Introduction
Welcome to DueSync. We respect your privacy and are committed to protecting your personal data. This privacy policy explains how we collect, use, disclose, and safeguard your information when you use our task management application.
By using DueSync, you agree to the collection and use of information in accordance with this policy.
1. Information We Collect
1.1 Information You Provide
- Google Account Information: When you sign in with Google, we receive your name, email address, and profile picture
- Task Data: Task titles, descriptions, due dates, times, priorities, categories, tags, and completion status
- Preferences: Notification settings, theme preferences, time zone
1.2 Automatically Collected Information
- Usage Data: Pages visited, features used, time spent, actions taken
- Device Information: Browser type, device type, operating system, IP address
- Cookies: Session cookies for authentication, preference cookies for theme
1.3 Google Calendar Integration
If you enable Google Calendar sync, we access your Google Calendar to:
- Create calendar events for synced tasks
- Update events when tasks change
- Delete events when tasks are unsynced
We do not read, modify, or delete calendar events we didn't create.
2. How We Use Your Information
We use the information we collect to:
- Provide Services: Create, store, and manage your tasks
- Calendar Sync: Synchronize tasks with your Google Calendar
- Notifications: Send email and push notifications based on your preferences
- Authentication: Verify your identity and maintain your session
- Improve Services: Analyze usage patterns to enhance features
- Security: Detect and prevent fraud, abuse, and security incidents
- Communication: Send important service updates and announcements
- Compliance: Meet legal obligations and enforce our terms
3. Data Storage and Security
3.1 Data Storage
- Database: Your data is stored in a secure PostgreSQL database hosted by Supabase
- Location: Data centers in AWS regions (configurable)
- Backups: Regular automated backups for data recovery
3.2 Security Measures
- Encryption in Transit: All data transmitted over HTTPS/TLS 1.2+
- Authentication: Secure Google OAuth 2.0
- Session Management: HTTP-only cookies with secure flags
- Access Controls: Role-based access and authentication checks
- Rate Limiting: Protection against brute force attacks
- Regular Audits: Ongoing security assessments
While we implement robust security measures, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.
4. Data Sharing and Disclosure
4.1 We Do NOT Sell Your Data
We do not sell, rent, or trade your personal information to third parties for marketing purposes.
4.2 Third-Party Services
We use the following trusted third-party services:
- Google OAuth & Calendar API: For authentication and calendar integration
- Supabase: For database hosting
- Vercel: For application hosting (if applicable)
- Email Service: For sending notification emails
These services have their own privacy policies and security measures.
4.3 Legal Requirements
We may disclose your information if required by law or in response to:
- Legal processes (subpoenas, court orders)
- Government requests
- Protection of rights, property, or safety
- Fraud prevention and security threats
5. Your Rights (GDPR & CCPA)
5.1 Right to Access
You can view all your data in the app. To export: Settings → Data & Privacy → Export My Data
5.2 Right to Rectification
You can edit your tasks, categories, tags, and preferences anytime in the app.
5.3 Right to Deletion
Settings → Data & Privacy → Delete Account. All data permanently removed within 30 days.
5.4 Right to Portability
Export your data in JSON format: Settings → Data & Privacy → Export My Data
5.5 Right to Object
You can opt-out of email and push notifications in Settings → Notifications.
5.6 California Residents (CCPA)
California residents have additional rights under CCPA. Contact us to exercise these rights.
6. Cookies and Tracking
6.1 Essential Cookies
- Authentication: Session cookies for login (required)
- Security: CSRF tokens (required)
6.2 Preference Cookies
- Theme: Remember dark/light mode preference
6.3 Analytics Cookies (Optional)
If analytics are enabled, we use cookies to understand how you use DueSync. You can opt-out in Settings.
7. Data Retention
- Active Accounts: Data retained as long as your account is active
- Inactive Accounts: May be deleted after extended inactivity (notification sent)
- Deleted Accounts: All data permanently deleted within 30 days
- Backups: Backup copies may persist for up to 90 days for disaster recovery
- Legal Holds: Data may be retained longer if required by law
8. Children's Privacy
DueSync is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we discover that we have collected information from a child under 13, we will delete it immediately.
If you believe a child under 13 has provided us with personal information, please contact us.
9. International Data Transfers
Your data may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. We ensure appropriate safeguards are in place to protect your data.
10. Changes to This Policy
We may update this privacy policy from time to time. Changes will be posted on this page with an updated "Last Updated" date. Significant changes will be communicated via:
- Email notification to registered users
- Prominent notice in the app
- Banner on the website
Continued use of DueSync after changes constitutes acceptance of the updated policy.
11. Contact Us
If you have questions about this privacy policy or your data:
- Email: infoduesync@wiktechnologies.com
- Data Protection Officer: infoduesync@wiktechnologies.com
- Support: infoduesync@wiktechnologies.com
- Response Time: Within 48 hours
12. Additional Information
- Security Policy: See our Security Policy
- Terms of Service: See our Terms of Service
- User Guide: Learn how to use DueSync in our User Guide
- FAQ: Common questions answered in our FAQ