Privacy policy for ToDoPlanify
Last Updated: 19 September 2024
1. INTRODUCTION
1.1 Overview
This Privacy Policy (the "Policy") outlines how All in global software S.R.L ("Company", "we", "us", or "our"), a corporation registered in Romania, with its principal office at Village of Moisei, Commune of Moisei, Nr. 122, Maramures County, collects, uses, stores, and protects your personal data. By using the services provided through ToDoPlanify (the "Platform"), you agree to the terms and practices described in this Policy. If you do not agree with this Policy, you must stop using the Platform immediately.
1.2 Applicability
This Policy applies to all individuals accessing the Platform, whether they are registered users or browsing as visitors. We are committed to protecting your privacy and ensuring that your personal information is handled securely and in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and other relevant regulations.
1.3 Updates to the Policy
We reserve the right to update or modify this Policy at any time. Changes to the Policy will be posted on the Platform, and your continued use of the Platform after such changes constitutes your acceptance of the updated Policy. We encourage you to review this Policy periodically for any updates.
2. INFORMATION WE COLLECT
2.1 Types of Information
We collect personal information that you provide to us directly, as well as information that is automatically generated or obtained from third parties when you interact with the Platform. The types of information we collect include:
2.2 Information You Provide
When you register for an account, make a purchase, or interact with our services, we collect the following information:
2.2.1 Registration Information
This includes your full name, email address, password, billing address, and any necessary invoicing details, such as tax identification numbers. We use this information to create your account and provide you with access to the Platform.
2.2.2 Communication Information
Any information you provide when contacting customer support, completing surveys, or giving feedback is stored securely. This may include opinions, preferences, and other relevant data shared during interactions with our team. We collect this information to improve our services and provide better customer support.
2.2.3 Billing Information
We do not process or store your payment data directly. Payment processing for services is securely handled by third-party providers, such as Stripe or PayPal. We only retain the necessary billing information for invoicing purposes, such as your name, billing address, and transaction details provided by these services. Your payment data is handled according to the terms and privacy policies of the third-party providers.
3. AUTOMATICALLY COLLECTED INFORMATION
3.1 Device Information
When you use the Platform, we automatically collect certain data about your device and usage. This helps us ensure the functionality and security of the Platform, as well as improve the user experience.
3.2 Identifiers
We collect your IP address, device ID, browser type, and operating system to ensure the proper functionality and security of the Platform. This information is also used for fraud prevention and troubleshooting.
3.3 Usage Information
We record details about your interactions with the Platform, such as pages visited, features used, and transaction history. This helps us improve the user experience and optimize platform performance.
3.4 Cookies and Tracking Technologies
We use cookies and similar technologies to enhance your experience and track usage trends. For further details, please review our Cookie Policy, which explains how we use cookies and how you can manage your preferences regarding cookies.
3.4 COOKIES AND SIMILAR TECHNOLOGIES
3.4.1 What Are Cookies?
Cookies are small text files stored on your browser or device's hard drive. They contain information that helps us track your activity on the Platform and distinguish you from other users. This allows us to enhance your browsing experience and ensure the Platform operates effectively.
3.4.2 Types of Cookies We Use
We use several types of cookies to collect data about your usage of the Platform, enabling us to improve services and customize content for you. These include:
Strictly Necessary Cookies
These cookies are essential for the operation of the Platform and provide core functionalities like user authentication and security. Without these cookies, certain features of the Platform would not be accessible.
Functional Cookies
Functional cookies allow us to recognize you when you return to the Platform. This enables us to personalize content, greet you by name, and remember your preferences, such as your choice of language or region. These cookies enhance your user experience by ensuring the Platform functions in line with your preferences.
Analytical and Advertising Cookies
At this time, we do not use analytical cookies or advertising cookies. If we introduce such cookies in the future to better understand user behavior or to improve our services, we will update this policy and notify you accordingly. You will have the option to manage your preferences regarding these cookies at that time.
3.4.3 Third-Party Cookies
We may also use cookies from third-party service providers to facilitate certain functionalities like payment processing or image optimization. These providers include:
Stripe
We rely on Stripe to securely handle payment processing. Stripe cookies help manage your transactions and ensure a smooth checkout process. These cookies typically remain active for the duration of your session.
