Effective date: December 31, 2026
This Data Policy explains how TicTask handles data generated by the Service, including technical, application, and user-provided data. It complements our Privacy Policy and describes operational practices.
We process account data, project/task metadata, attachments you upload, logs and telemetry, and aggregated usage metrics. Sensitive personal data should not be uploaded unless explicitly requested.
Data is processed to operate the Service, provide features (search, notifications, collaboration), improve reliability/performance, and for security and fraud prevention.
We aim to collect only data necessary for the stated purposes. Retention periods vary by data type; inactive accounts and associated data may be deleted after a reasonable retention period or upon user request, subject to backups and legal obligations.
We keep encrypted backups and take standard disaster-recovery measures. Backups may contain personal data and will be retained according to our backup lifecycle; deletion from backups may take longer.
Access to production data is limited to authorized personnel on a least-privilege basis and logged. We use industry-standard encryption at rest and in transit and perform regular security assessments.
We use subprocessors (e.g., cloud hosting, analytics, payment processors). A current list of subprocessors is available on request; subprocessors are contractually bound to protect data.
Users can request access, correction, deletion, or export of their data. Exported data is provided in common machine-readable formats (CSV, JSON) where technically feasible.
We may disclose data in response to lawful requests by public authorities. We evaluate requests carefully and will notify users where permitted by law.
For data-related inquiries or to request exports/removals, contact our support or legal team through the in-app support flow or by email.
© 2025 TicTask. All rights reserved.