Overtask LogoOvertask

Privacy Policy

Last updated: July 10, 2025

This Privacy Policy explains how Overtask ("We," "Us," or "Our") collects, uses, and protects your personal data when you use our Service. It applies to both free and paid users, though access to the full Service beyond the landing page requires a paid subscription. By using the Service, you agree to the collection and use of your data as described in this policy.

Interpretation and Definitions

Interpretation

Words with capitalized initial letters have specific meanings defined below, applicable in both singular and plural forms.

Definitions

  • Account: A unique account created for you to access our Service.
  • Company: Overtask, referred to as "We," "Us," or "Our."
  • Country: Switzerland.
  • Personal Data: Any information relating to an identified or identifiable individual.
  • Service: The Overtask website (https://www.overtask-app.com).
  • Service Provider: Third parties processing data on our behalf, including Convex for data storage, Clerk for authentication, Lemonsqueezy for payment processing, Vercel for analytics and hosting, and calendar service providers.
  • Usage Data: Automatically collected data from your use of the Service (e.g., IP address, browser type).
  • Subscription: Paid services offering additional features beyond the free tier.
  • You: The individual or entity using the Service.

Collecting and Using Your Personal Data

Types of Data Collected

Personal Data

When you use our Service, we may collect:

  • Email address
  • First and last name
  • Task and Project Data: Tasks, projects, descriptions, priorities, deadlines, time estimates, completion status
  • User Preferences: Work schedules, time zones, task duration preferences, blocked time slots, notification settings
  • Location Information: Optional location data you associate with tasks
  • Notification Data: In-app notifications, notification read/dismiss status, related task references
  • Calendar Files: ICS calendar files you upload for processing and integration
  • Calendars you import from service providers like Google and Microsoft Outlook. For details on how these providers handle your calendar data, see Google's Privacy Policy and Microsoft's Privacy Statement.

Calendar Integration Data

When you connect external calendar services (Google Calendar, Microsoft Outlook), we store:

  • Access tokens and refresh tokens: OAuth credentials that allow us to access your calendar data on your behalf
  • Webhook subscription data: Channel IDs, subscription IDs, and resource identifiers that enable real-time calendar updates
  • Sync tokens: Tokens that help us efficiently synchronize only new or changed calendar events
  • Calendar metadata: Information about which specific calendars you've selected for integration

We store these tokens securely to maintain continuous access to your calendar data and provide real-time synchronization features. You can revoke this access at any time by disconnecting the calendar integration in your settings, which will delete all stored tokens and credentials.

For account creation and authentication, we use Clerk. Your email and name are processed by Clerk, and we store this data in our systems via Convex. See Clerk's Privacy Policy and Convex's Privacy Policy for more information.

Payment Data

If you subscribe to our paid services, we use Lemonsqueezy to process payments. Your payment information (e.g., credit card numbers, billing addresses) is collected and processed by Lemonsqueezy. We do not store your full payment details. See Lemonsqueezy's Privacy Policy for details.

Usage Data and Analytics

We automatically collect Usage Data to monitor, improve, and secure our Service:

  • Technical Data: IP addresses, browser type, device information, operating system
  • Usage Analytics: Page views, feature usage, and user interactions via Vercel Analytics
  • Rate Limiting Data: Request patterns and frequency to prevent abuse and ensure service stability
  • Security Monitoring: Access patterns and suspicious activity detection

Tracking Technologies and Cookies

We use cookies primarily for authentication. Currently, we do not use cookies for analytics or marketing, but we may do so in the future. If we implement additional cookies, we will update this policy and provide options to manage your preferences.

Use of Your Personal Data

We use your Personal Data to:

  • Provide and maintain the Service, including managing your projects and tasks.
  • Manage your account and authentication.
  • Process your payments through Lemonsqueezy.
  • Contact you about updates or Service-related matters.
  • Analyze usage to improve the Service.
  • Automated Task Scheduling: Automatically schedule your tasks based on preferences, deadlines, and calendar availability.
  • Generate Notifications: Create deadline warnings and task reminders based on your settings.
  • Security and Rate Limiting: Monitor usage patterns to prevent abuse and maintain service quality.
  • Send marketing communications (e.g., newsletters, promotions), but only if you have opted in to receive them.

When you import calendars, you consent to our processing of that data to provide features like task scheduling and reminders.

We do not use Google Workspace APIs or Microsoft Graph APIs to develop, improve, or train generalized AI and/or ML models.

We do not sell your Personal Data.

By using the Service, you consent to the collection and use of your Personal Data as described here. You can manage your preferences for non-essential data collection, such as marketing communications, through your account settings. However, you cannot opt out of providing essential data like task information, as it's necessary for the Service to function.

Sharing of Your Personal Data

We share your Personal Data with third-party service providers to operate the Service:

These providers are contractually obligated to protect your data and use it only for specified purposes.

International Data Transfers

Your data may be processed and stored in countries outside your country of residence, including the United States and European Union, where our service providers operate their infrastructure.

Automated Decision Making

Our Service uses automated algorithms to schedule your tasks based on your preferences, deadlines, and calendar availability. This automated processing is necessary to provide the core functionality of our Service. You can adjust your preferences at any time in your settings to influence these automated decisions.

Retention of Your Personal Data

We retain different types of Personal Data for varying periods based on their purpose:

  • Account Data: Retained while your account is active and for a reasonable period after deletion
  • Task and Project Data: Retained while your account is active and deleted when you delete your account
  • Calendar Integration Tokens: Automatically expire according to provider settings or when you disconnect integration
  • Notification Data: May be automatically cleaned up after a certain period of inactivity
  • Usage and Analytics Data: Retained according to our legitimate interests and service provider policies
  • Security Logs: Retained for reasonable periods necessary for security monitoring and compliance

We implement reasonable security measures, such as encryption and access controls, to protect your data throughout its retention period.

Your Data Protection Rights

You have the right to:

  • Access your Personal Data.
  • Request correction of inaccurate data.
  • Request deletion of your data.
  • Object to processing for non-essential purposes (e.g., marketing).

To exercise these rights, contact us at [email protected].

If you are in Switzerland, you have rights under the FADP. If you are in the EEA, GDPR rights apply. If you are in California, CCPA/CPRA rights apply.

Security of Your Personal Data

We prioritize your data's security, including special protections for sensitive data like imported calendars. However, no method is 100% secure, so we cannot guarantee absolute protection.

Children's Privacy

Our Service is not for users under 13. We do not knowingly collect their data.

Changes to This Privacy Policy

We may update this policy, notifying you via email or the Service. Check back periodically.

Contact Us

Questions? Email us at [email protected].

© 2025 Overtask. All rights reserved.