MyDayLogs LogoMyDayLogs

Privacy Policy

Last updated: 6 December 2024

1. Introduction

MyDayLogs Ltd ("we", "our", "us") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our task management platform and services (the "Service").

We are committed to complying with applicable data protection regulations including GDPR and other international data protection laws. This policy should be read alongside our Terms of Service.

2. Data Controller

MyDayLogs Ltd is the data controller responsible for your personal information. If you have any questions about this Privacy Policy or our data practices, please contact us at:

Email: info@mydaylogs.co.uk

3. Information We Collect

3.1 Information You Provide

We collect information that you provide directly to us, including:

  • Account Information: Name, email address, password, organization name
  • Profile Information: Job title, contact details, profile photo (optional)
  • Task Data: Task logs, notes, templates, attachments you create or upload
  • Communication Data: Messages, feedback, and support requests
  • Billing Information: Payment details (processed securely by Stripe)
  • Promotional Campaign Data: Feedback submissions, social media sharing activity, promotional code usage, and participation in marketing campaigns

3.2 Information Collected Automatically

When you use our Service, we automatically collect:

  • Usage Data: Pages viewed, features used, time spent on the platform
  • Device Information: Browser type, operating system, IP address
  • Cookies and Similar Technologies: See our Cookie Policy for details
  • Log Data: Access times, error logs, system activity

4. How We Use Your Information

We use your information for the following purposes:

  • Service Provision: To provide, maintain, and improve our Service
  • Account Management: To manage your account and authenticate users
  • Communication: To send service updates, security alerts, and support messages
  • Billing: To process payments and manage subscriptions
  • Analytics: To understand usage patterns and improve user experience
  • Compliance: To comply with legal obligations and enforce our terms
  • Security: To detect, prevent, and address security issues
  • Customer Support: To provide technical assistance, troubleshoot issues, and respond to support requests
  • Marketing Campaigns: To administer promotional campaigns, validate eligibility, prevent fraud, issue promotional codes, track redemptions, and analyze campaign effectiveness

5. Legal Basis for Processing

We process your personal data under the following legal bases:

  • Contract Performance: Processing necessary to provide the Service
  • Legitimate Interests: Improving our Service, security, and fraud prevention
  • Legal Obligation: Compliance with applicable laws and regulations
  • Consent: Marketing communications (where required)

6. Data Sharing and Disclosure

We do not sell your personal information. We may share your information with:

6.1 Service Providers

  • Hosting: Vercel (website hosting)
  • Database: Supabase (data storage)
  • Payments: Stripe (payment processing)
  • Email: Resend (transactional emails)

6.2 Promotional Campaign Participation

When you participate in promotional campaigns, we may collect and use your email address, feedback submissions, social media sharing activity, and promotional code redemption data. This information is used solely to administer the campaign, prevent fraud, and analyze campaign performance. We do not share this information with third parties except as required by law.

6.3 Legal Requirements

We may disclose your information if required by law, court order, or legal process, or to protect our rights and safety.

6.4 Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

7. Administrative Access and Support

7.1 Access for Technical Support

To provide technical support, troubleshoot issues, and maintain service quality, authorized administrators may occasionally need to access user accounts. This access is conducted under the following conditions:

  • Legitimate Purpose: Access is only granted for legitimate purposes including technical support, troubleshooting system issues, resolving billing inquiries, investigating security incidents, or ensuring regulatory compliance
  • Authorized Personnel Only: Only specifically authorized senior administrators with proper security clearance can access user accounts
  • Secure Authentication: Administrative access requires secure authentication credentials that are separate from user passwords. Your password remains encrypted and is never visible to administrators
  • Complete Audit Trail: All administrative access to user accounts is automatically logged with timestamps, administrator identity, and purpose. These logs are retained for compliance purposes
  • Minimal Data Viewing: Administrators only view the minimum data necessary to resolve the specific issue or provide the requested support
  • Confidentiality: All administrators are bound by strict confidentiality agreements and data protection policies

7.2 Your Rights Regarding Administrative Access

You have the right to:

  • Request information about whether your account has been accessed by administrators
  • Request copies of audit logs showing administrative access to your account (Subject Access Request)
  • Object to administrative access except where required for legal compliance or security purposes
  • Lodge a complaint with the ICO if you believe access was inappropriate

To request information about administrative access to your account, please contact us at info@mydaylogs.co.uk with "Administrative Access Request" in the subject line.

8. Data Retention

We retain your personal information for as long as necessary to provide the Service and comply with legal obligations. When you delete your account, we will delete or anonymize your personal data within 30 days, except where we are required to retain it for legal or regulatory purposes.

Task logs and organizational data are retained according to your subscription plan and may be retained for audit purposes as required by law. Administrative access logs are retained for a minimum of 3 years for compliance and security purposes.

9. Your Data Protection Rights

You have the following rights regarding your personal data:

  • Right of Access: Request a copy of your personal data
  • Right to Rectification: Correct inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data
  • Right to Restriction: Limit how we use your data
  • Right to Data Portability: Receive your data in a portable format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Where processing is based on consent

To exercise these rights, please contact us at info@mydaylogs.co.uk. We will respond within 30 days.

10. Data Security

We implement appropriate technical and organizational measures to protect your personal information, including:

  • Encryption of data in transit and at rest
  • Regular security assessments and audits
  • Access controls and authentication
  • Secure data centers
  • Employee training on data protection
  • Password hashing using industry-standard algorithms (bcrypt)
  • Comprehensive audit logging of all administrative actions
  • Multi-factor authentication for administrative accounts

While we strive to protect your personal information, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

11. International Data Transfers

Your data is stored and processed in secure facilities. If we transfer data internationally, we ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses approved by relevant authorities
  • Adequacy decisions by applicable governments
  • Other approved transfer mechanisms under applicable data protection laws

12. Children's Privacy

Our Service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

13. Cookies and Tracking Technologies

We use cookies and similar technologies to improve your experience. Essential cookies are necessary for the Service to function. You can control non-essential cookies through our cookie banner and browser settings. For more information, see our Cookie Policy.

For promotional campaigns, we use cookies and similar tracking technologies to prevent fraud, track campaign participation, and ensure fair redemption of promotional offers. This includes IP address logging, browser fingerprinting, and user agent tracking to detect duplicate submissions and abuse.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. Continued use of the Service after changes constitutes acceptance of the updated policy.

15. Contact Us and Complaints

If you have questions, concerns, or complaints about this Privacy Policy or our data practices, please contact us at:

Email: info@mydaylogs.co.uk

Company: MyDayLogs Ltd

You also have the right to lodge a complaint with your local data protection authority if you believe your data protection rights have been violated.