Third-Party Service Providers
Payments are processed through third-party providers such as Stripe or PayPal. Please note that your interactions with these services are governed by their respective privacy policies, and we encourage you to review them to understand how your payment information is handled.
3.4.4 Managing Your Cookie Preferences
You can control how cookies are used by adjusting your browser settings to block or delete cookies. However, please note that blocking essential cookies may limit your access to certain features of the Platform. You can also set your browser to notify you when a cookie is being sent to your device.
3.4.5 Cookie Expiration
The cookies we use have different lifespans depending on their purpose. Some cookies are session-based and expire once you close your browser, while others may remain on your device for a longer period to help us recognize you when you return to the Platform. You can manage and delete cookies through your browser settings at any time, giving you full control over their storage duration.
4. HOW WE USE YOUR INFORMATION
4.1 Providing Services
Your personal data is essential for us to fulfill our obligation to deliver the services you signed up for. This involves using your registration details, such as your name and email address, to create and manage your account. We also process information you generate while interacting with the Platform, including device identifiers and data about how you use our services, such as transaction details. Additionally, if you enable certain functionalities, like location-based features, we may use your geolocation data to provide those specific services.
4.2 Enhancing and Monitoring the Platform
To continuously improve the Platform, we rely on information gathered from your use of our services. This includes data like the type of device you use, its operating system, and usage patterns. These details help us refine the platform and ensure its functionality runs smoothly. By analyzing these insights, we can address performance issues and make improvements that benefit all users.
4.3 Support and Handling Requests
When you reach out to us for help, we use the information you provide, along with data associated with your account, to resolve any issues or answer your questions. This might involve resetting a password or troubleshooting a problem. The data we process in these cases typically includes your registration information and any details shared during the support request.
4.4 Conducting Usage Analysis
We evaluate how our users interact with the Platform in order to enhance user experience and optimize our services. By gathering anonymized data from your activities, such as how you use certain features, we generate reports that help us better understand user needs. This allows us to make informed decisions regarding future updates or new features.
4.5 Marketing and Communication Preferences
You may receive notifications or marketing emails from us regarding updates or promotions related to the Platform. You can opt out of such communications at any time by following the unsubscribe link provided in the emails or by adjusting your notification preferences in your account settings.
4.6 Fraud Prevention and Legal Obligations
To protect the integrity of our services and comply with legal requirements, we may monitor activities on the Platform for fraudulent behavior or misuse. This includes taking steps to investigate and address any suspicious actions. If legal disputes arise, we may use the relevant data to defend against claims or ensure compliance with legal obligations.
4.7 Conducting Surveys and Research
Occasionally, we may invite you to participate in surveys or provide feedback on the Platform. These initiatives help us understand our user base better and improve the services we offer. Your participation is entirely voluntary, and if you choose to take part, we will process the data you provide as part of the survey or research.
5. SHARING YOUR INFORMATION
5.1 No Selling of Data
We do not sell or share your personal data with third parties for marketing purposes. Your personal information remains protected and is only used for the purposes outlined in this Policy.
5.2 Service Providers
We may share your information with third-party companies that provide services on our behalf, such as payment processing (e.g., Stripe, PayPal), hosting, customer support, or data analytics. These providers are contractually obligated to protect your data and may only use it for the services they provide to us.
5.3 Legal Compliance
If required by law or in response to lawful requests from public authorities, including for national security or law enforcement purposes, we may share your information to comply with legal obligations.
5.4 Business Transfers
In the event of a merger, acquisition, or sale of assets, your personal data may be transferred to the acquiring company. In such cases, we will notify you of any changes to how your data is managed.
6. DATA SECURITY
6.1 Security Measures
We implement appropriate technical and organizational measures to safeguard your personal data against unauthorized access, disclosure, alteration, or destruction. These measures include data encryption, secure servers, and internal security reviews to help ensure that your data remains protected.
6.2 Limitations of Security
Please note that no method of transmission over the Internet or electronic storage is 100% secure. While we take reasonable measures to protect your data, we cannot guarantee its absolute security. We encourage you to take your own precautions to protect your data when using the Platform.
