Privacy Policy

Latest update: 2024-04-01

Introduction

This Privacy Policy explains how the service (as defined in the Legal Notice) collects personal information and user data, for what purposes, and how this information could be managed with third parties.

Personal information, in the website:

The website may collect personal information with the following purposes:

User registration in mailing lists and service information newsletters

The application collects the following personal information:

Contact data: name and email address

Personal information, in the application:

The appplication collects personal information with the following purposes:

User authentication: to allow identifying the user of the service.
User authorization: to allow authorizing the use of the service and the access to the allowed information.
Application monitoring: to monitor the use of the service for operations management.

The application collects the following personal information:

Profile: user name and email address.
Account: the legally required individual or business name, address, etc. as needed for invoicing the service and legal purposes.
Application usage: technical data about the access and use of the service, including the IP address of the client machine.

Personal information, with third parties:

By using the service, the user may share limited personal information with the following third party services:

Okta Auth0 Universal Login:

The Okta Auth0 log-in/sign-up page, used by the application, may collect some personal information (e.g. email address) to help secure the access of the user to their user data. No user application data (tasks, notes, etc.) are transferred from the service to any Okta Auth0 servers. The user’s password used to access the service is stored at Auth0 servers and is never shared with us.

Stripe Checkout:

The Stripe checkout page, used by the application, may collect personal information to secure the processing of the user’s payments and help protect and prevent credit card fraud. User’s credit card number and its details are never trasmitted from the Stripe servers to the application, thus, user’s credit card number or any other details are never stored by us. Also, no user data (tasks, notes, etc.) are transferred from the service to any Stripe server.

User data, in the application:

In-transit and server-side encryption:

The User Data (tasks, projects, notes, etc.) entered by the users when using the application are encrypted, at the user’s computer by their Internet browsers, before sent over the Internet to the servers hosting the service. This information is then encrypted again before being stored at the datacenters. All user’s application data remains encrypted in the datacenter servers when it is not accessed by the user.

Right to erasure:

The users can delete at any time their profile with all their application data (tasks, notes, etc.). However, some accounting and payment data related to the use of the service may be archived for some extended period due to legal requirements.