A logo representing the WorkFocus brand

Privacy Policy

Within this policy, we outline: the data we gather and the reasons behind it; how we manage your data; and your entitlements regarding your data. We never trade your data.

This policy is divided into sections. To facilitate navigation, links to each section are provided below:

This policy pertains to all services, solutions, and products developed and maintained by WorkFocus.io.

It encompasses information handling concerning website visitors, potential clients, customers, and authorized users (pertaining to their acquisition of services and management of their association with WorkFocus.io). Throughout this policy, we collectively refer to these groups as "you".

However, this policy does not extend to data concerning a customer's end users that WorkFocus.ioacquires from a customer or manages on their behalf in connection with services rendered byWorkFocus.iopursuant to a relevant services agreement.

WorkFocus.io manages End User Communications according to the instructions of the respective customer, who serves as the "data controller" or "business" (or similar roles as per applicable privacy laws), as outlined in the relevant services agreement between said customer and WorkFocus.io. The obligations of WorkFocus.io as a "data processor" or "service provider" concerning such information are outlined in said services agreement and any applicable data protection addendum, and are not included in this policy.

If you are a customer's end user and have inquiries regarding the collection and processing of your information through the services, kindly contact the organization that provided your information to us for further details.

For California residents, please refer to our California Notice at Collection for additional disclosures mandated by California law.

Data Collection and Purpose

Our guiding principle is to collect only the necessary data. Here's how it translates into practice:

Identity and Access

Upon registering for a WorkFocus.io product, we request identifying details such as your name, email address, and optionally, a company name. This facilitates personalization of your new account and enables us to furnish you with product updates and essential communications. Periodically, we may also present optional surveys to gauge your usage of our products and gather insights for enhancements. With your consent, we may include you in our newsletter and send other updates. Additionally, we may offer you the choice to include a profile picture visible within our products.

Billing Information

If you subscribe to a paid WorkFocus.io product or service, you will be prompted to furnish payment details and billing address. Credit card information is directly transmitted to our payment processor and bypasses WorkFocus.io servers. We maintain a transaction record, including the last four digits of the credit card number, for account history, invoicing, and billing support purposes. Your billing address is retained for service charging, tax calculation, invoice delivery, and fraudulent transaction detection. Occasionally, we leverage aggregated billing data to inform our marketing endeavors.

Product Interactions

Content you upload, receive, or maintain in your WorkFocus.io product accounts is stored on our servers. This facilitates intended product usage, such as project creation. This content remains accessible as long as your account is active. Upon account deletion, we undertake content deletion within 60 days.

General Geolocation Data

For most products, we log the full IP address used during product account signup and retain this information to counteract future spam signups. Additionally, we log all account access by full IP address for security and fraud prevention purposes, keeping this login data active throughout your product account's tenure.

Website Interactions

We gather browsing activity data for analytical and statistical purposes, such as conversion rate analysis and product design experimentation. This includes browser and operating system versions, IP address, visited web pages and their loading duration, and referring website information. If you are signed in, these web analytics data are associated with your IP address and user account until account deactivation. Details regarding the web analytics we utilize are provided in the Advertising and Cookies section.

Anti-Bot Measures

We deploy CAPTCHA across our applications to deter brute force logins and spam activities. This serves our interest in safeguarding our apps and the broader internet community from credential stuffing attacks and spam. CAPTCHA evaluates various information (e.g., IP address, session duration, mouse movements) during account logins and certain form submissions to distinguish human activity from automated processes. WorkFocus.io receives CAPTCHA service spam score results but does not access evaluated information.

Advertising and Cookies

WorkFocus.io occasionally runs advertisements on third-party platforms such as Google. Subject to lawful permissions, we may load an ad-company script onto their browsers, setting a third-party cookie and transmitting data to the ad network for ad effectiveness assessment. This data may include ad clicks, triggering keywords, and user actions like button clicks or form submissions.

We utilize persistent first-party and some third-party cookies to retain preferences, streamline application usage, conduct A/B testing, and support certain analytics.

A cookie is a browser-stored text snippet that may aid in login retention, site preference memory, and data collection like browser type, operating system, visited web pages, duration of visit, viewed content, and click-stream data. You can adjust cookie retention settings or block individual cookies in your browser preferences, though this may impede app functionality and service usage.

Voluntary Correspondence

Correspondence sent to WorkFocus.io via email, including queries and support requests, is archived along with sender email addresses. This facilitates reference for future interactions.

We retain volunteered information, such as survey responses, with user consent. In instances of customer interviews, we seek permission to record conversations for future reference or use, acting solely upon explicit consent.

Mobile App Permissions Approach

For optional desktop and mobile apps associated with our products, consent is sought before accessing device features like contacts, calendar, or camera. Our apps function without consent, albeit some features may be inaccessible.

Information Access and Disclosure

We access or disclose your information for the following purposes:

Provision of Requested Products or Services

We engage third-party subprocessors to aid application operation and service provision. Other business functions, like managing newsletter subscriptions and conducting customer surveys, may involve third-party processors. The list of Company Processors is accessible for your reference.

Upon your integration of a third-party service with our products, we may disclose your information as per your directive.

Content examination by WorkFocus.io personnel is limited and requires your express permission, typically for troubleshooting errors disrupting automated processes. We prioritize identifying root causes to prevent reoccurrence of such events. Additionally, we may access your data to comply with legal processes.

