Your Privacy and GDPR

CEO & Co-Founder
2 min read

Since we launched in 2012, you’ve trusted us to store and protect your personal and project information when forecasting your team’s time. We take this job very seriously, in the same way that we do protecting our own company data.

On May 25, the European Union’s General Data Protection Regulation (GDPR) will take effect, and with that, new privacy laws that impact the processes and practices for how we store and protect your data.

Our company will be meeting GDPR compliance requirements for all of our customers — not just for those in the EU — and we’ll continue to operate with best practices when it comes to privacy and protecting your data. Here is a summary of some of the actions we are taking:

Secure data transfer and storage

As part of the GDPR compliance process, we’ve assigned a Data Protection Officer and completed an Information Audit.

We currently support AES 256-bit encryption and TLS 1.2., and we one-way encrypt all passwords. We make HTTPS encryption (also referred to as SSL or TLS) available on every one of our logins. We are PCI compliant and don’t store credit card information.

Right to data portability

We offer a number of ways for you to export your data, via both CSV and API formats. Here is a guide we’ve put together to help you navigate these processes.

Right to object & right to rectify

All of your available personal data can be viewed and amended at any time via our web application or our API.

You can also unsubscribe from our marketing email by following the unsubscribe link at the bottom of the message.

You can review the type of information we collect as part of our Privacy Policy. If you are unsure of the type or accuracy of personal data we have stored, you can email us at and we’ll clarify, and where necessary, correct.

Right to erasure

The Account Owner can delete your entire account from the Account Settings section at any time. All your content will be deleted from our servers within 30 days. Individual people and project data can also be deleted at any time from within the app or via our API by your account admins.

Prompt breach notification

You’ll be notified promptly of breaches involving your personal data per the GDPR requirements outlined in Art. 34. You can also monitor the status of our account-wide systems at any time from our live status page:

Terms and agreements

We’re in the process of updating our Terms of Use and Privacy policy with a Data Processing Agreement to meet GDPR compliance requirements.

Leading up to and following May 25, 2018, you are welcome to contact us at with any questions about GDPR and your data.

We’re in favor of these new regulations, and the impact they will have on how businesses behave with your personal data. Thank you for trusting us to date.

Read it first, every month

The best tools and tips for asynchronous remote work delivered to your inbox

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.