Privacy Policy

Last updated: January 11, 2026

At Morrowpost, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our services, including our use of Google APIs and services.

1. Information We Collect

1.1 Personal Data

We may collect personally identifiable information, such as your name, email address, and payment information, when you register for an account or purchase our services.

1.2 Google User Data

When you sign in with Google, we access the following Google user data:

• Basic Profile Information: Your name, email address, and profile picture from your Google account
• Authentication Token: OAuth 2.0 tokens to authenticate your identity (we do not access your Google account password)

We only request the minimum scopes necessary for authentication purposes. We do not access your Gmail, Google Drive, Google Calendar, or other Google services beyond basic profile information required for sign-in.

1.3 Usage Data

We may also collect information that your browser sends whenever you visit our Service. This may include information such as your computer's Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.

2. How We Use Your Information

2.1 General Use

We use the information we collect in various ways, including to:

• Provide, operate, and maintain our website and mobile applications
• Improve, personalize, and expand our services
• Understand and analyze how you use our website
• Develop new products, services, features, and functionality
• Communicate with you, either directly or through one of our partners, including for customer service, to provide you with updates and other information relating to the website, and for marketing and promotional purposes
• Send you emails and notifications
• Find and prevent fraud

2.2 How We Use Google User Data

Information obtained from Google APIs is used specifically for:

• Authentication: To verify your identity and provide secure access to your Morrowpost account
• Account Creation: To create and maintain your user profile within Morrowpost
• User Experience: To personalize your experience by displaying your name and profile picture

We do not use Google user data for:

• Serving advertisements
• Training AI or machine learning models (beyond service improvement)
• Selling or sharing with third parties for their marketing purposes
• Any purpose other than providing you with the Morrowpost service

3. How We Store and Protect Google User Data

We implement robust security measures to protect your Google user data:

• Access Controls: We implement strict access controls and authentication mechanisms to ensure only authorized personnel can access user data
• Data Minimization: We only store the minimum amount of Google user data necessary to provide our services
• Token Security: OAuth tokens are securely managed and automatically expire according to Google's security policies
• Regular Security Audits: We conduct regular security reviews and updates to maintain the highest security standards

3.1 Data Retention

We retain Google user data only for as long as necessary to provide you with our services or as required by law. When you delete your account, your Google user data is permanently deleted from our systems within 30 days.

4. Disclosure and Sharing of Your Information

We may share information we have collected about you in certain situations. Your information may be disclosed as follows:

• Service Providers: We use trusted third-party service providers to help us operate our services:
  • Firebase (Google): For authentication, database storage, analytics, and crash reporting
  • Cloud Storage: For secure storage of user-generated content
  • Payment Processors: For processing subscription payments (we do not store your full payment card details)
  These service providers are bound by strict data protection agreements and only access data necessary to perform their services.
• Legal Requirements: If we believe the release of information about you is necessary to respond to legal process, to investigate or remedy potential violations of our policies, or to protect the rights, property, and safety of others, we may share your information as permitted or required by any applicable law, rule, or regulation.

4.1 Google User Data Sharing

We do not sell, rent, or share your Google user data with third parties for their direct marketing purposes. Google user data is only shared with:

• Google/Firebase: As part of the authentication and hosting infrastructure
• You: When you choose to export or share your own data

We will never transfer Google user data to third parties without your explicit consent, except as required by law or as necessary to provide the Morrowpost service.

5. Your Rights and Choices Regarding Google User Data

You have the following rights regarding your Google user data:

• Access: You can view and manage your Google account settings at any time through your Google Account
• Revoke Access: You can revoke Morrowpost's access to your Google account data at any time by visiting your Google Account Permissions page
• Data Deletion: You can request deletion of your data by contacting us or deleting your Morrowpost account
• Data Portability: You can request a copy of your data in a machine-readable format

6. Compliance with Google API Services User Data Policy

Morrowpost's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. This means:

• We only request the minimum necessary permissions to provide our service
• We use Google user data only for purposes explicitly disclosed to you
• We do not transfer Google user data to third parties except as necessary to provide or improve our services, comply with applicable law, or as part of a merger, acquisition, or sale of assets (with notice to you)
• We do not use Google user data for serving advertisements
• We do not allow humans to read Google user data unless: (1) you give us explicit consent, (2) it's necessary for security purposes, (3) to comply with applicable law, or (4) the data has been aggregated and anonymized

7. Security of Your Information

We use administrative, technical, and physical security measures to help protect your personal information. While we have taken reasonable steps to secure the personal information you provide to us, please be aware that despite our efforts, no security measures are perfect or impenetrable, and no method of data transmission can be guaranteed against any interception or other type of misuse.

8. Third-Party Services and Analytics

We use the following third-party services:

• Google Analytics: To analyze usage patterns and improve our service (data is anonymized)
• Firebase Analytics: To track app performance and user engagement
• Firebase Crashlytics: To monitor app stability and identify bugs (crash data is anonymized)
• Google Fonts: To provide custom typography (no personal data is collected)

These services may collect information about your device and usage patterns. Please review their respective privacy policies for more information.

9. International Data Transfers

Your information, including Google user data, may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that are different from the laws of your country. We ensure that appropriate safeguards are in place to protect your information in accordance with this Privacy Policy and applicable laws.

10. Children's Privacy

We do not knowingly solicit information from or market to children under the age of 13. If you become aware that any data has been collected from children under age 13, please contact us using the contact information provided below, and we will take steps to delete such information.

11. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. For significant changes, we may also notify you via email or through a prominent notice in our app. You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

12. Contact Us

If you have questions or comments about this Privacy Policy, or if you would like to exercise your rights regarding your data, please contact us at:

• Email: admin@cendra.co
• Support: support@cendra.co

We will respond to your request within 30 days.

13. Data Protection Officer

For residents of the European Economic Area (EEA) and other jurisdictions with data protection regulations, you can contact our data protection team at: admin@cendra.com