taakttaaktBack to home

Privacy Policy

Last updated: February 5, 2025

1. Introduction

taakt ("we", "our", "us") is committed to protecting your privacy. This policy explains what data we collect, how we use it, and your rights.

We may update this policy occasionally. Material changes will be notified via email or in-app. Continued use after changes means you accept them.

2. Data We Collect

We collect only what's necessary to provide taakt:

Account Information:

  • Email address (for authentication and account-related emails, e.g. password reset)
  • Hashed password (if you sign up with email)
  • Google profile (name, email, profile picture) if you sign in with Google

Content You Create:

  • Tasks, projects, time slots, notes, and preferences
  • If you connect Jira: issue and project data we display in taakt (read-only)

Technical Data:

  • Session cookies for authentication
  • Server logs (IP address, browser type, timestamps) for security and debugging — Retained for 90 days maximum

3. How We Use Your Data

Your data is used exclusively to:

  • Authenticate you and maintain your session
  • Store and sync your tasks, calendar, and notes
  • Sync with Google Calendar (if you enable it)
  • Generate AI summaries (if you use that feature)
  • Improve the service and fix bugs

We do NOT:

  • Sell your data to third parties
  • Use your data for advertising
  • Share your data except as described in section 4

4. Third-Party Service Providers

We use trusted services to operate taakt:

Infrastructure:

  • Supabase (database, auth) — EU region, GDPR-compliant
  • Vercel (hosting) — EU/US, encrypted in transit

AI Services (only when you use these features):

  • Groq (transcription) — Audio processed but NOT stored
  • Anthropic Claude (summaries) — Text processed but NOT stored or used for training

Performance:

  • Vercel Speed Insights — Anonymized performance data (e.g. Core Web Vitals) to improve the service. No personally identifiable information is tracked.

Jira (optional):

  • If you connect Jira, we request read-only access to your Jira issues and projects to display and link them in taakt. You can disconnect at any time from Settings > Integrations.

All providers have Data Processing Agreements (DPA) ensuring GDPR compliance.

5. Google Calendar Integration

When you connect your Google account, we request:

Read-only access to Google Calendar

  • OAuth scopes: https://www.googleapis.com/auth/calendar.readonly, https://www.googleapis.com/auth/calendar.events.readonly
  • Purpose: Display your meetings in taakt's calendar
  • We do NOT create, modify, or delete Google Calendar events

Basic profile information

  • OAuth scopes: https://www.googleapis.com/auth/userinfo.email, https://www.googleapis.com/auth/userinfo.profile
  • Purpose: Authenticate you and display your name/email

You can disconnect Google anytime from Settings > Integrations. Disconnecting immediately stops all data access and deletes synced calendar data. Our use of Google user data complies with the Google API Services User Data Policy and Limited Use requirements.

6. Cookies

We use essential cookies for:

  • Session management (stay logged in)
  • Authentication security

No advertising or tracking cookies. You can clear cookies via browser settings, but this will log you out.

7. Data Retention

  • Active accounts: Data retained as long as your account exists
  • Deleted accounts:
  • Tasks/notes deleted within 30 days
  • Google Calendar sync data deleted immediately
  • Email retained 90 days for legal/security, then deleted

Request immediate deletion: privacy@taakt.app

AI Service Data:

  • Audio sent to Groq for transcription: Processed but NOT stored by Groq
  • Text sent to Claude for summaries: Processed but NOT stored by Anthropic
  • We do not retain audio files after transcription is complete
  • Transcripts and summaries are stored in your taakt account until you delete them

8. Security

We protect your data with:

  • Encryption in transit (TLS 1.3)
  • Encryption at rest (AES-256)
  • Secure OAuth 2.0 authentication
  • Access restricted to authorized personnel only
  • Regular security audits

Report security issues: security@taakt.app

9. Your Rights (GDPR)

You have the right to:

  • Access your data and get a copy
  • Correct inaccurate data
  • Delete your account and data
  • Object to processing or request restriction
  • Data portability (export your data)
  • Withdraw consent

To exercise rights: privacy@taakt.app (we respond within 30 days)

You can also file a complaint with your local data protection authority.

10. Children's Privacy

taakt is not for users under 16. We don't knowingly collect data from children. If you believe a child provided data, contact privacy@taakt.app for deletion.

11. International Data Transfers

Your data may be processed in the EU or US by our service providers. All transfers comply with GDPR via Standard Contractual Clauses (SCC).

12. Contact

Questions about this policy or your data?

← Back to home