dayliWORK
Sign inStart free

Privacy

What we collect, why, and how to ask for it back.

We try to write this like a person. If anything is unclear, email privacy@dayli.work and we'll fix it.

Last updated: April 25, 2026.

Who we are

dayli.work is operated by Noral, Inc. ("Noral|AI"), based in Tampa, Florida, USA. The product is a calendar-connected project management tool. If you have a privacy question, email privacy@dayli.work.

What we collect

Account info: your name, email address, and (optionally) profile fields you fill in yourself — title, pronouns, phone, mailing address, working hours, time zone, locale, and links you choose to share. You can edit or remove any of this from your Profile page.

Google account data (only if you connect Google): your name, email, and profile photo from Google, plus read/write access to your Google Calendar so dayli can sync time blocks. We do not read your Gmail, Drive, contacts, or anything else. We store the access and refresh tokens we need to keep your calendar in sync, encrypted at rest. You can disconnect Google any time and we delete the tokens.

Product content: the projects, tasks, comments, time blocks, and other things you put into the product. This is yours. We don't sell it, share it with advertisers, or use it to train AI models.

Usage telemetry: minimal logs (page hits, error traces) for keeping the product up. No third-party trackers, no ad pixels, no Google Analytics.

How we use it

To run the product. To send you email you asked for (sign-in links, mentions, daily digest if enabled). To send you billing email if you upgrade to a paid plan. That's it.

We do not use Google user data, or anything you put into the product, to train any AI model. The AI features that exist (auto-schedule, natural-language input) call a zero-retention model API: prompts and responses are not stored or trained on by the model provider.

Where it lives

On Vercel (web app), Neon (Postgres database), and Resend (sign-in and notification emails) — all in the United States. If you connect Google, your calendar tokens are stored in the same Neon database, encrypted at rest.

Your rights

You can export all your data (JSON, CSV, or Markdown) any time from your account. You can delete your account and everything associated with it; we keep encrypted backups for 30 days for disaster recovery and then permanently delete. If you're in the EU/UK, GDPR rights of access, rectification, erasure, restriction, portability, and objection apply — email us and we'll respond within 30 days.

Cookies

We set a session cookie (so you stay signed in) and a theme preference cookie. No third-party cookies, no advertising cookies, no tracking cookies.

Children

dayli.work is not intended for use by children under 16, and we do not knowingly collect their data.

Changes

If we change this notice, we update the “last updated” date at the top and email registered users when changes are material.

Questions? privacy@dayli.work