses or blocks
  • Individual focus times, streaks, or tokens
  • When a specific employee is or isn't using the app
  • Any data from before the employee joined their program or after they leave it

5. Subprocessors

We use a small number of vetted subprocessors. Each has a DPA in place and processes data only to deliver the stated function:

  • Google (Firebase) — authentication, Firestore database, hosting. Data resides in Google Cloud us-central1 and eur-west3 regions.
  • Vercel — dashboard application hosting and TLS termination.
  • Stripe — subscription billing and wallet top-up payment processing.
  • Tremendous — gift card fulfillment when an employee redeems tokens.
  • Resend — transactional email (magic-link sign-in, reward delivery notifications).
  • Sentry — error tracking. Scrubbed for PII; receives only error stacks and non-identifying request metadata.

6. Retention

  • User account data— retained while the account is active. Deletion via the iOS app ("Delete my account") purges the personal record within 30 days.
  • Org dashboard data — retained for the life of the subscription. On deletion by an owner, the entire org subtree is purged within 30 days; a minimal compliance record (org name, deletion timestamp, actor) is retained for 7 years to evidence the deletion.
  • Audit logs — 2 years, then rolled off.
  • Billing records — 7 years (tax law).

7. Your rights

Under GDPR (and equivalents like CCPA), you can request access, correction, deletion, restriction, or portability of your personal data. Users of the iOS app can trigger access and deletion self-serve from app settings. Admins can email privacy@pauza.ai — we respond within 30 days. Where we act as processor, we forward the request to the employer-controller within 5 business days.

8. Security and transport

All traffic is TLS 1.2+ with HSTS (2-year max-age, preload). Secrets are stored in Vercel's encrypted environment store; Firestore data is encrypted at rest by Google. Access to production data is limited to two engineers and logged. A SOC 2 Type II audit is planned; we share the latest security questionnaire on request.

9. International transfers

Data originating in the EEA is stored in eur-west3. Transfers to the US (Sentry, Stripe, Tremendous) rely on Standard Contractual Clauses. We will disclose the full transfer map to any controller on request.

10. Contact

Privacy questions, DPA requests, or data-subject requests: privacy@pauza.ai. Our US mailing address is available on request for formal correspondence.