Todo-it
Sign In Start Free Trial

Privacy Policy

Last updated: November 07, 2025

Our Self-Managed Philosophy

Todo-it is built on the principle of data sovereignty. We believe your personal data belongs to you, not to us. This privacy policy reflects our commitment to minimal data collection, maximum transparency, and your complete control over your information.

1. Information We Collect

1.1 Account Information

  • Email address - Used for account identification and communication
  • Name - Optional display name for personalization
  • Password - Securely hashed and stored (we cannot see your actual password)

1.2 Trial Information

  • Trial start date - When your 7-day trial began
  • Trial expiration date - When your trial ends
  • Download status - Whether you've downloaded the app to your device

1.3 Your Content

  • Pages and todos - Your personal productivity data
  • Theme preferences - Your visual customization choices
  • Settings - Your app configuration preferences

Important: We do NOT collect analytics, tracking data, or behavioral information. We don't use cookies for tracking. We don't sell your data to third parties. Ever.

2. How We Use Your Information

2.1 Essential Services

  • Provide access to your account and data
  • Manage your 7-day free trial
  • Enable app download after purchase
  • Send essential account notifications (password changes, trial reminders)

2.2 Data Processing

Your data is processed only on our secure servers and is never shared with third parties except as required for payment processing (Stripe) and email delivery (SendGrid). These services are bound by their own privacy policies and data protection agreements.

3. Your Data Rights (GDPR Compliance)

3.1 Right to Access

You can export all your data at any time through the app's export feature. This includes all your pages, todos, and account information in a machine-readable JSON format.

3.2 Right to Rectification

You can update your account information at any time through the settings page. You can modify your name, email address, and password as needed.

3.3 Right to Erasure

You can delete your account and all associated data at any time through the settings page. This action is irreversible and will permanently remove all your data from our servers.

3.4 Right to Data Portability

Your data is designed to be portable. After purchasing the app, you can download it to your device and have complete control over your data. You can also export your data in a standard JSON format.

3.5 Right to Object

You can opt out of non-essential communications at any time. We only send essential account-related emails.

4. Data Security

4.1 Technical Safeguards

  • All data is encrypted in transit using HTTPS/TLS
  • Passwords are hashed using bcrypt (industry standard)
  • Database access is restricted and monitored
  • Regular security updates and patches

4.2 Data Minimization

We only collect the minimum data necessary to provide our service. We don't collect analytics, tracking pixels, or behavioral data. We don't use third-party analytics services.

5. Data Retention

5.1 Active Accounts

We retain your data as long as your account is active. This includes both trial and paid accounts.

5.2 Trial Accounts

If your trial expires and you don't purchase the app, we will retain your data for 7 days to allow you to complete your purchase. After 7 days, your data will be permanently deleted.

5.3 Deleted Accounts

When you delete your account, all your data is permanently removed from our servers within 7 days. This includes all pages, todos, and account information.

6. Third-Party Services

6.1 Payment Processing

We use Stripe for payment processing. Stripe handles your payment information according to their privacy policy. We do not store your payment details.

6.2 Email Delivery

We use SendGrid for email delivery. SendGrid processes your email address for delivery purposes only and is bound by their privacy policy.

7. Children's Privacy

Our service is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us.

8. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of any material changes by email or through the app. Your continued use of the service after such changes constitutes acceptance of the new policy.

9. Contact Us

If you have any questions about this privacy policy or your data rights, please contact us at:

Email: privacy@todo-it.app
Subject Line: Privacy Policy Inquiry

Your Privacy Matters: This privacy policy is designed to be transparent and easy to understand. If you have any questions or concerns, we're here to help. Your data sovereignty is our priority.