Tokinu Privacy Policy

At a glance

Tokinu is a private personal operating cockpit. It is designed for personal task management, operator attention, and optional integrations that the user explicitly connects inside the protected app.

The public website only collects contact details that you submit.
Google integrations require user authorization and use only the scopes needed for enabled features.
Tokinu does not sell personal data, use Google user data for advertising, or make health data public.
Health Hubby may receive compact Tokinu health summaries or projections, never raw Google payloads or OAuth tokens.

Data Tokinu may collect

The public website can collect contact details that you submit, including email address, optional name, optional message, contact consent, source page, and submission timestamps.

The private app can store account data, projects, tasks, AI audit records, operator activity summaries, integration state, and compact source context needed to run enabled features.

How Tokinu uses data

Tokinu uses submitted public contact data to reply to contact requests or questions. Private app data is used to run the personal cockpit: task capture, project organization, operator summaries, AI review records, and enabled integrations.

Public form submissions should not include OAuth tokens, health records, private task content, passwords, or other secrets.

Google User Data

Tokinu may request Google OAuth access only when a signed-in user chooses to connect a Google integration. Current Google integrations may include Calendar, Tasks, user email, and Google Health read-only scopes.

Google Calendar and Tasks data is used to show connected status, discover selected records, queue reviewed imports, create local Tokinu tasks, and perform explicit user-triggered exports where the app surface says a Google write will happen.

Tokinu does not sell Google user data, does not use Google user data for advertising, and does not make Google user data public. OAuth tokens are stored server-side and encrypted before persistence.

Health and fitness data

Tokinu may request Google Health read-only scopes for activity, fitness, health metrics, sleep, and optional location context when an operator enables the health bridge.

Tokinu owns the Google OAuth client for this path. Health Hubby receives only compact Tokinu Google Health summaries or projections. It must not receive Google OAuth client secrets, refresh tokens, raw Google Health payloads, raw Fitbit payloads, raw GPS traces, or public third-party health dumps through Tokinu.

Health and fitness data is used for personal organization, wellness context, and coaching-style summaries. Tokinu does not provide professional medical advice, diagnosis, treatment, or emergency services.

Storage and access

Tokinu stores application data in the operator-controlled deployment environment. Public contact records are stored in Tokinu's database. Private app data is scoped to authenticated users and protected app routes.

Access is limited to the operator and the systems needed to run Tokinu. Secrets, OAuth tokens, production data dumps, and private user data must not be committed to source control, documentation, prompts, fixtures, or public logs.

Deletion and revocation

You can request deletion of public contact records or ask questions by emailing [email protected]. A signed-in operator can disconnect Google from the private integrations screen. You may also revoke Tokinu's Google access from your Google Account permissions page.

Changes

If Tokinu changes how it accesses, uses, stores, or shares Google user data or health data, this policy must be updated before the new use is made available.