6.3 Data Breach Response
In the event of a data breach, we will promptly assess the situation and notify affected individuals if their personal data has been compromised. We will also notify the relevant authorities as required by GDPR and other applicable data protection laws.
7. USER REQUEST LIMITATIONS
7.1 Right to Verify Identity
To ensure the protection of your personal data, we may require you to verify your identity before processing any request related to your rights under this Policy. If we are unable to verify your identity based on the information provided, we reserve the right to decline your request. This is done to prevent unauthorized access or tampering with your personal data.
7.2 Reasonable Requests Only
We reserve the right to decline requests that are deemed unreasonable, excessive, or unfounded. If a user submits repeated or excessive requests regarding their data or other rights, we may charge a reasonable fee to cover administrative costs or decline to respond if the request is manifestly unfounded or excessive.
7.3 Data Retention Limitations
We are not obligated to retain personal data beyond the periods necessary to fulfill the purposes for which it was collected or as required by applicable laws. Once the retention period has passed, we may delete, anonymize, or otherwise dispose of the data in a secure manner. Requests for access to data that has already been deleted or anonymized may not be fulfilled.
7.4 Technical Limitations
Certain technical limitations may prevent us from fulfilling certain requests fully, such as data removal requests from backup systems or archives. We will take all reasonable steps to honor such requests but cannot guarantee complete deletion from all systems, particularly in backup or disaster recovery scenarios. In such cases, your data will continue to be protected and isolated.
7.5 Legal Exceptions
In some cases, we may be legally required to retain or process certain data despite your request. This includes situations where we are required to comply with legal obligations, regulatory requirements, or court orders. In such cases, we will inform you of the legal basis for retaining or processing your data.
8. CONTACT AND COMPLAINTS
8.1 Questions and Feedback
We welcome any questions, comments, or requests regarding this Privacy Policy or how we handle your personal data. For more detailed information about our practices and frequently asked questions, please review the Security, Privacy, and GDPR section on our website. If you need further clarification, feel free to contact us through the contact form available on our website or by emailing us at support@todoplanify.com.
8.2 Filing Complaints
If you believe that your personal data has been processed in a way that violates this Policy or any applicable data protection laws, we encourage you to reach out to us directly. You can file a complaint by contacting us via the contact form on our website, or by sending an email to support@todoplanify.com. We will strive to address your concerns as quickly and efficiently as possible.
8.3 GDPR and International Complaints
If you are located in the European Economic Area (EEA) or the United Kingdom (UK) and are not satisfied with how we have handled your complaint, you can submit your concerns via email or through a designated form that will be available on our website. We are committed to resolving all data protection issues in compliance with both the EU GDPR and the UK GDPR, where applicable.
9. GDPR COMPLIANCE AND DATA PROCESSING
9.1 Applicability
This section applies to Users located in the European Economic Area (EEA) or whose personal data is subject to the General Data Protection Regulation (EU) 2016/679 ("GDPR"). By using the Platform, you acknowledge that your personal data may be processed by the Company in accordance with this section.
9.2 Data Controller
For the purposes of the GDPR, the Company acts as the data controller in relation to the personal data processed through the Platform. The Company is responsible for determining the purposes and means of processing your personal data.
9.3 Legal Basis for Processing
We process your personal data on the following legal bases: a) Performance of Contract: Processing is necessary to fulfill the contract between you and the Company for your use of the Platform; b) Consent: When you have provided clear consent for us to process your personal data for specific purposes; c) Legitimate Interests: Processing is necessary for the Company’s legitimate interests, such as improving our services, except where these are overridden by your rights and freedoms; d) Legal Obligations: Processing is necessary to comply with legal obligations, such as tax and regulatory requirements.
9.4 User Consent
By using the Platform, Users located in the EEA or whose personal data is subject to the GDPR provide clear and explicit consent for the Company to collect, store, and process their personal data, such as email, name, and other identifying information, for the purposes specified in these Terms. If you do not consent to the processing of your personal data, or if you choose to withdraw your consent at any time, please note that this will affect your ability to use the Platform. Certain features and functionalities of the Platform require the processing of personal data, and without this data, we will not be able to provide access to the Platform.
