Bento Start ← Back to Dashboard

Privacy Policy

Last updated: May 23, 2026

Overview

Bento Start ("we", "our", or "the app") is a personalized browser start-page dashboard hosted at seventyseven.net/bento. This policy explains what data we collect, how it is stored, and your rights regarding that data. We are committed to your privacy. We do not sell, rent, or share your personal information with third parties.

Data We Collect

Bento Start collects only the data you provide to set up and use your dashboard. Where that data lives depends on whether you sign in:

Local mode (no sign-in):

Dashboard data is stored only in your browser's localStorage and is not transmitted to our servers.

Signed-in mode (Google account):

Dashboard data is stored in our database (hosted on Supabase) so it can sync across devices. Your Google OAuth tokens are stored in your browser's localStorage only.

The data we collect, in either mode, is limited to:

  • Your name — used to personalize the greeting card.
  • Dashboard layout — card positions, sizes, and arrangement.
  • Card content — section titles, link labels, and URLs you have added.
  • Preferences — greeting mode, theme, optional address for directions, and any optional status line text.
  • Recent searches — the last few queries you typed into the search card, kept so you can re-run them quickly.
  • Account info (signed-in mode only) — your Google name and email, used to identify your account.

Data We Do Not Collect

  • We do not collect analytics, telemetry, or usage data.
  • We do not use cookies or tracking pixels for advertising or tracking.
  • We do not collect device identifiers or precise location data.
  • We do not sell, rent, or share your personal information with third parties.
  • We do not use your data, including Google user data, to train AI/ML models or to serve advertising.

Third-Party Services

Bento Start loads resources from third-party CDNs to render the interface. These requests are subject to the respective providers' own privacy policies:

  • Google Fonts — Loads the Inter typeface. Google may log font requests. Google Privacy Policy
  • Tailwind CSS CDN — Loads the utility CSS framework. Tailwind Privacy Policy
  • Google Search & Google Maps — Used when you submit a search query or directions request. These interactions are governed by Google's privacy policy and are initiated only by your explicit action. Google Privacy Policy
  • External links — Clicking any link in your dashboard opens a third-party website in a new tab. We have no control over those sites' data practices.

Where Your Data Lives & Your Control

Local mode: all data lives in your browser's localStorage. You can clear it at any time via your browser's developer tools or "Clear Site Data" option, and your data does not sync between devices or browsers.

Signed-in mode: dashboard data is stored in our database (Supabase) and synced across the devices you sign in on. The database is encrypted at rest, protected by row-level security so only you can access your records, and hosted on infrastructure with SOC 2 controls.

In either mode you remain in control:

  • Edit or remove any card, link, or preference directly in the app at any time.
  • Sign out to immediately remove your Google tokens and authenticated session from the device.
  • Delete your account directly from the app (My Account → Delete Account) to erase your stored data from our servers immediately. See "Data Retention & Deletion" below.

Google User Data

If you choose to connect your Google Account, Bento Start requests the following limited Google user data via Google OAuth:

  • Basic profile information (name, email address) — used to identify your session.
  • Google Calendar (read-only) via the calendar.readonly scope — used to display today's events on your dashboard.

Bento Start's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. We do not use Google user data to train AI/ML models, serve advertising, or share with any third party.

Data Protection & Security

We apply the following measures to protect your data, including any sensitive Google user data:

  • Encryption in transit. All connections use HTTPS/TLS. Calendar events are fetched directly from Google's API to your browser over an encrypted channel.
  • OAuth 2.0. Authentication uses Google's standard OAuth 2.0 flow via Supabase Auth. Bento Start never sees or stores your Google password.
  • Token storage. Google access and refresh tokens are stored only in your browser's localStorage, scoped to this origin, and are not transmitted to any third party.
  • Server-side handling. Token refreshes are performed by a Supabase Edge Function over HTTPS using the Google client secret stored as an encrypted environment variable. Refresh tokens are not logged or persisted server-side.
  • No calendar data at rest. Calendar event content is rendered in-memory in your browser and is never written to our database, logs, or any persistent server-side store.
  • Least privilege. We request only the read-only calendar scope needed to display events. We do not request write, delete, or any broader Google scopes.

Data Retention & Deletion

We retain data only for as long as needed to provide the service, and you can remove it at any time:

  • Calendar event content — not retained. Events are fetched on demand and discarded when the page closes.
  • Google OAuth access & refresh tokens — kept in your browser's local storage until you sign out, clear site data, revoke access, or delete your account. Signing out immediately removes them from your device.
  • Dashboard data (cards, links, preferences) — retained while your account is active so it can sync across devices. Deleted immediately when you remove items in-app, or in full when you delete your account.
  • Basic Google profile (name, email) — stored alongside your Bento Start account record so you can sign back in. Removed within 30 days of account deletion.

How to delete your data:

  • Delete your account in-app — open My Account from the menu and choose Delete Account. You will be asked to type delete account to confirm. On confirmation, all of your dashboard data (cards, links, preferences) is immediately deleted from our database, you are signed out, and locally cached data is cleared from your browser. This action cannot be undone.
  • Sign out in Bento Start to clear Google tokens from your browser without deleting any cloud data.
  • Revoke access to Bento Start at any time from your Google Account at myaccount.google.com/permissions. This invalidates any tokens we hold but does not delete your stored dashboard data — use the in-app delete option for that.
  • Email request — if you have lost access to your account or need help, email won@wjystudios.com from the address on your account. We will confirm and complete deletion within 30 days.

A note on the underlying auth record: in-app account deletion removes all of your application data (cards, links, preferences) from our database. A minimal authentication record (a user ID linked to your Google sign-in) remains in our auth provider so that the same Google account cannot be silently re-linked to your old data. To have that record fully purged, send an email request as above and we will remove it within 30 days.

Children's Privacy

Bento Start is not directed to children under 13 and we do not knowingly collect personal information from them. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at won@wjystudios.com and we will delete it.

Changes to This Policy

We may update this policy as the app evolves (for example, if cloud sync or user accounts are added). The "Last updated" date at the top of this page will reflect any changes. We encourage you to review this policy periodically.

Contact

Questions about this privacy policy? Reach us at won@wjystudios.com.