This Privacy Policy describes how Hour Pixel ("Hour Pixel," "we," "our," or "us") collects, uses, and protects your information when you use the Hour Pixel website and application at
hourpixel.com (the "Service").
Hour Pixel is a service of Renwick Ventures, based in Canada. If you have questions about this policy, contact us at
[email protected].
1. Information we collect
Information you provide
Account info: email address and password (if using email/password sign-in) or your Google account identifier (if using Google sign-in).
Business profile: business name, address, country, region, tax registration numbers, logo, and invoice preferences you enter into the app.
Work data: clients, projects, time entries, planned time blocks, expenses, and invoices you create.
Tax settings: country, province/state, and optional deduction preferences used to calculate tax estimates.
Communications: bug reports, support requests, and emails you send us.
Information collected automatically
Usage data: pages viewed, feature interactions, timestamps, and anonymous analytics via Google Analytics.
Device data: browser type, operating system, IP address, and device identifiers stored locally to keep you signed in and sync timers across devices.
Exchange rates: we fetch daily USD/CAD rates from the Bank of Canada for currency conversion in tax estimates.
Information from third-party services
If you connect Google Calendar, we access your calendar data via Google's APIs. See the dedicated Google User Data section below.
2. How we use your information
To provide, operate, and maintain the Service.
To sync your data across your devices via Google Firestore.
To generate and send invoices on your behalf (only when you request it).
To calculate tax estimates based on your jurisdiction.
To sync planned time blocks and imported events with Google Calendar (only if you choose to connect it).
To respond to support requests and fix bugs you report.
To send service-related emails (account verification, password reset).
To monitor abuse, enforce rate limits, and comply with legal obligations.
3. Google User Data and Google API Services
Limited Use Disclosure. Hour Pixel's use and transfer to any other app of information received from Google APIs will adhere to the
Google API Services User Data Policy,
including the Limited Use requirements.
Google services we access
When you connect Google Calendar, Hour Pixel requests the following OAuth scope:
https://www.googleapis.com/auth/calendar: to create a dedicated "Hour Pixel" calendar in your Google account, write your planned time blocks as events in that calendar, and read events from your primary calendar so they can be displayed as read-only background blocks on the Hour Pixel schedule view.
How we use Google Calendar data
Push: We create, update, and delete events in a calendar we create for you named "Hour Pixel." We do not write to your primary calendar or any other calendar you own.
Pull: We read event titles, times, and descriptions from your primary calendar within a limited window (approximately 14 days before and 60 days after the current date) solely to display them as read-only background blocks on your schedule. Your calendar events are never written to Hour Pixel's database. They live only in memory while the app is open.
Scope of use: Calendar data is used exclusively to provide the user-facing sync feature you explicitly enabled. It is not used for advertising, not sold, not shared with third parties, and not used to train machine-learning models.
How we store Google Calendar data
OAuth access tokens are stored only in your browser's sessionStorage and are cleared when you close the browser or disconnect. They are never written to our database.
A small amount of sync metadata (your connected status, an opaque sync-token cursor, and the ID of the "Hour Pixel" calendar we create) is stored in Google Firestore so the connection persists across devices.
Events fetched from your primary calendar are held only in memory on your device. They are never persisted to our database.
Your control over Google Calendar data
You can disconnect Google Calendar at any time in Settings → Integrations. Disconnecting revokes our access and clears all Google-related metadata from your Hour Pixel account.
Events previously written to the "Hour Pixel" calendar remain in your Google account after you disconnect. You can delete them manually in Google Calendar.
4. How we store and protect your data
Your data is stored in Google Firebase (Firestore) under Google's security infrastructure. Firebase services are covered by industry-standard encryption in transit and at rest.
Authentication is handled by Firebase Authentication. Passwords are hashed and salted by Firebase; we never see them in plain text.
We use Firebase App Check and reCAPTCHA Enterprise to protect against automated abuse.
Access tokens and sensitive session data are stored in browser storage on your device, not on our servers beyond what is required for sync.
5. Third-party services we use
Google Firebase (Authentication, Firestore, Cloud Functions, App Check, Analytics): hosting and data storage.
Resend: transactional email delivery (invoice and account emails).
Bank of Canada Valet API: daily USD/CAD exchange rates.
Google Calendar API: optional calendar sync (only if you connect it).
These providers operate under their own privacy policies. We share only the minimum information required to provide each service.
6. Data sharing and sale
We do not sell your personal information. We do not share your data with third parties except:
With service providers listed above, strictly as needed to operate the Service.
When you explicitly direct us to (for example, sending an invoice to a client you've entered).
When required by law, subpoena, or valid legal process.
To protect the rights, property, or safety of Hour Pixel, our users, or the public.
7. Data retention
We retain your account data for as long as your account is active. You can export your data at any time from Settings → Account → Export All Data. To delete your account, contact [email protected]; we will permanently delete your data within 30 days of a verified request.
8. Your rights
Depending on where you live, you may have the right to:
Access the personal information we hold about you.
Request correction or deletion of that information.
Export your data in a portable format.
Withdraw consent for optional features (such as Google Calendar sync) at any time.
Lodge a complaint with your local data-protection authority (e.g. the Office of the Privacy Commissioner of Canada).
Hour Pixel is not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us and we will delete it.
10. International transfers
Hour Pixel is operated from Canada. Your data may be stored on servers in Canada, the United States, or other regions where our service providers (including Google Cloud) operate. By using the Service, you consent to the transfer of your information to these locations.
11. Changes to this policy
We may update this Privacy Policy from time to time. Material changes will be announced in-app or via email. Continued use of the Service after changes take effect constitutes acceptance of the revised policy.
12. Contact
Questions, concerns, or requests regarding your data: Hour Pixel, a service of Renwick Ventures
Canada [email protected]