Ad Exclusion

In compliance with applicable law, we may disclose a hashed version of your email address to ad companies

Software Bug Resolution

With your consent, we may access your content to address software bugs or provide troubleshooting assistance.

Investigation and Prevention of Misuse

Accessing a customer's account during abuse investigations is a last-resort measure. Our aim is to safeguard customer and reporter privacy while addressing issues appropriately. If product misuse is detected, we take necessary actions, including notifying relevant authorities.

Aggregated and De-identified Data

We aggregate and/or de-identify collected information for various purposes, including marketing and analytics.

Legal Compliance

WorkFocus.io, being a U.S.-based company, operates primarily from the U.S. We comply with government requests for user data only as compelled by legal processes or in emergency situations. Disclosure may occur upon receipt of a warrant, subpoena, or court order. We endeavor to notify affected users before data disclosure unless legally restricted, except in emergencies.

Preservation Requests

We adhere to data preservation requests only if mandated by the U.S. Federal Stored Communications Act or a valid U.S. subpoena. Preserved data is disclosed only when legally obligated or in the absence of an appealable court order before the preservation period lapses.

Audit Obligations

In the event of a tax authority audit, we may be required to divulge billing-related details. We disclose only necessary information, such as billing addresses and tax exemption data.

Corporate Changes

In case of WorkFocus.io acquisition or merger, affected users will be notified well in advance of any personal information transfer or alteration of privacy policies.

Your Entitlements Regarding Your Information

At WorkFocus.io, we uphold uniform data rights for all customers, irrespective of their location. These rights encompass:

  • Right to Know: Understanding the collected, used, shared, or sold personal information, detailed in this privacy policy.
  • Right of Access: Accessing personal information gathered and obtaining insights into its sharing, storage, security, and processing.
  • Right to Correction: Requesting correction of personal information.
  • Right to Erasure / "To Be Forgotten": Requesting the erasure of personal information from our possession and associated service providers, subject to applicable law.
  • Right to Complain: Lodging complaints regarding our handling of personal information with the appropriate supervisory authority.
  • Right to Restrict Processing: Requesting restrictions on personal information usage or processing, including opting out of personal information sale.
  • Right to Object: Objecting to personal information processing in specific situations.
  • Right to Portability: Receiving personal information we possess and transmitting it to another party.
  • Right to not Be Subject to Automated Decision-Making: Objecting to decisions solely based on automated processes.
  • Right to Non-Discrimination: We do not differentiate service based on data privacy rights exercise, although exercising certain rights may affect service usage.

These rights can often be exercised by updating your account information. Note that certain information may be exempt from such requests under applicable law. We may require reasonable identity verification before responding to requests. If you require assistance, contact us at info@workfocus.io or at WorkFocus.io, 1968 S. Coast Hwy, Laguna Beach, CA 92651. If an authorized agent corresponds on your behalf, written consent from the account holder is mandatory before proceeding.

Depending on applicable law, you may appeal our decision to deny your request. Information on how to exercise this right is provided in our response denying the request. You also have the right to file a complaint with a supervisory authority. EU or UK residents can contact their data protection authority for complaint filing or information on local privacy laws.

Data Security Measures

Data transmission from our servers to your browser is encrypted via SSL/TLS. Database backups are also encrypted. Additionally, rigorous measures are taken to secure data at rest. For detailed security information, refer to our Security Overview.

Regarding products, most data in our database is unencrypted to ensure prompt delivery when needed. However, we encrypt the database at work, with each field containing personal data encrypted with its unique key. Disk encryption is employed for data key storage. Servers decrypt data only when required for delivery to users.

Content Deletion Procedure

In many applications, you can trash content, which remains accessible for approximately 25 days (duration may vary slightly). After this period, trashed content becomes inaccessible via the application. Trashed content may persist on active servers for an additional 30 days, with potential backups retaining copies for another 30 days. Generally, trashed content should be purged from all systems and logs within 90 days.

Upon account cancellation, all associated content becomes immediately inaccessible and should be fully purged from our systems within 60 days. Refer to our Cancellation Policy for further information.

Data Retention Guidelines

We retain your information for the duration necessary for processing purposes. The retention period depends on collection purposes, usage, and your preferences. Upon expiration, we may delete and/or aggregate data. Legal obligations, dispute resolution, and agreement enforcement may necessitate information retention and usage beyond specified periods. Specific retention periods for various information types are outlined in this policy.

Site and Data Location

Our products and web properties are predominantly hosted in the United States. By providing us with your information or using our websites or services, you consent to data transfer and storage in the United States, even if you are located outside the U.S.

Personal Data Transfer from the EU

The European Data Protection Board (EDPB) mandates that personal data transferred outside the EU receive similar protection as granted under EU privacy law. UK law provides similar safeguards for UK user data transferred outside the UK. WorkFocus.io has adopted a data processing addendum with Standard Contractual Clauses to ensure such protection.

Ad hoc transfers of EU personal data to the U.S. may occur in specific instances, such as newsletter sign-ups or participation in surveys or online store purchases. These transfers are occasional and occur under Article 49(1)(b) derogation under GDPR and the UK version of GDPR.

Updates and Queries

We may revise this policy to comply with regulations and reflect new practices. Significant changes will be accompanied by a revision date update and notification to users subscribed to our policy updates mailing list.

For queries, comments, or concerns regarding this privacy policy, your data, or your rights, email us at info@workfocus.io.