Privacy Policy
Last updated: 7 July 2026
This Privacy Policy explains how Taa Dee ("Taa Dee", "we", "us") collects, uses, stores, and protects your information when you use the Taa Dee web application and website at taa-dee.com (the "Service").
By creating an account, requesting access, or using the Service, you agree to this Policy. If you do not agree, please do not use the Service.
Your use of the Service is also governed by our Terms of Service, which include important limitations on our responsibility and liability.
1. Who we are
Taa Dee is a project-tracking tool for freelancers and small studios. The Service is operated by the Taa Dee team. For any privacy question, contact us at privacy@taa-dee.com.
2. Information we collect
Account information: your name, email address, password (stored only as a secure one-way hash), and your role/workspace.
Content you create: projects, tasks, comments, uploaded files and images, documents, quotes and invoices, signatures, and any other information you choose to enter.
Client and guest information: when you share a project or document with a client via a share link, we process the name, email, comments, uploads, and signatures that you or your client provide through that link.
Technical and usage data: IP address, browser type, device information, log data, and basic activity needed to operate, secure, and improve the Service.
Cookies: a session cookie to keep you signed in and a small preference cookie that remembers your chosen language. See the Cookies section below.
3. How we use your information
To provide and operate the Service (your account, projects, sharing, notifications, document signing, and finance features).
To send transactional emails (invites, password resets, notifications you have enabled, and document/sign-off alerts) and, where you have an account, occasional product announcements.
To maintain security, prevent abuse and fraud, debug problems, and provide support.
To comply with legal obligations.
4. Access by Taa Dee operators
Please read this carefully. Taa Dee is operated by a small team during this early stage. Our platform operator(s) have full administrative access to the Service. This means an operator can access, view, and modify any account, including your projects, tasks, comments, uploaded files, documents, finance data, and client/guest information, and has direct access to the underlying database and file storage.
Operators may also temporarily "view as" your account (impersonation) and may see messages you send through the in-app support chat. This access is used for operating the Service: support, maintenance, debugging, data recovery, and handling abuse or legal requests.
We treat this access responsibly and limit it to what is necessary to run the Service, but you should not store information in Taa Dee that you are not comfortable with the operator being able to access.
5. Where your data is stored (sub-processors)
We host the Service and store your data with the following providers, which act as our processors:
• Supabase — database and authentication (region: Singapore).
• Cloudflare — file and attachment storage (R2), plus DNS and email routing.
• Vercel — application hosting and delivery.
• Resend — sending transactional and announcement emails.
• Gumroad — payment processing for paid plans, as Merchant of Record (handles checkout, billing and tax), if and when you purchase a paid plan.
• Google — the Google Calendar API, only if you choose to connect your Google account (see the Google Calendar section below).
Your data may be processed in the regions where these providers operate. We do not sell your personal information to anyone.
6. Sharing your information
We do not sell your data. We share it only with the sub-processors listed above to run the Service, and where required by law or to protect the rights, safety, or property of Taa Dee, our users, or others.
Content you choose to share via a share link is visible to anyone who has that link (and, where set, passes the password or email check).
7. Your responsibilities for the data you upload
Much of the personal data in the Service is data you choose to upload about other people — for example, your clients and collaborators. For that data, you act as the controller and Taa Dee acts as a processor handling it on your instructions.
You are responsible for having a lawful basis and any consents required to upload and process that data through the Service, for telling those people how their data is used where required, and for honouring their requests. You agree to indemnify Taa Dee for claims arising from data you upload without the rights or consents needed (see the Terms of Service).
8. Data retention and deletion
We keep your information for as long as your account is active or as needed to provide the Service.
When you delete content (tasks, posts, files, documents), it is soft-deleted and retained for a short grace period (by default about 14 days) so it can be restored, after which it is permanently removed.
You may request deletion of your account and associated data by contacting us at privacy@taa-dee.com. Some information may be retained where required by law.
9. Security
We use industry-standard measures including encrypted connections (HTTPS), hashed passwords, access controls, and reputable infrastructure providers. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.
10. Your rights
Depending on your location, you may have the right to access, correct, export, or delete your personal data, and to object to or restrict certain processing. To exercise these rights, contact us at privacy@taa-dee.com.
11. Cookies
We use a strictly necessary session cookie to keep you signed in, and a preference cookie to remember your language. We do not use advertising or third-party tracking cookies.
12. Children
The Service is not intended for individuals under 16. We do not knowingly collect personal data from children.
13. Limitations
Nothing in this Policy limits or overrides the disclaimers of warranty, the limitation of liability, or the other protections set out in our Terms of Service.
14. Changes to this Policy
We may update this Policy from time to time. We will update the "Last updated" date above and, for material changes, take reasonable steps to notify you.
15. Google Calendar integration (Google API Services)
If you choose to connect your Google account, Taa Dee uses the Google Calendar API to create and maintain a dedicated "Taa Dee" calendar in your Google account and to add, update, and remove all-day events for the tasks assigned to you. This is one-way only: Taa Dee writes to that calendar; it does not read, share, or modify your other calendars or events.
We request the minimum scopes needed for this feature (Google Calendar access). We store an encrypted Google refresh token so the sync can run. You can disconnect at any time from Settings → Integrations, which revokes our access, stops syncing, and removes the dedicated calendar. You can also revoke access from your Google Account security settings, and you may delete the stored token and synced data by contacting us at privacy@taa-dee.com.
Taa Dee’s use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. We use Google user data only to provide and improve the calendar-sync feature described above; we do not transfer or sell it to third parties, do not use it for advertising, and do not allow humans to read it except where necessary for security, to comply with applicable law, or with your explicit consent.
Questions about this Policy? Email privacy@taa-dee.com.