Privacy Policy

← Back to Home

Last Updated: October 28, 2025

1. Introduction

TodoMode ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our task management service.

2. Information We Collect

2.1 Information You Provide

• Account Information: Email address, password (encrypted), name
• Task Data: Tasks, projects, notes, due dates, and other content you create
• Profile Information: Display name, preferences, settings
• Payment Information: Processed securely by Stripe (we don't store credit card details)
• Communication Data: Support requests, feedback, contact form messages

2.2 Automatically Collected Information

• Usage Data: Features used, time spent, interaction patterns
• Device Information: Browser type, operating system, device identifiers
• Log Data: IP address, access times, pages viewed, referring URLs
• Cookies: Session management, preferences, analytics (see our Cookie Policy)

3. How We Use Your Information

We use your information to:

• Provide, maintain, and improve the TodoMode service
• Create and manage your account
• Process your subscription payments
• Send you service notifications and updates
• Respond to your support requests and feedback
• Analyze usage patterns to improve user experience
• Prevent fraud and ensure security
• Comply with legal obligations

4. Data Storage and Security

4.1 Data Storage

Your data is stored on secure servers. We implement industry-standard security measures including:

• Encrypted connections (HTTPS/TLS)
• Password hashing with bcrypt
• Regular security audits
• Access controls and authentication
• CSRF and XSS protection

4.2 Data Retention

We retain your data for as long as your account is active. When you delete your account:

• Your task data is permanently deleted within 30 days
• Account information is removed from active systems
• Backup copies are deleted according to our backup retention schedule
• Some records may be retained for legal or security purposes

5. Data Sharing and Disclosure

5.1 We DO NOT Sell Your Data

We never sell, rent, or trade your personal information to third parties for marketing purposes.

5.2 Service Providers

We share limited data with trusted service providers who help us operate:

• Stripe: Payment processing (PCI-compliant)
• Google Analytics: Anonymous usage statistics

5.3 Legal Requirements

We may disclose information if required by law, court order, or to:

• Comply with legal obligations
• Protect our rights and property
• Prevent fraud or abuse
• Protect user safety

6. Your Privacy Rights

6.1 Access and Control

You have the right to:

• Access: View all your personal data we hold
• Export: Download your data in JSON format
• Correct: Update inaccurate information
• Delete: Request account and data deletion
• Object: Opt-out of analytics tracking

6.2 GDPR Rights (EU Users)

If you're in the EU, you have additional rights:

• Right to data portability
• Right to restriction of processing
• Right to object to automated decision-making
• Right to lodge a complaint with a supervisory authority

6.3 CCPA Rights (California Users)

California residents have the right to:

• Know what personal information is collected
• Know if personal information is sold or disclosed
• Opt-out of the sale of personal information
• Request deletion of personal information
• Non-discrimination for exercising privacy rights

7. Cookies and Tracking

We use cookies and similar technologies for:

• Authentication and session management
• Saving your preferences
• Analytics and performance monitoring
• Security and fraud prevention

For detailed information, see our Cookie Policy.

8. Third-Party Services

Our service integrates with third parties that have their own privacy policies:

• Stripe: stripe.com/privacy
• Google Analytics: policies.google.com/privacy

9. Children's Privacy

TodoMode is not intended for users under 16 years of age. We do not knowingly collect personal information from children under 16. If you believe we have collected information from a child, please contact us immediately.

10. International Data Transfers

Your data may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for international transfers, including:

• Standard contractual clauses
• Privacy Shield frameworks (where applicable)
• Adequate data protection measures

11. Data Breach Notification

In the event of a data breach that may affect your personal information, we will:

• Notify affected users within 72 hours
• Describe the nature of the breach
• Explain steps taken to address it
• Provide guidance on protective measures

12. Do Not Track

We respect Do Not Track (DNT) browser signals. When DNT is enabled, we disable non-essential analytics tracking while maintaining essential functionality.

13. Changes to This Privacy Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. We will:

• Notify you via email of material changes
• Update the "Last Updated" date
• Post prominent notice in the application

Continued use of the service after changes constitutes acceptance of the updated policy.

14. Your Choices

14.1 Email Preferences

You can control email notifications in your account settings. We will always send:

• Critical account notifications
• Security alerts
• Billing information

14.2 Account Deletion

To delete your account:

1. Go to Settings → Account → Delete Account
2. Confirm deletion
3. Your data will be permanently removed within 30 days

15. Contact Us

If you have questions about this Privacy Policy or wish to exercise your privacy rights:

Email: privacy@todomode.com
Contact Form: todomode.com/contact
Response Time: Within 30 days

16. Related Policies

• Terms of Service
• Cookie Policy