The short version
We do not see your work. Your documents, notes, files, and anything you create inside Donezo stay on your device. We hold your email, your plan, and your payment reference. That is it.
If you use free apps without an account, we hold nothing about you at all.
1. Who controls your data
The data controller is Sequence Theory, a sole proprietorship registered at Commelinstraat 198, 1093 VD Amsterdam, Netherlands (KvK 72222204). Contact: omar@donezo.space.
2. What we collect and why
Free app users with no account: We collect nothing. Can, Hub, Docs and Calendar work entirely in your browser. No data of any kind is transmitted to us.
Account holders (paid plans):
| Data | Why we hold it | Legal basis | Retention |
|---|---|---|---|
| Email address | Deliver licence keys, send transactional messages | Contract, GDPR Art. 6(1)(b) | Duration of licence |
| Plan tier | Determine which features you can access | Contract, GDPR Art. 6(1)(b) | Duration of licence |
| Licence key(s) | Verify entitlement on your devices | Contract, GDPR Art. 6(1)(b) | Duration of licence |
| App settings | Preferences such as theme and workspace name | Contract, GDPR Art. 6(1)(b) | Duration of licence |
| Stripe customer ID | Link account to payment records | Legal obligation, GDPR Art. 6(1)(c) | 7 years |
| Transaction records | Invoicing and fiscal compliance | Legal obligation, GDPR Art. 6(1)(c) | 7 years (Dutch AWR Art. 52) |
Providing your email is a contractual requirement. Without it, we cannot deliver your licence. There is no obligation to provide it for free app use.
Analytics: Donezo currently collects no analytics of any kind. If we introduce optional analytics in the future, we will ask for your explicit opt-in consent before activating anything. Declining has no effect on your experience.
3. What we never collect
We never collect or process:
- The contents of your vault: documents, notes, invoices, files, or any content you create in any Donezo app
- Your API keys (stored encrypted locally in your vault, never transmitted to us)
- Files you sync to your cloud provider
- Data you send to an AI provider through Donezo's AI features
- Keystrokes, input patterns, or typing behaviour
- Device fingerprint or browser fingerprint
- Behavioural tracking data
- Cross-site tracking identifiers
This is not only policy. It reflects the architecture. Donezo apps run in your browser and store data in your browser. There is no Donezo server that receives your content.
4. How your data flows
Donezo's architecture has three layers. The order matters. Sequence Theory is never in the chain.
1. Local browser
Your vault is stored in your browser's localStorage and IndexedDB. These are browser-native storage mechanisms that operate entirely on your device. Donezo does not have access to these stores from outside your device. Local is always the source of truth. Every app reads from and writes to your local vault first.
2. Google Drive
If you choose to connect Google Drive, your local vault is mirrored to a dedicated Donezo folder in your own Google Drive. Donezo never touches any other Drive folder. If your local data is lost, you restore from your Drive. If your Drive is unavailable, your local copy keeps working. The sync runs directly from your browser to your Drive. Sequence Theory does not act as an intermediary, and the file contents are encrypted in the browser before they leave (see Section 13).
3. Control Lab
Users access and manage their Donezo Drive folder across devices from Control Lab. Control Lab is the only place cross-device file management happens. It runs in your browser and reads from your own Drive folder using the OAuth scope you granted to Donezo. Sequence Theory does not have a copy of any file you manage in Control Lab.
Donezo never holds user data at any point. We are never in the chain between your device, your Drive, and Control Lab. We cannot read your vault. We cannot recover it if you lose it. This is intentional.
Local device folder access
The Hub app may request access to a folder on your device using the browser's File System API. This is a browser-native permission. You grant it through a standard browser prompt, not through any Donezo server. The connection is entirely local. Your file contents are never transmitted to Sequence Theory. You can revoke this permission in your browser settings at any time.
5. Sign-in and session management
Donezo uses magic link authentication. When you sign in, we send a one-time link to your email address. That link expires after a single use. No password is stored anywhere by Sequence Theory.
After first sign-in, your session is stored locally in your browser's localStorage under a secure key. Your session persists on your device until you log out or clear your browser storage. Sequence Theory does not maintain server-side sessions.
Donezo does not use tracking cookies. Session management is handled entirely through browser localStorage, not cookies.
6. Google Drive connection
If you choose to connect Google Drive, Donezo requests OAuth access using the drive.file scope only. This scope grants access exclusively to files and folders that Donezo itself created in your Drive, specifically the Donezo backup folder. It cannot read, write, or access any other file or folder on your Drive.
This scope is permanent. Donezo will not upgrade to broader Drive scopes. If a future feature would require broader access, the architecture is redesigned — the scope does not expand.
The OAuth token is stored in your browser's sessionStorage and is never transmitted to Sequence Theory. You can revoke Drive access at any time from your Google account settings at myaccount.google.com/permissions.
