Privacy Policy for Next Day
Last updated: July 16, 2026
Overview
Next Day is a hobby project. We are committed to protecting your privacy. This policy explains our practices regarding data collection and use in the Next Day app and on this website.
Local-first by default
Next Day works entirely offline by default. The app does not collect analytics, track usage, or access your contacts, location, or any personal data. All your plans and activities are stored only in your device's local storage unless you explicitly opt into cloud backup.
This website sets no cookies and runs no analytics.
Google Calendar data
Next Day offers an optional, one-way Google Calendar sync. If you choose to connect your Google account, the app requests the read-only calendar events scope (calendar.events.readonly) and uses it as follows:
- What is accessed: the events of the single day you sync — their titles, start times, and durations — from your primary calendar.
- How it is used: the events are mirrored into that day's plan as read-only activities, so they appear in your timeline and receive start-time notifications. That is the only use.
- Where it is stored: on your device, in the app's local database. Calendar data is never sent to our servers in readable form. If you use the optional cloud backup, it is included only inside your end-to-end encrypted snapshot, which we cannot decrypt.
- What is never done: Next Day never creates, modifies, or deletes events in your calendar; never shares or sells your Google data; and never uses it for advertising or profiling.
- Revoking access: disconnect at any time in the app's settings, or revoke Next Day's access from your Google Account permissions. Previously mirrored activities can be removed by re-syncing or deleting the day.
Next Day's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.
Optional end-to-end encrypted cloud backup
Next Day offers an optional cloud backup feature with end-to-end encryption. Participation requires an invite code. If you use cloud backup:
What we store
- Your chosen username and a cryptographic key derived from your passphrase (via PBKDF2). We never store your passphrase itself.
- Device tokens (stored as SHA-256 hashes) used to authenticate your devices.
- Encrypted backup files. Your data is encrypted on your device before it is uploaded — we cannot read the contents of your backups.
What we do not store
- Your name, email address, or any other contact information.
- Your passphrase or encryption key. The server only stores a separate auth-key derived from your passphrase; your encryption key never leaves your device.
- Any unencrypted copy of your data.
Backups are stored on Cloudflare R2 (object storage). Up to 5 backup snapshots are retained per account; older ones are deleted automatically.
Data deletion
You can delete your account and all associated backups at any time by contacting us (see below). Upon deletion, all stored tokens, your username mapping, and all backup files are permanently removed. Local data is deleted by clearing the app's data or uninstalling it.
Hobby project disclaimer
Next Day is a hobby project developed without commercial intent. As such:
- It is provided "as is" without warranty of any kind.
- There is no guarantee of continued maintenance or support.
- Features or the project itself may change or be discontinued at any time.
- We provide no SLA (Service Level Agreement) or uptime guarantees.
Disclaimer of liability
To the fullest extent permitted by law, the creators of Next Day assume no liability for:
- Data loss or corruption
- Loss of files or documents
- Any damages arising from the use of this app
- Security vulnerabilities or exploits
Use this app at your own risk. Maintain your own backups for important data.
Security considerations
- Cloud backups are end-to-end encrypted. Your device encrypts the backup before upload and decrypts it after download — we never have access to your data in plaintext.
- We cannot guarantee the app is free from security vulnerabilities.
- We do not provide professional security audits or guarantees.
- If you discover a security issue, please disclose it responsibly.
Changes to this privacy policy
We may update this privacy policy at any time. Changes will be posted on this page with an updated "Last updated" date.
Contact
For questions about this privacy policy or to request account deletion, email privacy@memfish.app.
Summary: Next Day is local-first and collects no data by default. Google Calendar access is optional, read-only, and stays on your device. The optional cloud backup feature stores your username and encrypted backups on our servers — your passphrase and encryption key never leave your device. As a hobby project, it comes with no warranties or guarantees.