Circadianly
How it works Blog Add to Browser Free
Legal

Privacy Policy

Last updated: May 2026

Overview

Circadianly is built with privacy as a core principle. The extension's core features operate entirely on your device. Two additional capabilities involve data outside the core local rhythm model: an optional Google Calendar integration that reads your calendar events and processes them on-device with Chrome's built-in AI, and background usage analytics that collect anonymous interaction data. This policy explains exactly what is collected, by whom, and why.

What we collect

Core extension

Your wake-up time and preferences are stored locally using the Chrome Storage API and never leave your device.

Google Calendar integration (optional)

If you connect Google Calendar, Circadianly reads your calendar events — including event titles, times, descriptions, and attendee information — and processes them entirely on your device using Chrome's built-in AI (Gemini Nano) to generate personalised phase advice. No calendar data is transmitted to external AI servers. You can revoke access at any time from the extension settings or from your Google Account permissions page.

Usage analytics

Circadianly uses PostHog to collect anonymous usage data — which features you interact with and how you use the extension. Each installation is assigned a random identifier that is not linked to your name, email address, or Google account. We use this data solely to understand how the extension is used and to improve it. Opt-out controls are planned for a future version.

Local storage

The extension stores the following data locally on your device:

  • Your wake-up time (used to compute the five circadian phase windows)
  • Extension preferences and settings
  • A boolean flag indicating whether you have connected Google Calendar (only the connection state, not the token itself)

None of this data is transmitted anywhere except as described above.

Permissions

Circadianly requests the following browser permissions:

  • storage — saves your local preferences and wake time between sessions
  • identity — authenticates with Google when you enable the Calendar integration
  • https://www.googleapis.com/auth/calendar.readonly — grants read-only access to your Google Calendar events, requested only when you enable the Calendar integration

Third-party services

  • Google Calendar API — provides read-only access to your calendar events when the integration is enabled. Calendar data is processed on-device and is not shared with Google for AI purposes.
  • Chrome Built-in AI (Gemini Nano) — an on-device AI model built into Chrome that processes your calendar events locally to generate phase advice. No data leaves your device during inference.
  • PostHog — collects anonymous usage analytics identified only by a random device ID.

Google API Services — Limited Use

Circadianly's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically, Circadianly:

  • Only reads calendar data to provide the personalised phase advice feature directly requested by you.
  • Does not transfer Google user data to third parties except as necessary to provide the extension's features.
  • Does not use Google user data for advertising or to train AI/ML models outside of your device.
  • Does not allow humans to read Google user data unless you have given explicit permission, it is necessary for security purposes, or it is required by law.

Data security

We apply the following protections to sensitive data handled by Circadianly:

  • OAuth token — never stored by the extension itself. Chrome's Identity API (chrome.identity) manages the token internally in Chrome's own secure token cache. The extension only calls chrome.identity.getAuthToken() to obtain a short-lived token for the duration of an API request.
  • Calendar event data — read from the Google Calendar API at the moment you request phase advice, processed in-memory on your device by Gemini Nano, and immediately discarded. No calendar content is ever written to persistent storage.
  • Data minimisation — the extension requests only the calendar.readonly scope and reads only the events needed to compute advice for the current time window.
  • No external transmission — calendar data, event titles, descriptions, and attendee information are never sent to Yahht servers or any third-party AI service.
  • No data sales — we do not sell, rent, or share your personal data or Google user data with any third party for commercial purposes.

Your choices

  • Google Calendar: you can disconnect at any time from the extension settings, which removes the stored OAuth token and stops any calendar data from being sent.
  • Analytics: opt-out controls are planned for a future version of the extension.

Children's privacy

Circadianly is not directed at children under 13. The Google Calendar integration accesses personal calendar data and should not be used by children under 13.

Changes to this policy

If we make material changes to this policy, we will update the date at the top of this page and release a new version of the extension.

Contact

Questions? Reach us at mail@yahht.com.

Circadianly
Blog Privacy Terms Contact

Circadianly is a Yahht project. © 2026