Privacy Policy

Last updated: June 11, 2026

The short version. FastNook collects only the data needed to run your fasting tracker: your email address, optional display name, your fasting sessions, and your saved schedules. We don't sell your data, we don't show ads, we don't track you across the web, and we don't share data with third parties for marketing. We use Cloudflare to host the app and Amazon SES (via our parent company ApsteQ) to send sign-in codes. When you subscribe to Pro, Stripe processes payments.

1. Who we are

FastNook ("we", "us", "our") is operated by ApsteQ, owned by Arshpreet Singh, based in India. You can reach us at support@fastnook.com.

2. What we collect

2.1 Account data

Email address, used to identify your account and send sign-in codes for passwordless authentication.
Display name (optional), the name you choose when signing up, shown in the app and to support staff if you contact us.
Account creation time, recorded for security and account management purposes.

2.2 Fasting data

Fasting sessions you log, including start time, end time, target duration in hours, and any optional notes you add.
Saved fasting schedules, including names and target hours for your preferred fasting protocols (16:8, OMAD, etc.).
Your fasting history, including streaks, completed fasts, and progress data used to generate insights and trends.

2.3 Authentication and session data

When you sign in, we send a one-time code to your email address and store it temporarily (expires in minutes). We also create a session token stored in your browser. The token expires after 30 days of inactivity. All sign-in codes and session tokens are hashed using SHA-256 before storage in the database.

2.4 What we do not collect

We do not collect: passwords (we use email codes instead), phone numbers, photos, contacts from your device, location, browsing history, advertising identifiers, or any data from third-party services you use. We do not use cookies for tracking.

3. Why we collect it

To create and run your account and authenticate you securely.
To store and display your fasting sessions, schedules, and history so you can track your progress and see trends.
To send transactional email: sign-in codes and account notifications.
To prevent abuse, including rate-limiting sign-in attempts.
To investigate and resolve support issues when you contact us.

We do not use your data for marketing, profiling, advertising, or analytics across other apps and websites.

4. Who we share it with

We share data only with the service providers we use to run FastNook:

Cloudflare (hosting, Workers, D1 database, Pages). Your requests pass through Cloudflare's network. Cloudflare's privacy policy.
Amazon Web Services (Amazon SES), used to send sign-in code emails. Your email address is shared with AWS only at the moment of sending. AWS's privacy policy.
Stripe (when you subscribe to FastNook Pro), to process payments. Your payment information is handled by Stripe and not stored on our servers. Stripe's privacy policy.

We do not share your data with advertisers, data brokers, or analytics platforms. We have no third-party ad networks in the app.

If we are required by law to disclose data (court order, lawful government request), we will respond as required by law and notify you where permitted.

5. Where your data is stored

Your account, fasting sessions, and schedule data are stored in Cloudflare D1 (a SQLite-based database) on Cloudflare's APAC region servers. Sign-in emails are sent via AWS SES in the US East (Ohio) region. Some Cloudflare caching may temporarily replicate static assets globally, but no account or personal data is cached publicly.

6. How long we keep it

Account data and fasting history: retained as long as your account is active.
Sign-in codes: deleted within minutes of issue, or immediately when consumed.
Session tokens: 30-day inactivity expiry.
If you delete your account, all personal data is removed within 30 days, except where retention is required by law.

7. Your rights

Wherever you are, you can:

Access the data we hold about you. Email support@fastnook.com and we'll send you an export.
Correct your display name or email by editing your profile in the app.
Delete your account and all associated data. Email support@fastnook.com and we'll close your account within 7 days.
Withdraw consent to processing by deleting your account.
Lodge a complaint with a data protection authority in your country.

If you are in the EU, UK, or California, you have additional rights under GDPR, UK GDPR, and CCPA respectively. We honour all of them. Contact support@fastnook.com.

8. Children

FastNook is not directed at children under 13 (under 16 in the EU). We do not knowingly collect data from children. If you believe a child has created an account, email support@fastnook.com and we'll remove the account.

9. Security

We protect your data with TLS encryption in transit and at rest, hashed sign-in codes (SHA-256), session tokens hashed before storage, and row-level access controls so one user cannot read another user's data. No system is perfectly secure. If we discover a breach affecting your data, we will notify you within 72 hours where required by applicable law.

10. Local storage

FastNook stores your session token and app preferences in your browser's localStorage and in your device's local database (for the offline-first experience). You can clear these at any time from your browser or app settings. Doing so will sign you out and reset the app.

11. Email communications

We send only transactional email: sign-in codes and account notifications. We do not send marketing email. Every email shows our sender domain and includes contact information for ApsteQ.

12. Changes to this policy

If we materially change this policy, we'll notify you by email at the address on file and post a notice in the app. The "Last updated" date at the top will reflect any change.

13. Contact

Privacy questions, data access, deletion, or anything else: support@fastnook.com.

For postal contact, write to ApsteQ, India. We will respond with a precise address if needed.