7. Progressive Web App (PWA)
Donezo apps can be installed as Progressive Web Apps. When installed, the browser caches the application shell and assets locally on your device. This cache enables offline use after first load.
The PWA cache contains app code and interface assets only. It does not include your vault content (which is stored in localStorage/IndexedDB separately). Installing or uninstalling the PWA has no effect on your vault data.
No additional data is transmitted to Sequence Theory as a result of PWA installation or offline use.
8. AI features
Donezo's AI features are bring-your-own-AI. You provide your own API key to your chosen AI provider (such as Anthropic or OpenAI). That key is stored encrypted in your local vault using AES-256. Sequence Theory never receives it.
When you run an AI task, your content travels directly from your browser to your chosen provider. Sequence Theory does not receive, proxy, or log the content of that exchange.
In accordance with EU AI Act Article 50, all AI-generated content in Donezo is clearly labelled as AI-generated. AI outputs are suggestions. Nothing is applied to your data without your explicit approval.
Sequence Theory does not make automated decisions about individuals using AI.
9. Third-party processors
We share data with the following processors. Each is bound by a Data Processing Agreement and may only process data on our instruction.
| Processor | Purpose | Country / Region | Transfer basis |
|---|---|---|---|
| Stripe, Inc. | Payment processing, licence management | United States | EU Standard Contractual Clauses (Stripe DPA) |
| Supabase, Inc. | Licence database, user records | European Union — AWS eu-west-3, Paris | Data stays in the EU. No international transfer. |
| Resend, Inc. | Transactional email (licence delivery) | United States | EU Standard Contractual Clauses + EU-U.S. Data Privacy Framework. DPA auto-executed on acceptance of Resend's Terms of Service. |
Infrastructure providers:
Donezo's website and apps are served via Cloudflare and Vercel. These providers process IP addresses and standard HTTP request metadata as part of web hosting. They do not access vault content, account data, or any content you create. No personal data beyond technical request metadata is shared with them.
Not Donezo processors
- Your cloud provider (Google Drive, Dropbox, iCloud): data goes directly from your browser to your cloud. Donezo is not an intermediary. Your provider's privacy policy applies.
- Your AI provider: you provide your own API key. Data goes directly from your browser to your provider. Donezo does not receive it.
10. International data transfers
Sequence Theory does not transfer your vault content internationally. We do not hold it.
For account data held by our processors, any transfer outside the EEA is made under EU Standard Contractual Clauses approved by the European Commission.
11. Your rights under GDPR
| Right | What it means |
|---|---|
| Access (Art. 15) | Request a copy of the data we hold about you |
| Rectification (Art. 16) | Ask us to correct inaccurate data |
| Erasure (Art. 17) | Ask us to delete your account data. Transaction records required by fiscal law (7 years) cannot be deleted early. Vault content cannot be deleted because we do not hold it. |
| Portability (Art. 20) | Receive your account data in a machine-readable format |
| Restriction (Art. 18) | Ask us to pause processing while a dispute is resolved |
| Withdraw consent | If we ever process data on the basis of consent (e.g. analytics), you may withdraw at any time without affecting prior lawful processing |
To exercise any right: Email omar@donezo.space with the subject "Data Request." Include your name and the email address on your account. We will respond within 30 days (GDPR Art. 12(3)).
12. Right to complain
Autoriteit Persoonsgegevens
PO Box 93374, 2509 AJ Den Haag, Netherlands
autoriteitpersoonsgegevens.nl · +31 (0)70 888 85 00
EU residents may also complain to their local supervisory authority.
13. Security
Account data held by our processors is protected using industry-standard controls including encryption at rest and in transit.
How your vault is protected
- Per-app namespaces. Each Donezo app owns its own vault namespace. An app can only read and write to its own namespace, not to the namespaces of other apps, unless you explicitly grant cross-app access on the Connected plan.
- API keys are encrypted before storage. Any API keys you provide to bring-your-own-AI features are encrypted in your local vault using AES-256 before being written. Sequence Theory never receives them.
- Connected plan vault encryption. On the Connected plan, your vault is encrypted at rest using AES-256 with a passphrase that you set. The passphrase never leaves your browser. Sequence Theory cannot decrypt your vault, even if compelled to.
- Encrypted before leaving your device. When your vault syncs to Google Drive, it is encrypted in your browser before it leaves. The Drive copy is ciphertext from Donezo's point of view.
Recommended on your side
Full-disk encryption on your device, keeping your browser updated, and enabling vault PIN if using Donezo on a shared device.
14. Children
Donezo is not directed at users under 16. We do not knowingly collect data from anyone under 16. Contact omar@donezo.space if you believe this has occurred and we will delete it promptly.
15. Changes to this policy
Material changes will be notified by email (for account holders) with the effective date updated at donezo.space/privacy. The previous version will be archived for 12 months.
16. Contact
Sequence Theory
Commelinstraat 198, 1093 VD Amsterdam, Netherlands
omar@donezo.space