Privacy Policy
Last updated: January 2025
1. Data Controller
The data controller for ConTask AI is:
Simone Giammusso
Email: simone.giammusso@gmail.com
2. Data We Collect
2.1 Account Data
When you create an account, we collect: display name, email address, and profile photo (if provided via third-party login).
2.2 Service Data
We store the data you create within the Service: tasks, workspaces, comments, calendar events, and related metadata.
2.3 Waitlist Data
If you join our waitlist via the landing page, we collect your email address, timestamp of signup, and browser locale preference.
2.4 AI Interaction Data
When you use AI features, your text or voice input is sent to Google Gemini API for processing. We store your prompts and the AI's responses to maintain conversation context within your session. Audio is processed temporarily and not stored after transcription.
2.5 Analytics & Technical Data
We may collect anonymous analytics data including: device type, operating system, app version, crash reports, and usage patterns. This data is collected via Firebase Analytics and is used solely to improve the Service.
3. How We Use Your Data
- Provide the Service: Store and process your tasks, workspaces, and AI interactions
- Authentication: Verify your identity and manage access
- Communication: Send service-related notifications, app updates, and waitlist announcements
- Improvement: Analyze anonymous usage data to improve the Service
- Legal obligations: Comply with applicable laws and regulations
4. Legal Basis (GDPR)
We process your data based on the following legal grounds under GDPR:
- Contract performance (Art. 6(1)(b)): Processing necessary to provide the Service you signed up for
- Legitimate interest (Art. 6(1)(f)): Anonymous analytics to improve the Service
- Consent (Art. 6(1)(a)): Waitlist email collection and marketing communications
5. Data Sharing
We do not sell your personal data. We share data only with:
- Google Firebase: Cloud infrastructure, authentication, database, analytics (Data Processing Agreement in place)
- Google Gemini API: AI processing of your commands (subject to Google's AI data policies)
- Apple / Google: Subscription management via App Store / Play Store
- RevenueCat: Subscription management and analytics
Your task data within shared workspaces is visible to other workspace members as per the collaboration features you configure.
6. Data Retention
- Account data: Retained while your account is active, plus 30 days after deletion request
- Service data: Retained while your account is active; deleted upon account deletion
- Waitlist data: Retained until the Service launches publicly, or until you unsubscribe
- Analytics data: Retained in anonymized form for up to 14 months
7. Your Rights (GDPR)
Under the General Data Protection Regulation, you have the right to:
- Access: Request a copy of all personal data we hold about you
- Rectification: Correct inaccurate personal data
- Erasure: Request deletion of your personal data ("right to be forgotten")
- Restriction: Request that we limit processing of your data
- Portability: Receive your data in a structured, machine-readable format
- Objection: Object to processing based on legitimate interests
- Withdraw consent: Withdraw any previously given consent at any time
To exercise any of these rights, contact us at simone.giammusso@gmail.com. We will respond within 30 days.
8. Data Security
We implement appropriate technical and organizational measures to protect your data, including:
- Data encryption in transit (TLS/SSL) and at rest
- Firebase Security Rules restricting data access
- Authentication required for all data operations
- Regular security reviews
9. International Transfers
Your data may be processed in the United States and other countries where Google operates data centers. These transfers are protected by Standard Contractual Clauses and/or adequacy decisions as applicable under GDPR.
10. Children's Privacy
The Service is not directed at children under 16. We do not knowingly collect personal data from children under 16. If we become aware that we have collected such data, we will delete it promptly.
11. Cookies
The ConTask AI landing page may use minimal essential cookies for functionality (e.g., language preference). We do not use advertising or tracking cookies on our website.
12. Changes to This Policy
We may update this Privacy Policy from time to time. Significant changes will be communicated through the Service or via email. The "Last updated" date at the top indicates the most recent revision.
13. Supervisory Authority
If you believe your data protection rights have been violated, you have the right to lodge a complaint with the Italian Data Protection Authority (Garante per la Protezione dei Dati Personali) or your local supervisory authority.
14. Contact
For any questions or requests concerning this Privacy Policy, contact:
Simone Giammusso
Email: simone.giammusso@gmail.com