Privacy Policy
Last updated: 12 June 2026
Menifest ("Menifest", "we", "us") provides a dashboard that brings money, tasks, health and business data onto one screen. This policy explains what we collect, how we use it, and the choices you have. It applies to the Menifest web app at app.menifest.eu and the Menifest iOS and Android apps.
1. Information we collect
- Account information — your name and email address, provided when you sign up (directly or via Google Sign-In) and used to authenticate you.
- Data you enter — the clients, leads, revenue, tasks, expenses, notes, goals, health logs and other records you create in the app.
- Connected-service data — when you choose to connect an integration, we access only the data needed for that feature (see section 3).
- AI keys (BYOK) — if you connect your own AI provider key, it is stored encrypted at rest and used only to make requests you initiate.
- Technical data — basic, privacy-respecting product analytics (e.g. which pages are used) to improve the app.
2. How we use your information
We use your information solely to operate and improve Menifest: to authenticate you, store and display the data you create, power the features you turn on, provide support, and keep the service secure. We do not sell your personal information, and we do not use it for advertising.
3. Google user data
If you connect a Google account, Menifest requests only the scopes needed for the feature you enable:
- Google Calendar (
calendar.events) — to show your upcoming meetings on your dashboard and let you create, edit or delete events from within Menifest. - Google Analytics (GA4) (
analytics.readonly) — to read your own website traffic metrics and display them in your ads/marketing dashboard. - YouTube (
youtube.readonly,yt-analytics.readonly) — to read your own channel and video statistics and display them in your social dashboard. - Basic profile (
email,profile,openid) — to sign you in and create your account.
This data is fetched on demand to render these features. OAuth tokens are stored encrypted at rest. We access only your own data, only while your connection is active, and only to provide the features above.
Limited Use disclosure. Menifest's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements. We do not use Google user data for serving advertisements, we do not sell it, and we do not allow humans to read it except with your explicit consent, for security or to comply with law, or where the data is aggregated and anonymized.
4. How your data is stored and secured
Your data is stored with our infrastructure providers (Supabase for the database and storage; Vercel for hosting). Access is scoped per workspace and enforced by row-level security. Sensitive values — OAuth tokens and any AI keys you provide — are encrypted at rest. All traffic is served over HTTPS.
5. Sharing
We share data only with the sub-processors that run the service (e.g. our database, hosting and, if you use it, the AI provider whose key you supplied), and only as needed to operate Menifest. We may disclose data if required by law. We never sell your data.
6. Your choices and rights
- Disconnect an integration at any time in the app, or revoke Menifest's access from your Google Account permissions page. Revoking deletes the stored tokens for that connection.
- Export or delete your data — you may request access to, correction of, or deletion of your account and data by contacting us.
7. Data retention
We keep your data while your account is active. When you delete your account, we delete your associated data, except where we must retain limited records to comply with legal obligations.
8. Children
Menifest is not directed to children under 16 and we do not knowingly collect their data.
9. Changes
We may update this policy; material changes will be reflected by the "Last updated" date above.
10. Contact
Questions about this policy or your data: office@splitagency.eu.