Privacy Policy

Your Data Stays Yours

Focus Chain is a single-user, local application. All your data is stored entirely on your own server in a single SQLite database file. Nothing is sent to any external server or third party.

Data Storage

• All data is stored in data/database.sqlite on your web server
• The database contains: focus logs, goals, milestones, schedules, sprints, and reviews
• Session data is stored in PHP sessions (server-side only)
• Browser cache is used for offline functionality via Service Worker

Security Measures

• All database queries use PDO prepared statements to prevent SQL injection
• CSRF tokens protect all form submissions
• Input is sanitized and output is escaped to prevent XSS
• Session cookies use HttpOnly, Secure, and SameSite=Strict flags
• Error messages are logged server-side and never exposed to users
• No external API calls or analytics tracking

Data Portability

You can export all your data at any time using the Export feature in Settings. The export is a JSON file that you can store locally or import into another instance of Focus Chain.

Data Deletion

You can delete all your data at any time using the Clear All Data feature in Settings. Alternatively, simply delete the data/database.sqlite file.

Network Access

Focus Chain only connects to:

• Bootstrap CDN (cssdelivr.net) - for CSS and JavaScript frameworks
• Bootstrap Icons (jsdelivr.net) - for icon fonts
• Your own server - for all app functionality

All CDN resources are loaded over HTTPS. You can download and host these locally if you prefer zero external dependencies.