Effective date: July 8, 2026
Introduction
Clarity OS LLC (“Clarity OS”, “we”, “us”) makes a commitment enforcement app that helps you block distracting websites and apps during Protection Windows. It is available on the web at clarityos.dev, on Windows, and on iOS. A companion Chrome extension and Android support are planned but not yet available.
This policy explains what information Clarity OS collects, how we use it, who we share it with, and the choices you have. It describes what the product actually does today — not what a template says it might do.
Our Privacy Philosophy
Clarity OS exists to protect your attention, not to monetize it. We collect information for exactly two reasons: to make blocking work reliably across your devices, and to show you your own focus history.
We do not sell personal information, we do not show ads, and we do not build advertising profiles. Wherever blocking decisions can happen on your device instead of our servers, they do — for example, the iOS content filter checks websites entirely on your iPhone and never reports what you visited.
Information We Collect
Account information. When you sign up we collect your email address and a password. Authentication is handled by Supabase; your password is stored only in hashed form. We do not ask for your name, and we do not offer social logins today.
Protection configuration. We store the blocklists you create or select (the websites, categories, and apps you choose to block), your schedules and modes, and each Protection Window you run — including its start and end times, its block list snapshot, and any optional project or goal note you type when starting a session.
Device information. For each device you pair we store a device identifier, the device name, platform (such as iOS or Windows), app version, time zone, connection heartbeats, and a status report describing whether blocking is actually applied on that device. iOS devices also register a push notification token so we can wake the app to sync. Devices authenticate with a per-device secret, which is stored hashed on our servers.
Focus and session events. To power your focus timeline and distraction metrics, paired devices send session events to our servers: when a Protection Window starts and ends, and blocked attempts. A blocked attempt records only the domain name of the blocked site (never the full page address) and any intention text you type at the block screen. We do not collect tab-switch activity, browsing history, or the titles of the apps and windows you use — our servers are configured to reject that kind of data. These events are private to your account and are used only for your own focus metrics and timeline.
Billing information. Every account starts with a free trial tracked on our servers. Paid checkout is not yet enabled in the current version of Clarity OS. When payments launch they will be processed by Stripe; your card number and bank details will go directly to Stripe and will never touch Clarity OS servers.
Support and contact. If you use the contact form we collect the name, email address, and message you submit so we can reply.
Error diagnostics. When a server request fails we log technical details (the route, an error message, and stack trace) linked to your account id so we can fix problems. These logs are designed to never include your password, tokens, or device secrets.
Information We Do NOT Collect
We do not sell personal information. We do not build advertising profiles or use advertising cookies. We do not track you across other websites. We do not read your messages, photos, or contacts. We do not record keystrokes, and we never see the passwords you use on other sites.
We do not collect your browsing history. The only browsing-related data we store is the domain name of a blocked attempt during a Protection Window — never the pages you visit, your tab activity, or full web addresses.
On iOS, the apps you select for blocking are stored only on your device using Apple’s privacy-preserving Screen Time technology — we cannot see which apps you chose, and we do not collect Screen Time usage data. The iOS website filter makes its block/allow decisions entirely on your device and does not send your browsing activity to us.
Our application code does not store your IP address. We do not collect payment card or bank details anywhere in the current version. We do not run marketing email lists, and we do not use crash-reporting trackers.
How We Use Information
We use your information to run your Protection Windows across your paired devices, to tell you truthfully whether you are protected right now, to show you your own focus history and distraction metrics, to keep your account secure, to respond when you contact us, and to fix bugs.
That is the complete list. We do not use your data for advertising, and we do not share it with third parties except the service providers described below.
Analytics
Our website uses Vercel Web Analytics to understand page visits in aggregate. It is cookie-less and does not track you across other websites. Before any analytics data leaves your browser, Clarity OS strips sensitive values (such as tokens or email addresses that might appear in a link) from page URLs.
We do not use Google Analytics, session recording, heatmaps, or any other analytics or telemetry service. The desktop and iOS apps contain no third-party analytics at all.
Cookies and Browser Storage
We use only strictly necessary cookies — the session cookies that keep you signed in. The web app also keeps a small local cache in your browser so sessions feel instant; signing out clears it.
For full details, see our Cookie Policy.
Third-Party Services
We share information only with the service providers we need to run Clarity OS:
Supabase hosts our database and authentication, and sends account emails such as verification and password-reset messages. Your account, devices, blocklists, schedules, and focus events are stored there. Vercel hosts our website and provides the aggregate analytics described above; like any web host, it processes network information such as IP addresses to deliver pages. Resend delivers contact-form email and receives the name, email, and message you submit. Applereceives your device’s push token so we can send silent sync notifications to the iOS app — these pushes contain no personal content. Stripe will process payments when paid plans launch; it is not active in the current version.
None of these providers are permitted to use your data for their own advertising, and we never sell or rent your information to anyone.
Data Retention
We keep your information for as long as your account exists so your history, schedules, and paired devices keep working.
When you delete your account (available in the app, with a typed confirmation), your account and the data tied to it — devices, blocklists, schedules, Protection Window history, and focus events — are deleted from our systems. We retain only a minimal deletion record for legal and security auditing, and it intentionally contains no email address, tokens, secrets, or blocklist contents.
Your Rights
You can view and edit your blocklists, schedules, devices, and focus history directly in the app, remove or revoke paired devices at any time, and delete your account entirely from account settings.
Depending on where you live, you may also have legal rights to access, correct, export, or delete your personal information, or to object to certain processing. Email privacy@clarityos.dev and we will honor these requests regardless of your location. A self-serve data export is not built into the current version — email us and we will provide your data.
Security
All traffic between your devices and our servers uses HTTPS. Passwords are hashed by Supabase Auth and are never visible to us. Device pairing secrets are stored hashed on our servers and compared using timing-safe checks. Database access is protected by row-level security so your data is only readable by your account.
On Windows, service credentials are kept in a file readable only by system administrators, and diagnostic exports automatically redact secrets. Support diagnostics never include your password, tokens, or device secrets.
No system is perfectly secure, but we design Clarity OS so that a breach of any single layer exposes as little as possible. If we ever learn of a breach affecting your personal information, we will notify you as required by law.
Children's Privacy
Clarity OS is not directed at children under 13, and we do not knowingly collect personal information from them. If you believe a child has created an account, contact us at privacy@clarityos.dev and we will delete it.
International Users
Clarity OS LLC is based in the United States, and your information is processed and stored on servers in the United States by the providers listed above. If you use Clarity OS from outside the United States, you understand that your information is transferred there. We apply the same protections described in this policy to everyone, everywhere.
Changes to this Policy
We may update this policy as the product evolves — for example, when paid subscriptions launch or Android support arrives. We will post updates on this page and revise the effective date. For material changes, we will also notify you in the app or by email.
Contact
Privacy questions or requests: privacy@clarityos.dev. General support: support@clarityos.dev. Clarity OS LLC, https://clarityos.dev.