Privacy Policy

What we collect

Information you give us

When you create an account, we collect:

• Name and email address — so we know who you are and can send you things like password resets.
• Authentication data — if you sign in with Google or GitHub, we receive basic profile information (name, email, profile picture) from those services. We don't get your password.

When you use Warren, we store:

• Clients, projects, and tasks — the names and details you enter.
• Time entries — start times, durations, dates, and any descriptions you add.
• Organization details — your business name, address, and contact information (used for things like time report exports).

This is your data. You created it. We store it so Warren works.

Information we collect automatically

Analytics: We use Umami Cloud for website analytics. We chose Umami specifically because it's privacy-focused — it doesn't use cookies, doesn't track you across sites, and doesn't collect personal information. We see aggregate data like page views and general usage patterns. We can't identify you individually from analytics data.

Server logs: Like virtually every web service, our servers generate logs that may include your IP address, browser type, and timestamps. These are used for security and debugging, not profiling.

Information we don't collect

• Payment or financial information (there's nothing to pay for right now)
• Location data beyond what's in server logs
• Contacts or data from your phone
• Anything from cookies (we don't use tracking cookies)

How we use your data

We use your information to:

• Run Warren — store your time entries, projects, clients, and tasks so you can access them.
• Generate exports — create the PDF and CSV time reports you request, using your organization details for branding.
• Authenticate you — verify your identity when you log in.
• Send you emails — account-related messages (password resets, security alerts) and occasional product updates about Warren. You can unsubscribe from product updates at any time.
• Improve Warren — understand how people use the product through aggregate, anonymous analytics so we can make it better.

We don't use your data for:

• Advertising or ad targeting
• Selling to third parties
• Training AI models
• Building profiles about you
• Anything other than making Warren work for you

Where your data lives

Your data is stored on PlanetScale, a managed database service hosted in the United States. Our application servers are also US-based.

If you're outside the US, your data crosses borders to reach our servers. We mention this because we think you should know, not because we're doing anything unusual — this is standard for most web services.

Who we share your data with

We don't sell your data. Full stop.

We share data only with the services required to run Warren:

• PlanetScale — database hosting (stores your data)
• Umami Cloud — privacy-focused analytics (no personal data shared)
• BetterAuth — authentication infrastructure
• Google / GitHub — only if you choose to sign in with those services, and only the standard OAuth flow

We may also share data if required by law — if we receive a valid legal request, we'll comply. If we're allowed to, we'll tell you about it.

How we protect your data

• All connections to Warren use HTTPS encryption in transit.
• Authentication tokens are handled securely and expire appropriately.
• Database access is restricted and credentialed.

We're a small team, not a security company. We use industry-standard practices and reputable infrastructure providers. We're honest about the fact that no system is perfectly secure, but we take reasonable measures to protect what you've entrusted to us.

Your rights and choices

Access and export: You can export your time data at any time through Warren's built-in export feature (PDF or CSV). It's your data — you should always be able to take it with you.

Deletion: If you want your account and all associated data deleted, email us at privacy@runwarren.com and we'll take care of it. We'll confirm once it's done.

Email preferences: You can unsubscribe from product update emails at any time. Account-related emails (security, authentication) will continue as long as you have an account.

Corrections: If any information we have about you is wrong, let us know and we'll fix it.

California Privacy Rights (CCPA)

If you're a California resident, you have specific rights under the California Consumer Privacy Act:

Right to know what personal information we collect, use, and disclose. This policy covers that — we've tried to make it comprehensive and readable.

Right to delete your personal information. Email privacy@runwarren.com and we'll delete your account and all associated data within 30 days. We'll confirm once it's done.

Right to opt out of the sale of personal information. We don't sell your personal information. Never have, never will. There's no "Do Not Sell" button because there's nothing to opt out of.

Right to non-discrimination. We won't treat you differently for exercising your privacy rights. No degraded service, no passive-aggressive feature restrictions.

Categories of personal information we collect: Identifiers (name, email address, IP address), commercial information (client names, project details, time entries), and internet activity information (aggregate usage analytics through Umami). We do not collect biometric data, geolocation data, or sensitive personal information as defined under CCPA.

How to exercise your rights: Email privacy@runwarren.com. We'll verify your identity through your account email and respond within 45 days as required by law.

Children

Warren is a business tool. It's not designed for or directed at anyone under 13. We don't knowingly collect information from children. If you believe we have, please contact us and we'll delete it immediately.

Changes to this policy

If we make meaningful changes to this policy, we'll let you know — either through Warren itself or by email. We won't quietly change the terms on you.

The current version is always available at runwarren.com/privacy.

Contact

If you have questions about this policy or your data, reach out:

Email: privacy@runwarren.com

Mail: dsire inc., 5609 Dunsmuir Ave, Suite A, Dunsmuir, CA 96025