Happens

Privacy Policy

Last updated: March 7, 2026

Happens ("we", "us", "our") is a family planner application. We respect your privacy and are committed to protecting your personal data. This policy explains what information we collect, why we collect it, and your rights regarding that information.

1. What information we collect

Account information

  • Email address — used for authentication and account identification
  • Full name — displayed in your profile
  • Profile picture URL — only if you sign in with Google; we store the URL provided by Google, not the image itself
  • Password — if you sign up with email/password; stored securely by our authentication provider (Supabase) using industry-standard hashing — we never have access to your plain-text password

Family & planning data

  • Family name and language preference
  • Family member names and display colors (these can be first names or nicknames — you choose)
  • Tasks, task assignments, and task completions
  • Reminders
  • Dinner plans and notes
  • Calendar feed URLs (iCal/ICS) that you provide, and the calendar events imported from those feeds (titles, descriptions, locations, times)

What we do NOT collect

  • We do not collect your IP address, browser fingerprint, or device information for tracking purposes
  • We do not use advertising cookies or pixels
  • We do not track your behavior across other websites
  • We do not build individual user profiles for analytics

2. How we use your information

We use your data exclusively to provide the Happens service:

  • Authenticate you and keep your account secure
  • Display your family's weekly planner with tasks, dinners, and calendar events
  • Sync external calendar feeds that you explicitly provide

We do not sell, rent, or share your personal data with third parties for marketing or advertising purposes. Period.

3. Third-party services

We rely on the following third-party services to operate Happens. Each has their own privacy policy governing how they handle data:

Supabase (Database & Authentication)

Stores your account data, family data, and handles authentication. Data is hosted in the EU (AWS eu-west-1).

Supabase Privacy Policy →

Vercel (Hosting & Analytics)

Hosts the application and serves web pages. We also use Vercel Analytics to collect anonymous, aggregate page view counts and performance metrics. Vercel Analytics is cookieless — it does not use cookies, does not collect personal data, does not track individual users, and does not store IP addresses. No consent banner is required. Vercel may also process standard web server logs (IP addresses, request timestamps) as part of their hosting infrastructure.

Vercel Privacy Policy →

Google (OAuth Sign-in)

If you choose to sign in with Google, Google provides us with your name, email, and profile picture. We do not receive your Google password or access to other Google services.

Google Privacy Policy →

4. Cookies

We use only essential cookies required to keep you logged in (session cookies managed by Supabase). We do not use any advertising or optional tracking cookies. Our analytics (Vercel Analytics) are fully cookieless and do not require consent.

5. Calendar data

When you add a calendar feed (iCal/ICS URL), we periodically fetch events from that URL to display them in your planner. We store event titles, descriptions, locations, and times. Calendar feed URLs may contain private access tokens — we store these securely in our database and never expose them publicly.

6. Data storage & security

  • Your data is stored in a PostgreSQL database hosted by Supabase in the EU (AWS eu-west-1, Ireland)
  • All data is transmitted over HTTPS (encrypted in transit)
  • Passwords are hashed using industry-standard algorithms — we never store or have access to plain-text passwords
  • Database access is restricted to authenticated application requests only

7. Data retention

We retain your data for as long as your account is active. If you delete your account, all associated data (family, members, tasks, dinners, calendar events) will be permanently deleted from our database. Due to our cascading delete setup, removing your account removes all related data.

8. Your rights (GDPR)

Under the General Data Protection Regulation (GDPR), you have the following rights:

  • Access — request a copy of all personal data we hold about you
  • Rectification — request correction of inaccurate data
  • Erasure — request deletion of your data ("right to be forgotten")
  • Portability — request your data in a machine-readable format
  • Restriction — request that we limit processing of your data
  • Objection — object to processing of your data

To exercise any of these rights, please contact us at the email address below.

9. Children's privacy

Happens is a family planner that may include names of children as family members. However, only the account holder (parent/guardian) creates and manages family member entries. Children do not have their own accounts, and we do not knowingly collect personal information directly from children under 16.

10. Changes to this policy

We may update this privacy policy from time to time. If we make significant changes, we will notify you through the application. The "last updated" date at the top of this page indicates when the policy was last revised.

11. Contact

If you have questions about this privacy policy or want to exercise your rights, please contact us:

Email: privacy@happens.today

← Back to Happens