Privacy Policy

Last updated: February 4, 2025

1. Introduction

DashCrumbs ("we", "our", or "us") operates the dashcrumbs.com website and service. This Privacy Policy explains how we collect, use, and protect your information when you use our smart home dashboard service.

2. Information We Collect

Account Information

When you create an account, we collect your email address and authentication credentials. We use Supabase for authentication and data storage.

Smart Home Device Data

When you connect your SmartThings account, we access device states (e.g., on/off, locked/unlocked, temperature readings) and device metadata (names, locations, capabilities). We do not access or store personal information from your smart home devices beyond what is needed to display your dashboard.

Google Calendar Data

If you choose to connect Google Calendar, we request read-only access to your calendar data. Specifically, we use the following Google API scopes:

  • calendar.readonly — to view your list of calendars
  • calendar.events.readonly — to view upcoming events

We only read calendar event titles, times, locations, and descriptions to display on your dashboard. We never create, modify, or delete any calendar events. Calendar data is fetched in real time and is not stored permanently on our servers beyond encrypted access tokens needed to maintain your connection.

Usage & Analytics Data

We use Google Analytics to collect anonymized usage data such as page views, session duration, and device type. This data is only collected if you consent to cookies via our cookie banner. You can decline analytics cookies at any time.

3. How We Use Your Information

  • To provide and operate the DashCrumbs dashboard service
  • To display your smart home device states and calendar events
  • To detect device usage patterns (stored in your account, never shared)
  • To improve our service through anonymized analytics
  • To communicate with you about your account or service changes

4. Data Storage & Security

Your data is stored securely using Supabase with row-level security policies that ensure you can only access your own data. Integration tokens (such as Google OAuth tokens) are encrypted at rest using AES-256-GCM encryption.

We use HTTPS for all data transmission and follow industry-standard security practices to protect your information.

5. Data Sharing

We do not sell, rent, or share your personal information with third parties, except:

  • With service providers that help us operate our service (Supabase for data storage, Google for analytics)
  • When required by law or to protect our legal rights
  • With other users only when you explicitly share a dashboard via our sharing feature

6. Third-Party Integrations

DashCrumbs integrates with third-party services including Samsung SmartThings and Google Calendar. Each integration requires your explicit authorization and can be disconnected at any time from your settings page.

DashCrumbs's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

7. Cookies

We use essential cookies for authentication and session management. We also use optional analytics cookies (Google Analytics) that are only activated with your consent. You can manage your cookie preferences through the banner displayed on your first visit.

8. Data Retention & Deletion

We retain your data for as long as your account is active. You can disconnect integrations at any time, which removes the associated tokens and device data. If you delete your account, all associated data is permanently removed.

9. Your Rights

You have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data
  • Disconnect third-party integrations at any time
  • Opt out of analytics cookies

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the updated policy on this page with a revised "Last updated" date.

11. Contact Us

If you have questions about this Privacy Policy or your data, please contact us at [email protected].