Privacy

General Information

We take privacy very seriously. We collect only what we absolutely need for the purposes of providing high-quality services.

When you sign up for our free trial, we only ask that you verify an email address to help protect our systems against abuse. We ask for a name out of courtesy, though you need not provide a real one.

We only ask for full address and billing information if you decide to take up one of our paid offerings.

Cookies

A cookie is a small amount of data, which includes an anonymous unique identifier, that is sent to your browser from a web site’s computers and stored on your computer’s hard drive.

• Cookies are essential and required to use the todo.vu service because they are in an integral element of our security system.
• We use cookies to record current session information, but do not use permanent cookies. You are required to re-login to your todo.vu account after a certain period of time has elapsed to protect you against others accidentally accessing your account contents.
• We also use cookies to track the anonymous activity of new site visitors so that we can better understand how our site is performing.

The following third-party providers also manage cookies in relation to our services – you can follow these links to learn more about their policies and how you can manage your privacy on their systems:

Google AdWords

• https://www.blog.google/topics/safety-security/greater-control-new-features-your-ads-settings/
• https://adssettings.google.com/

Google Analytics 

• https://support.google.com/analytics/answer/6004245
• https://tools.google.com/dlpage/gaoptout

Facebook

• https://www.facebook.com/policies/cookies/

Data Ownership

Although Kitovu Pty Ltd owns the code, databases and all rights to the todo.vu application, you retain all rights to your data and content.

Our customer support and general staff have no access to your workspace or any tasks or data inside it. While it is theoretically possible for our system engineers to access data, it is stored in obfuscated formats that make this generally very difficult and such access is generally only performed in extreme circumstances.

Data protection officer

Ranald (Tom) Cameron
Level 1, 888 Brunswick Street, New Farm, QLD 4005, Australia
+61 7 3040 4440
tomc@todo.vu

Third Party Providers

todo.vu uses third party vendors and hosting partners to provide the necessary hardware, software, networking, storage, and related technology required to run todo.vu. All communications with these providers are encrypted and secured and only information absolutely necessary for the provision of the service is shared with these providers.

Linode – our primary hosting is on Linode servers, mostly in Dallas but sometimes in their other datacentres.

DigitalOcean – we make use of DigitalOcean datacentres for supporting services and data backup.

Google Cloud Storage – all file attachments are stored on Google Cloud Storage encrypted at rest.

MailGun – we use Mailgun for the delivery and acceptance of all email notifications. Email passes momentarily through their systems and log records containing destination email addresses and subject lines are kept for 30 days.

Xero – we use Xero for all invoicing and accounting. Your billing details and transactions are stored with Xero

Braintree Payments – we use Braintree Payments for all payment transactions. Your credit card and PayPal details and records of all transactions are stored with Braintree. We do not store your credit card information in any other place and we have no direct access to your credit card details ever.

CampaignMonitor – we use CampaignMonitor to help with delivery of system update messages and marketing/support emails. We share your name and email address only with CampaignMonitor. You can unsubscribe from this at any time via the unsubscribe links in any email.

Disclosure

todo.vu may disclose personally identifiable information under special circumstances, such as to comply with subpoenas or when your actions violate the Terms of Service.

Access and deletion

todo.vu users can view all information stored out them by logging in and navigating to their account profile (click on your name – top right) and workspace overview (click on settings – bottom left).

To delete a workspace and all its content, you must log in and follow the links under the workspace overview page. Only the account owner can delete a workspace.

To delete your personal profile, you must log in and follow the links under your personal profile. Only the owner of the personal profile can delete their account.

We do not accept email requests to delete workspaces or profiles due to the risk of malicious attacks.

When you delete a workspace or profile, your data is kept for approximately 60 days before permanent deletion. This period is to safeguard against accidental or malicious deletion. Some data such as financial transaction records and billing details are kept for longer periods as required by Australian law.

Changes

todo.vu may periodically update this policy. We will notify you about significant changes in the way we treat personal information by sending a notice to the primary email address specified in your todo.vu primary account holder account or by placing a prominent notice on our site. Such notice will be given at least 3 days in advance of the date the new policy will be applied.

Questions

Any questions about this Privacy Policy and data protection should be addressed to help@todo.vu