Privacy
Your data, plainly stated
You are navigating a stressful process. The last thing you need is a privacy policy full of legalese. Here is exactly what we collect, what we never touch, and what you can do with your data at any time.
1. What we collect
When you sign in with Google, we store three pieces of information from your account: your name, your email address, and your Google account identifier. We do not receive your Google password, your contacts, your Drive files, or anything else from your Google account.
Beyond that, we store only what you choose to add: the applications you create, the milestone dates and notes you save, and any visa-office or complexity details you enter. If you claim a row in the community tracker, we link your account to that row.
Cloudflare's edge network tells us an approximate country when you visit (for example, "CA" if you are connecting from Canada). We use this to understand where our users are coming from in aggregate. We do not log or store your IP address.
2. What we never collect
Data minimization
We never ask for your UCI, application number, passport number, date of birth, home address, employer letters, or any uploaded immigration documents. Please do not enter official identifiers or sensitive documents anywhere on Track Your App.
This is intentional. The app works entirely on milestone dates and application milestones. Official identifiers are not needed and are not welcome here. If you find a field that seems to invite that kind of information, please let us know via the contact page.
3. No analytics, no advertising, no third-party trackers
Track Your App runs no analytics platform, no advertising network, and no third-party trackers. There is no Google Analytics, no Meta Pixel, no Hotjar, and no similar service embedded on these pages.
We use only the cookies needed to sign you in and keep you signed in: a session cookie, plus the standard security cookies the Google sign-in flow sets while it verifies the handshake. We set no analytics, advertising, or tracking cookies of any kind, and if you never sign in, you can browse the whole site without a login cookie.
4. How your data is stored and who can access it
All data is stored in Cloudflare D1, a SQLite-based database that runs on Cloudflare's global infrastructure. Traffic to and from the site is encrypted in transit over HTTPS. Data at rest is protected by Cloudflare's standard infrastructure-level controls. We do not operate our own encryption layer on top of that, and we will not claim to.
Your data is isolated in the database by your user identifier. Every query that touches your records is scoped to your account in code. No other signed-in user can read your milestones or applications.
Access to the production database is limited to the project maintainers. We do not sell, rent, share, or otherwise disclose your personal information to any third party for commercial purposes.
5. The community tracker and sheet writeback
The application draws from the community IRCC PR Master Tracker, a public Google Sheet maintained by and for Express Entry applicants. If you claim your row in that tracker and update your milestone dates or add a visa office, those changes write back to the public Sheet via a service account we operate.
We write only the fields you edit: milestone dates, complexity, and visa office. We never write your username, stream, or AOR date back to the Sheet from our side, because those fields are already there from your own entry and belong to the community, not to us.
Because the Sheet is public, anything visible there is visible to anyone who reads it. If you claim a row, only do so for a row that is already yours.
6. Who else is involved
Three services touch this application:
- Google handles sign-in. We request only the basic scopes:
openid,email, andprofile. We never request access to your Google Sheets, Drive, Gmail, or any other Google service. We have no ability to read, modify, or delete anything in your Google account beyond the name and email address your account provides at sign-in. - Cloudflare hosts the application and the database. Traffic passes through Cloudflare's network. Cloudflare's privacy policy governs what it retains at the network layer.
- IRCC and Statistics Canada supply public datasets (draw history, processing times, invited-candidate demographics) that we display. Those are open government data. No personal information flows between us and those sources.
7. Your controls
You have three controls available at any time:
- Download your data. Use the Download my data button in your profile to get a JSON file with everything we have stored for your account. (Technically, a signed-in
GET /api/v1/profile/export.) - Delete an application. From your hub card, you can delete any individual application. This removes the application, its milestones, and any associated notes from our database. It does not affect your row in the community tracker.
- Delete your account. You can delete your entire account from your profile settings. This removes your profile, all your applications and milestones, and your sign-in record from our database. What stays: your row in the community Google Sheet, if you contributed one. That row belongs to the community, not to us, and we do not own or control it.
8. Safety and breach notice
We take reasonable steps to protect the personal information we hold. If a security incident affects personal data, we will notify affected users by email (using the address on file) and post a notice on the site. We will act promptly to contain the incident and to understand what happened.
To report a privacy or security concern, email admin@trackyourapp.ca with “Security” in the subject line.
9. Questions or concerns
If you have a question about this policy, want to exercise any of your data controls, or have spotted something that does not look right, please reach us via the contact page.
Last updated: 2 July 2026.
