Privacy Policy
Last updated: February 19, 2026
1. Introduction
Ezyful Pty Ltd ("we," "our," or "us") operates the Daily Business Idea mobile application and website (collectively, the "App" or "Service"). This Privacy Policy explains what personal information we collect, why we collect it, how we use and protect it, and your rights regarding that information.
By downloading, installing, or using the App, you agree to the practices described in this Privacy Policy. If you do not agree, please do not use the App.
2. Information We Collect
2.1 Account & Authentication Information
When you create an account, we collect:
- •Email address
- •Name (if provided via Google or Apple Sign-In)
- •OAuth provider identifier (Google or Apple) and associated account metadata
- •Profile avatar/photo URL (if provided by your OAuth provider)
- •Account creation date and last login timestamp
2.2 Free Onboarding — Preference Profile
During the standard 7-step onboarding, we collect the following preference data to personalise your daily business idea recommendations. All fields are selected from predefined options; no free-text responses are collected.
| Step | Data Collected | Why We Collect It |
|---|---|---|
| Step 1 — Location | Country (required); City (optional). May use GPS to auto-detect if permission granted. | Match ideas to local markets and economic context. |
| Step 2 — Current Situation | Employment status (e.g., employed full-time, student, unemployed, other). | Understand time and financial constraints. |
| Step 3 — Available Capital | Financial range bracket (e.g., under $500, $500–$5k, $5k–$25k, $25k+). | Match ideas to startup budget. |
| Step 4 — Time Availability | Weekly time commitment (1–5 hrs, 5–15 hrs, or full-time 40+). | Filter ideas by required time commitment. |
| Step 5 — Skills | One or more skills from a fixed list: Marketing, Design, Writing, Development, Sales, Customer Service, Management, Consulting, Social Media, Analysis, Finance, Teaching. | Surface ideas that match your existing capabilities. |
| Step 6 — Industry Interests | 3–5 business categories from: E-commerce, Technology, Digital Products, Content & Media, Services, Education, Health & Wellness, Food & Beverage, Finance, Sustainability. | Prioritise ideas in sectors you care about. |
| Step 7 — Primary Goal | One goal from: Side income, Replace job, Financial freedom, Build an empire, Passion project. | Calibrate idea ambition and scale. |
Location permission: The App requests optional foreground location permission to auto-fill your country and city. No GPS coordinates are stored — only the resolved country name and city text are saved. You can decline this permission and enter your location manually.
2.3 Premium Onboarding — Extended Preference Profile
After activating a Premium subscription, you are invited to complete an additional 4-step onboarding wizard to unlock hyper-personalised recommendations. All steps are optional and can be skipped. This data is used exclusively to further refine your AI-generated preference embedding.
| Step | Data Collected |
|---|---|
| Step 1 — Business Approach | Risk tolerance (conservative / moderate / aggressive), growth speed preference (slow & steady / balanced / fast), preferred work style (solo / small team / build a team), innovation preference (cutting-edge / balanced / proven models). |
| Step 2 — Business Model | Business model type (online / physical / hybrid), customer type preference (B2B / B2C / B2B2C), revenue model preferences (multi-select: e.g., subscriptions, consulting, e-commerce, advertising), target monthly revenue bracket, desired time to launch. |
| Step 3 — Values & Priorities | Passive income priority (yes / no), social impact importance (low / medium / high), sustainability focus (yes / no), self-assessed tech savviness (beginner / intermediate / advanced), industries to exclude from recommendations (multi-select). |
| Step 4 — Personal Context | Age range bracket (e.g., 18–24, 25–34, 35–44, 45+), family situation (single / married / parent with young kids / parent with teens), whether you have a dedicated workspace (yes / no). |
2.4 Behavioural & Interaction Data
As you use the App, we automatically record in-app events including:
- •Business ideas viewed, liked, skipped, or saved
- •Star ratings given to ideas
- •Ideas marked as "not relevant" or reported
- •On-demand idea generation requests (Premium)
- •Idea variation requests (Premium)
- •PDF export events (Premium)
- •Navigation events and screen views
- •Onboarding step completions and drop-offs
These events are stored in our user_behavior_events table, partitioned by month. Partitions older than 12 months are automatically deleted.
2.5 Subscription & Payment Data
All payment processing is handled entirely by Apple (App Store) or Google (Google Play). We never see or store your payment card details. We do receive and store:
- •Subscription tier (free / premium) and current status (active / expired / cancelled)
- •Subscription renewal and expiry dates
- •In-app purchase transaction IDs and original transaction IDs
- •Signed transaction receipts (JWS tokens on iOS; purchase tokens on Android) used solely to verify subscription status with Apple/Google
- •The App Account Token (iOS) or Obfuscated Account ID (Android) — both are your internal user ID, passed to Apple/Google for fraud detection purposes
2.6 Device & Technical Data
- •Device type and operating system (iOS / Android) and OS version
- •App version
- •IP address (used for server-side request routing; not stored in user profiles)
- •Push notification token (if you grant notification permission)
- •App session timestamps
3. How We Use Your Information
| Purpose | Data Used |
|---|---|
| Personalise daily idea recommendations | Onboarding preferences + behavioural data → converted into a 1536-dimension vector embedding using OpenAI; ideas matched via cosine similarity |
| Improve recommendation quality over time | Behavioural events (likes, skips, ratings) are used to incrementally update your preference vector |
| Deliver and manage your subscription | Subscription status, transaction IDs, and Apple/Google receipt data |
| Provide customer support | Account information, subscription status, and app version |
| Prevent fraud and ensure security | App Account Token / Obfuscated Account ID passed to Apple/Google; authentication tokens |
| Analyse aggregate product usage | Anonymised and aggregated behavioural data (no individual-level analysis shared externally) |
| Send push notifications | Push notification token; only sent if you have granted permission and have notifications enabled |
| Comply with legal obligations | Transaction records retained for financial compliance (see §7) |
4. AI, Embeddings & Personalisation
Our recommendation engine works as follows:
- Your onboarding preferences and accumulated behavioural signals are encoded as a 1536-dimension vector embedding using the OpenAI Embeddings API.