9.5 Data Subject Rights
Under the GDPR, you have the following rights regarding your personal data: a) Right to Access: You can request access to the personal data we hold about you; b) Right to Rectification: You can request corrections to inaccurate or incomplete data; c) Right to Erasure: You can request that we delete your personal data in certain circumstances; d) Right to Restrict Processing: You can request the restriction of processing in specific cases; e) Right to Data Portability: You can request to receive your data in a structured, machine-readable format; f) Right to Object: You can object to certain types of data processing, including direct marketing; g) Right to Withdraw Consent: You can withdraw your consent for processing your personal data at any time. To exercise any of these rights, please contact us at support@todoplanify.com. We will respond to your request within 30 days.
9.6 Data Retention
We retain personal data only for as long as it is necessary to fulfill the purposes for which it was collected, in accordance with our data retention policies. The retention period varies depending on the nature of the data and the purposes for which it was collected. Once the data is no longer required, we will securely delete, anonymize, or otherwise appropriately handle the data in a timely manner, unless we are required by law or legitimate interests (such as resolving disputes or enforcing agreements) to retain the data for a longer period.
If users request the deletion of their data, we will process the request in accordance with applicable data protection laws, including GDPR, unless legal obligations require otherwise.
9.7 Data Security
We take appropriate technical and organizational measures to protect your personal data from unauthorized access, alteration, disclosure, or destruction. This includes encryption, regular security reviews, and access control procedures to safeguard the confidentiality and integrity of your data.
9.8 International Data Transfers
When transferring your personal data outside of the EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) or Binding Corporate Rules (BCRs), as approved by the European Commission, to guarantee the protection of your data.
9.9 Data Breach Notification
In the event of a personal data breach, we will notify the relevant supervisory authority without undue delay and, where feasible, not later than 72 hours after having become aware of it, unless the breach is unlikely to result in a risk to the rights and freedoms of natural persons. If the breach is likely to result in a high risk to your rights and freedoms, we will also notify you without undue delay.
9.10 Data Protection Officer
We process personal data, such as your name, email address, and billing information, in accordance with the GDPR and other applicable data protection laws. While we do not have a designated Data Protection Officer (DPO), we are committed to ensuring the security and confidentiality of your personal data. If you have any questions or concerns about how your personal data is processed, please contact us at support@todoplanify.com. You may also request access to, correction of, or deletion of your personal data at any time.
9.11 User Complaints
If you believe that your personal data rights have been violated, you have the right to lodge a complaint with the data protection supervisory authority in your country of residence. We encourage you to contact us first to resolve any issues before contacting the supervisory authority.
9.12 Changes to GDPR Compliance Section
We reserve the right to update this GDPR section from time to time to ensure compliance with any changes in data protection laws or our internal practices. Any significant changes will be posted on our Platform, and we will notify you where appropriate.
9.13 Consent to Processing
By using the Platform, you acknowledge that you have read and understood this GDPR section, and you consent to the collection, storage, and processing of your personal data as described herein. If you do not agree with this section, you must refrain from using the Platform.
10. CHANGES TO THIS PRIVACY POLICY
10.1 Policy Updates
We may update or make changes to this Privacy Policy from time to time to reflect changes in our practices or legal requirements. Any material changes will be posted on this page, and where necessary, we will notify users through the Platform or via email. We encourage you to review this Policy periodically to stay informed about how we protect your personal information.
10.2 Effective Date
The revised Privacy Policy will become effective immediately upon being posted unless otherwise stated. Continued use of the Platform after such changes have been made constitutes your acceptance of the updated Policy. If you do not agree with the changes, you should discontinue your use of the Platform.
11. CHILDREN'S PRIVACY
11.1 Minimum Age Requirement
The Platform is not intended for use by individuals under the age of 13 (or 16 in certain jurisdictions within the European Economic Area). We do not knowingly collect or process personal data from children. If you believe that we have collected personal data from a child without proper consent, please contact us at support@todoplanify.com, and we will take steps to delete the information and terminate the account if applicable.