JotFlow

Privacy Policy for JotFlow

Last Updated: May 26, 2026 GTech Group

GTech ("we," "our," or "us") operates the JotFlow mobile application and backend services (collectively, the "Service"). We are committed to protecting and respecting your privacy. This Privacy Policy describes how we collect, use, process, and protect your personal information when you use our mobile application and related API services.

By using the Service, you agree to the collection and use of information in accordance with this policy.

1. Information We Collect

To provide a collaborative task and board management experience, we collect certain personal and usage data.

A. Personal Data Collected via Google OAuth

When you register or log in to JotFlow using your Google Account, we receive and store certain profile information from Google:

  • Email Address: Used to identify your account and enable other users to search and invite you as a collaborator.
  • Display Name: Used to personalize your experience and show other collaborators who is making changes.
  • Profile Picture URL: Used to display your avatar within the application's user interface.
  • Google Unique Identifier (Subject ID): Used to securely link your Google login to your JotFlow account.

B. User-Generated Content

We collect and store the content you create and input into the Service:

  • Boards & Cards: The titles, creation dates, and metadata of the boards you create.
  • Tasks & Products: The items, comments, quantities, and bought/pending states you manage on your boards.
  • Collaborative Invites: Sharing associations between you and other users.

C. Technical and Device Data

When you connect to our API, we collect certain technical metadata:

  • IP Address: Logged temporarily during authentication and API requests for security, fraud prevention, and rate-limiting purposes.
  • Connection Status: Real-time sync signals (via SignalR) to coordinate updates across users.

2. How We Use Your Information

We use the collected information for the following purposes:

  • To Provide and Maintain the Service: Enabling real-time task synchronization, collaborative edits, and user account management.
  • To Facilitate Collaboration: Allowing you to invite other users to boards via email/name searches and displaying active collaborators.
  • To Authenticate Users: Securing access to your boards via Google OAuth and our JSON Web Token (JWT) system.
  • To Improve the Service: Resolving technical errors, monitoring network performance, and enhancing interface responsiveness.
  • Security & Compliance: Preventing unauthorized access, protecting user data, and complying with legal obligations.

3. Data Sharing and Collaboration

JotFlow is designed for collaboration. Here is how your data is shared:

  • With Other Users (Collaborators): When you invite a user to collaborate on a board, they will be able to see the board name, tasks, bought statuses, and the name/email/profile picture of the board's creator and other invited collaborators.
  • No Third-Party Selling: We do not sell, trade, rent, or lease your personal information to third parties (such as ad networks or marketing agencies).
  • Service Providers: We may share data with trusted infrastructure providers (e.g., our secure database and cloud servers) solely to host and operate the Service under strict confidentiality agreements.
  • Legal Requirements: We may disclose your information if required to do so by law or in response to valid requests by public authorities.

4. Google API Services User Data Policy

JotFlow's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Strict Adherence Details:

  • We only request the minimum necessary scopes (profile and email) required for authentication and basic profile rendering.
  • We do not use Google user data for advertising, market research, or profiling purposes.

5. Your Rights and Choices (GDPR & CCPA Compliance)

Depending on your location, you may have the following rights regarding your personal data:

Access, Portability & Rectification

You have the right to request a copy of the personal data we hold about you and request that we correct inaccurate or incomplete personal data.

Erasure & Restriction

You have the right to request the deletion of your account and all associated data, or limit how we use your data.

How to Delete Your Account and Data

You can request the deletion of your account at any time. To do so, please follow these instructions:

  1. Log out of the application or contact us directly at:
    Copied!
  2. Upon receiving your request, we will permanently delete your user profile, email association, profile picture, and all boards where you are the sole creator from our databases within 7 days.

6. Data Security

We implement premium security measures to safeguard your information:

  • All network traffic between the mobile application and the API is encrypted using HTTPS / TLS.
  • User authentication tokens (JWTs) are signed using a secure cryptographic key and expire rapidly to prevent hijacking.
  • Databases are protected behind secure firewalls and accessed only by authorized network nodes.

Please be aware that no method of transmission over the Internet or method of electronic storage is 100% secure, and we cannot guarantee its absolute security.

7. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date at the top. You are advised to review this Privacy Policy periodically for any changes.

8. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your data, please contact us:

Support Email

For GDPR requests, data deletion, or general privacy inquiries:

Copied!

Developer Entity

GTech