- Each business idea in our database also has an embedding. Ideas are ranked by cosine similarity to your preference vector.
- When you like, skip, save, or rate an idea, your preference vector is updated to reflect that signal.
- Your preference vector is stored in our database and is associated with your user ID. It is not shared with third parties.
When we call the OpenAI API to generate your embedding, we transmit your preference data (e.g., "skills: Marketing, Design; goal: side-income; location: Australia") in text form. OpenAI's API is used under a data processing agreement; OpenAI does not use API inputs to train its models. See OpenAI's privacy practices for details.
5. Data Sharing & Disclosure
We do not sell your personal data. We share data only in the following circumstances:
- •Infrastructure & Hosting: Supabase (PostgreSQL database, authentication, Edge Functions) — our primary data processor, operating under a data processing agreement.
- •AI Processing: OpenAI — preference text is sent to the Embeddings API to generate your recommendation vector. Not used to train OpenAI models.
- •Apple & Google: App Store and Google Play receive your user ID (App Account Token / Obfuscated Account ID) for fraud prevention during in-app purchases, as required by their billing systems.
- •Legal Requirements: We may disclose data when required by law, court order, or to protect the rights, safety, or property of Ezyful, our users, or the public.
- •Business Transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred to the acquiring entity, subject to the same privacy protections.
- •With Your Explicit Consent: For any other purpose, only when you have given clear consent.
6. Data Security
We implement appropriate technical and organisational security measures including:
- •Row Level Security (RLS) on all database tables — users can only access their own data
- •Auth tokens required for all API calls
- •Encrypted storage of sensitive tokens using device secure storage (SecureStore on iOS, EncryptedSharedPreferences on Android)
- •HTTPS/TLS for all data in transit
- •Supabase infrastructure with SOC 2 compliance
No method of transmission or storage is 100% secure. We encourage you to use a strong password and to contact us immediately if you suspect unauthorised access to your account.
7. Data Retention
| Data Type | Retention Period |
|---|---|
| Account profile and preferences | Until account deletion |
| Saved ideas | Until account deletion or manual removal |
| Behavioural event records | Rolling 12 months (older partitions auto-deleted) |
| Preference vector embedding | Until account deletion |
| Active subscription data | Until account deletion |
| IAP transaction records (anonymised) | 7 years (financial compliance requirement) |
| Server logs | Up to 30 days |
8. Your Privacy Rights
Depending on your location (including under GDPR, CCPA, and Australian Privacy Act), you may have the right to:
- •Access the personal data we hold about you
- •Correct inaccurate or incomplete data
- •Delete your account and associated personal data
- •Request a portable copy of your data
- •Withdraw consent for optional data processing
- •Object to or restrict certain types of processing
- •Opt out of marketing communications
- •Lodge a complaint with a supervisory data protection authority
To exercise these rights, contact us at [email protected]. We will respond within 30 days.
9. Account Deletion
You have the right to request deletion of your account and all associated data at any time.
How to Delete Your Account
You can request account deletion in two ways:
- 1.Within the App: Open the Daily Business Idea app → Settings → Delete Account.
- 2.Web Portal: Visit our Account Deletion Portal to request deletion without installing the app.
Deletion Process
- 1.You submit a deletion request via the app or web portal
- 2.We send a verification email to confirm your identity
- 3.Your account is marked for deletion with a 30-day grace period
- 4.You can cancel the deletion anytime within 30 days by signing in
- 5.After 30 days, your account and all associated personal data are permanently deleted
What Gets Deleted
When your account is permanently deleted, the following are removed:
- •Account profile, email address, and authentication records
- •All onboarding preference data (both free and premium)
- •AI preference vector embedding
- •All saved business ideas
- •Behavioural event history
- •Subscription status records
- •Push notification token
Note on Transaction Records: In-app purchase transaction records are anonymised (not deleted) to comply with financial record retention laws (7-year period). The anonymised records retain only the transaction ID, amount, and date — they cannot be linked back to your identity after account deletion.
Subscription note: Deleting your account does not automatically cancel your App Store or Google Play subscription. You must cancel your subscription separately through your device's subscription management settings to stop future charges.
10. Children's Privacy
Our Service is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected data from a child under 13, please contact us at [email protected] and we will delete it promptly.
11. International Data Transfers
Our infrastructure providers (Supabase, OpenAI) may process your data in countries outside your home jurisdiction. Where required, we rely on standard contractual clauses or equivalent mechanisms to ensure adequate protection.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page, updating the "Last updated" date, and where appropriate notifying you within the App. You are advised to review this policy periodically.
13. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:
Company: Ezyful Pty Ltd
App: Daily Business Idea
Privacy Email: [email protected]
Website: Contact Form