Privacy Policy

Service Provider: AskToDo.ai

Website: https://asktodo.ai

Contact Email: hi@asktodo.ai

Privacy Officer: hi@asktodo.ai

We provide AI-powered productivity tools and content generation services to help you work more efficiently.

2.1 Personal Information

We collect the following personal information when you:

• Account Registration: Email address, name, password (encrypted)
• Profile Information: Optional profile details, preferences, language settings
• Payment Information: Billing details, subscription status, transaction history
• Communication: Support requests, feedback, correspondence

2.2 Usage Data

• AI Tool Usage: Content generated, prompts used, tool preferences
• Platform Activity: Pages visited, features used, session duration
• Credit Usage: Credits consumed, subscription tier, usage patterns
• Performance Data: Response times, error logs, system performance

2.3 Technical Data

• Device Information: Browser type, operating system, device identifiers
• Network Data: IP address, location data (country/region level)
• Session Data: Login sessions, user preferences, security tokens
• Log Data: Access logs, error logs, security logs

We process your personal data based on the following legal grounds:

• Contract Performance: To provide our AI services, process payments, and manage your account
• Legitimate Interest: To improve our services, prevent fraud, and ensure security
• Consent: For marketing communications, non-essential cookies, and optional features
• Legal Obligation: To comply with applicable laws, regulations, and legal processes

4.1 Service Provision

• Provide AI-powered content generation tools
• Process and respond to your requests
• Manage your account and subscription
• Process payments and billing
• Provide customer support

4.2 Service Improvement

• Analyze usage patterns to improve our AI models
• Develop new features and tools
• Optimize platform performance
• Conduct research and analytics

4.3 Communication

• Send service-related notifications
• Provide technical support
• Send marketing communications (with consent)
• Notify about policy changes

4.4 Security & Compliance

• Prevent fraud and abuse
• Ensure platform security
• Comply with legal obligations
• Enforce our terms of service

We retain your data for the following periods:

• Account Data: Until account deletion + 30 days for backup recovery
• Generated Content: Until account deletion or manual deletion by user
• Usage Analytics: 24 months for service improvement
• Payment Records: 7 years for tax and legal compliance
• Support Communications: 3 years for quality assurance
• Security Logs: 12 months for security monitoring

If you are in the EU/EEA, you have the following rights:

6.1 Right of Access

Request a copy of all personal data we hold about you.

6.2 Right to Rectification

Correct any inaccurate or incomplete personal data.

6.3 Right to Erasure ("Right to be Forgotten")

Request deletion of your personal data in certain circumstances.

6.4 Right to Restrict Processing

Limit how we process your data in certain situations.

6.5 Right to Data Portability

Receive your data in a machine-readable format to transfer to another service.

6.6 Right to Object

Object to processing based on legitimate interests or for marketing purposes.

6.7 Right to Withdraw Consent

Withdraw consent for processing that requires your consent.

7.1 Types of Cookies We Use

• Essential Cookies: Required for basic site functionality (authentication, security)
• Performance Cookies: Help us understand how you use our site
• Functional Cookies: Remember your preferences and settings
• Marketing Cookies: Used to deliver relevant advertisements (with consent)

7.2 Managing Cookies

You can control cookies through:

• Our cookie consent banner (appears on first visit)
• Your browser settings
• Account settings for logged-in users

Note: Disabling essential cookies may affect site functionality.

We protect your information with comprehensive security measures:

8.1 Data Protection

• Advanced encryption for all data transmission and storage
• Secure authentication and access controls
• Regular security monitoring and updates
• Automated backup systems for data recovery

8.2 Access Controls

• Strict access controls and user permissions
• Secure user authentication systems
• Regular security training and procedures
• Incident response and recovery protocols

8.3 Data Breach Notification

In case of a data breach, we will:

• Notify relevant authorities within 72 hours (GDPR requirement)
• Inform affected users without undue delay
• Provide details about the breach and remedial actions

To provide our global AI-powered services, your data may be processed in different countries. We ensure your data is protected wherever it is processed.

Data Processing Locations:

• United States and European Union data centers
• Secure cloud infrastructure with global coverage
• Regional data processing for improved performance

Protection Measures:

• International data transfer agreements and safeguards
• Compliance with GDPR and international privacy standards
• Continuous monitoring of data protection standards

Our service is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you become aware that a child has provided us with personal information, please contact us immediately.

We may update this Privacy Policy from time to time. We will:

• Post the updated policy on our website
• Update the "Last updated" date
• Notify users of material changes via email
• For significant changes, obtain new consent where required

For any questions about this Privacy Policy or to exercise your rights, please contact us: