Privacy Policy
This page explains what data to-do-go captures and how it is processed. This page is required by law.
TL;DR: to-do-go is free, does not sell your data, does not send any unwanted mails, does not post in the social media and deals with your data discreetly. For further details, please read the detailed explanations below.
TL;DR: to-do-go is free, does not sell your data, does not send any unwanted mails, does not post in the social media and deals with your data discreetly. For further details, please read the detailed explanations below.
Scenario A: without login
If you visit the web pages of to-do-go normally, without logging in, we actively do not collect any data from you. However, we point out that the web server automatically saves data for temporary log files. That's in particular
In particular, we do not store the IP address, so this data can not be assigned to specific people. We reserve the right, in case of unlawful use, in particular attacks on the server, to activate the logging of the IP address for a short time in order to be able to counteract the attack. In this case, the IP address is used exclusively to determine the causer. The server log files are automatically deleted after 31 days at the latest.
Without login, we deliberately refrain from storing any cookies that allow recognizing visitors and the inclusion of external JavaScript codes, which in turn could create cookies or access data. Only the value for the freely modifiable screen scaling is stored in a cookie, if it is used. This eliminates the need for an explicit cookie hint on each page
When logging in, you are explicitly informed about the privacy policy and terms of use, and that you must accept them in order to log in. Only then are cookies set and third-party JavaScript codes incorporated.
Contact Form:
If you send us an inquiry via the contact form or directly by e-mail, we will save the data submitted (usually the e-mail address for reply, the name for the salutation and your request text in the contact form) for the period of processing the request and beyond in case of further follow-up questions. We will not pass on this data unless the purpose of the request makes it absolutely necessary.
- the time of the request
- the user agent (browser type and browser version)
- the operating system used
- the URL of the referring web page (referer), unless the URL was manually entered in the address bar of the browser
In particular, we do not store the IP address, so this data can not be assigned to specific people. We reserve the right, in case of unlawful use, in particular attacks on the server, to activate the logging of the IP address for a short time in order to be able to counteract the attack. In this case, the IP address is used exclusively to determine the causer. The server log files are automatically deleted after 31 days at the latest.
Without login, we deliberately refrain from storing any cookies that allow recognizing visitors and the inclusion of external JavaScript codes, which in turn could create cookies or access data. Only the value for the freely modifiable screen scaling is stored in a cookie, if it is used. This eliminates the need for an explicit cookie hint on each page
When logging in, you are explicitly informed about the privacy policy and terms of use, and that you must accept them in order to log in. Only then are cookies set and third-party JavaScript codes incorporated.
Contact Form:
If you send us an inquiry via the contact form or directly by e-mail, we will save the data submitted (usually the e-mail address for reply, the name for the salutation and your request text in the contact form) for the period of processing the request and beyond in case of further follow-up questions. We will not pass on this data unless the purpose of the request makes it absolutely necessary.
Scenario B: with login
After logging in to to-do-go the same data will be saved as without logging in (see above), as well as other data about that we are informing you here.
Basically, to-do-go work so, that you can create an account, which is happening implicitly by logging in to a social Media account (currently Facebook and Google). to-do-go requests from this social-media-service a minimum of personal data (see below). You will have to agree to this data sharing on the side of the social media account when you first log in. Then you can add your own content to to-do-go, presumably to-do lists, shopping lists or other. This content can be entered in the private area only to be viewed by you, or you can enter them within a sphere, then (according to the rights of the sphere), at most all members of the sphere can see the content provided by members within the sphere.
Basically, to-do-go work so, that you can create an account, which is happening implicitly by logging in to a social Media account (currently Facebook and Google). to-do-go requests from this social-media-service a minimum of personal data (see below). You will have to agree to this data sharing on the side of the social media account when you first log in. Then you can add your own content to to-do-go, presumably to-do lists, shopping lists or other. This content can be entered in the private area only to be viewed by you, or you can enter them within a sphere, then (according to the rights of the sphere), at most all members of the sphere can see the content provided by members within the sphere.
Storage and use of personal data
To be able to open a to-do-go account, the following data is stored permanently at login:
The e-mail address is only used by to-do-go:
To protect your real name, you have the option in your profile view to choose any "nickname" that is saved instead of the real name.
The freely selectable nickname and the (as part of the social media account) freely selectable profile picture is used:
All stored personal data can be viewed at any time on the profile page and can also be communicated on request by alternative means.
To delete your stored personal data, you can delete your to-do-go account on the profile page. Doing this, all your stored private data is deleted, including your own to-do lists and other inserted data. Your data, which we requested via the social media login, will also be deleted in this way. Only user data within the context of shared groups is retained as long as there are still users in the group. If the last user leaves a group, this data will also be deleted.
- Email Address : for account validation and to contact you by email if you wish so
- Real Name : as initial value for your nickname
- Profile Picture : as a visual aid
The e-mail address is only used by to-do-go:
- to authenticate when logging in via a social media account
- to remind you of your to-dos, appointments, e.g. on request.
- to send you further e-mails in individual cases (for example when changing the conditions of use, etc.)
To protect your real name, you have the option in your profile view to choose any "nickname" that is saved instead of the real name.
The freely selectable nickname and the (as part of the social media account) freely selectable profile picture is used:
- to show you that you are logged in
- to be able to address you in emails personally
- to show within spheres to other sphere members who may also access the sphere with which rights level
All stored personal data can be viewed at any time on the profile page and can also be communicated on request by alternative means.
To delete your stored personal data, you can delete your to-do-go account on the profile page. Doing this, all your stored private data is deleted, including your own to-do lists and other inserted data. Your data, which we requested via the social media login, will also be deleted in this way. Only user data within the context of shared groups is retained as long as there are still users in the group. If the last user leaves a group, this data will also be deleted.
Location of the data
The personal data mentioned above is stored online only on the to-do-go servers. The user content displayed on the screen is also usually stored exclusively online on the to-do-go servers. On the local device, typically only a random string is stored as a cookie for recognition. If there is no internet connection, local changes to content (such as to-dos or shopping lists) are cached on the device until an internet connection is detected again, but then immediately deleted. We also tell the web browser not to cache the contents. So, on the device caused by to-do-go normally no personal content remains. Only files relevant to the operation of to-do-go (JavaScript codes, CSS files), not containing any personal data, are cached by the browser.
This has the advantage that if you lose a device, no data will get into the wrong hands if the login tokens are invalidated in the profile of your to-do-go account by another device and no malicious browser manipulation was active while using to-do-go.
The servers of to-do-go are operated under the Linux operating system in a professional data center in Germany and are thus subject to the strict data protection requirements of the EU. The servers are protected with professional measures against unauthorized access from the outside. The data on the servers are secured with extensive security measures against unauthorized access by third parties. The connections from the end device to the to-do-go server are SSL-encrypted only.
This has the advantage that if you lose a device, no data will get into the wrong hands if the login tokens are invalidated in the profile of your to-do-go account by another device and no malicious browser manipulation was active while using to-do-go.
The servers of to-do-go are operated under the Linux operating system in a professional data center in Germany and are thus subject to the strict data protection requirements of the EU. The servers are protected with professional measures against unauthorized access from the outside. The data on the servers are secured with extensive security measures against unauthorized access by third parties. The connections from the end device to the to-do-go server are SSL-encrypted only.
Transfer of data to third parties
A transfer of data to third parties outside of the to-do-go service is in principle not undertaken at any time, except if enforced by law. Please note, however, that we include third-party Javascript codes that have access to the browser data, especially to any content displayed by to-do-go:
The suppliers of these tools are based in the USA. How exactly the providers work internally is their secret. In the worst case, these tools can create cookies on your computer and transfer the following data from you to the servers in the United States:
What exactly Facebook does with your data and what not is to be read in the data policy of Facebook at https://www.facebook.com/policy.php
Within to-do-go you also have the option to connect with other users in a "sphere". Within this sphere, all members of the sphere can see who is a member of the sphere. They will only see your personal nickname and personal profile data (as part of the social media account). Your e-mail address will not be displayed to others and will not be passed on. The sending of sphere invitations takes place outside of to-do-go in private emails. To do this, the invitee must already know your email address, and he will not be able to find out from to-do-go.
Since the purpose of a sphere is to work together on data (to-dos, shopping lists, etc.), of course, the members of the sphere have access to the data that is collected within the sphere. This access can be regulated via rights levels by the sphere administrator. A sphere does not have access to data outside the sphere, especially private or other sphere data. The members of a sphere also do not know in which other spheres a user is also a member, unless they are implicitly aware of their own further common sphere membership.
- Google Adsense : to show you banner ads
- Social media providers (Facebook and Google) : to enable you to log in through a social media account
The suppliers of these tools are based in the USA. How exactly the providers work internally is their secret. In the worst case, these tools can create cookies on your computer and transfer the following data from you to the servers in the United States:
- all page content that can be seen in the browser when visiting to-do-go
- all the technical data that your browser makes available, in particular the IP address and the data that we also collect in our server log file (see above)
- all public cookies of your browser as well as all cookies that the provider may have stored there at an earlier time
What exactly Facebook does with your data and what not is to be read in the data policy of Facebook at https://www.facebook.com/policy.php
Within to-do-go you also have the option to connect with other users in a "sphere". Within this sphere, all members of the sphere can see who is a member of the sphere. They will only see your personal nickname and personal profile data (as part of the social media account). Your e-mail address will not be displayed to others and will not be passed on. The sending of sphere invitations takes place outside of to-do-go in private emails. To do this, the invitee must already know your email address, and he will not be able to find out from to-do-go.
Since the purpose of a sphere is to work together on data (to-dos, shopping lists, etc.), of course, the members of the sphere have access to the data that is collected within the sphere. This access can be regulated via rights levels by the sphere administrator. A sphere does not have access to data outside the sphere, especially private or other sphere data. The members of a sphere also do not know in which other spheres a user is also a member, unless they are implicitly aware of their own further common sphere membership.