TaskAt

Privacy Policy

TaskAt Inc.

Effective Date: January 1, 2026

Last Updated: January 1, 2026

Company: TaskAt Inc. ("TaskAt," "we," "us," "our")

Website: taskat.ai

Contact: hello@taskat.ai

This Privacy Policy explains how TaskAt collects, uses, discloses, and protects information when you use our websites, applications, and services (collectively, the "Service").

If you use TaskAt on behalf of an organization, your organization may control how information is used. In that case, we act as a service provider/processor for Customer Data (defined below).

1. What We Collect

1.1 Account & Workspace Information

  • Name, email, password or authentication identifiers (e.g., SSO provider ID)
  • Workspace/organization name, billing details (processed by a payment provider)
  • Roles, permissions, team membership

1.2 Customer Data You Provide or Send Through the Service

"Customer Data" includes content you or your clients submit to TaskAt, such as:

  • Emails and headers you forward into TaskAt (subject, sender/recipient, Message-ID, In-Reply-To/References, timestamps)
  • Email body content and extracted metadata (participants, quoted text)
  • Attachments (files uploaded via the client portal or received via email, where supported)
  • Requests you create (titles, descriptions, due dates, reminder settings)
  • Client/contact info (name, email, company, role)
  • Replies from clients (email replies, portal responses, approvals)

1.3 AI Inputs and Outputs

If you use AI features, we process:

  • Inputs derived from Customer Data (e.g., request context, thread messages, last activity)
  • AI-generated outputs (draft follow-ups, summaries, extracted proposals, reply classifications)

1.4 Usage & Device Data

We collect data about how the Service is used:

  • IP address, device and browser type, operating system
  • Log data (pages viewed, features used, timestamps, error logs)
  • Security events (login attempts, suspicious activity)

1.5 Cookies and Similar Technologies

We use cookies/local storage for:

  • Authentication/session management
  • Preferences (theme, UI settings)
  • Analytics (optional; see Section 7)

2. How We Use Information

We use information to:

  • Provide and operate the Service (threads, requests, follow-ups, portal access)
  • Send emails and reminders you initiate (outbound delivery) and process inbound replies
  • Generate AI-assisted drafts, summaries, and classifications (when enabled)
  • Prevent abuse, spam, fraud, and to protect deliverability (rate limiting, suppression lists)
  • Provide support, troubleshoot issues, and improve performance
  • Manage billing, subscriptions, and account administration
  • Comply with legal obligations and enforce our Terms

3. Legal Bases (EEA/UK Users)

If GDPR/UK GDPR applies, we process personal data under:

  • Contract: to provide the Service you request
  • Legitimate interests: to secure and improve the Service, prevent abuse, and maintain deliverability
  • Consent: for optional cookies/marketing (where required)
  • Legal obligation: to comply with laws and lawful requests

4. How Email Works in TaskAt (Important)

TaskAt is designed to help you manage client requests via email + portal.

4.1 Forwarded Emails

When you forward an email to your TaskAt forwarding address, we may:

  • Store the message content and headers
  • Create or update a "thread"
  • Run extraction to propose actionable requests (if you trigger AI extraction)

4.2 Outbound Emails

When you send a request or follow-up:

  • We send email via our email delivery provider (e.g., Resend)
  • We include reply routing headers and a reply-to address to connect replies to the correct request/thread
  • We may store delivery events (delivered/opened/bounced/complained) to protect deliverability

4.3 Replies and Webhooks

When clients reply:

  • Our provider sends us a webhook (inbound event)
  • We parse the reply and associate it with the correct request/thread
  • We may classify the reply (approved/changes requested/ambiguous) if AI features are enabled

5. Sharing and Disclosure

5.1 Service Providers (Subprocessors)

We share information with vendors that help us run the Service, such as:

  • Email delivery/inbound processing (e.g., Resend)
  • AI model providers (e.g., OpenAI) for AI features
  • Cloud hosting and storage (Supabase for database and file storage)
  • Authentication/identity (Clerk)
  • Analytics (optional)
  • Payment processing (e.g., Stripe)

These vendors are authorized to process information only to provide services to TaskAt.

5.2 Your Team and End Users

Within your workspace, admins and permitted users may access Customer Data depending on permissions you set.

5.3 Legal, Safety, and Enforcement

We may disclose information if required to:

  • Comply with law, regulation, subpoena, or lawful request
  • Protect rights, safety, and security of TaskAt, users, or the public
  • Investigate fraud, abuse, or security issues

5.4 Business Transfers

If TaskAt is involved in a merger, acquisition, financing, or sale of assets, information may be transferred as part of that transaction, subject to standard protections.

6. AI Features and Data Use

TaskAt offers AI-assisted features (draft follow-ups, thread extraction, reply classification).

  • You control AI usage: AI features may be optional or configurable in Settings.
  • Human review required: AI outputs can be wrong; you should review before sending or relying on them.
  • AI providers: When AI is used, relevant content may be transmitted to an AI provider to generate outputs.
  • We do not sell Customer Data: We do not sell your email content, attachments, or client data.

We do not allow AI providers to use Customer Data to train their models where available under our vendor settings/agreements.

7. Cookies, Analytics, and Marketing

  • Essential cookies are used for login, security, and core features.
  • Analytics cookies may be used to understand usage and improve the Service. Where required, we will request consent.
  • Marketing communications: If you subscribe to updates, you can opt out anytime via unsubscribe links or by contacting us.

8. Data Retention

We retain information as long as needed to provide the Service and for legitimate business purposes, such as:

  • Maintaining threads and request history
  • Preventing abuse and preserving deliverability (e.g., suppression lists)
  • Meeting legal obligations

Typical retention examples:

  • Threads/messages/requests: Retained until you delete them or close your account, subject to backups
  • Attachments: Retained until request deletion or workspace retention policy
  • Logs: Retained for 30-180 days
  • Suppression events (bounces/complaints): Retained as needed for deliverability compliance

You may request deletion as described in Section 11.

9. Security

We use reasonable administrative, technical, and organizational measures to protect data, such as:

  • Encryption in transit (TLS)
  • Access controls and least privilege
  • Rate limiting and abuse prevention
  • Tokenized reply routing and secure public links (where applicable)

No method of transmission or storage is 100% secure. You are responsible for safeguarding your account credentials and configuring appropriate access controls in your workspace.

10. International Data Transfers

If you access TaskAt from outside the country where our servers are located, your information may be transferred internationally. Where required, we use appropriate safeguards (e.g., Standard Contractual Clauses) for transfers.

11. Your Rights and Choices

11.1 Account & Workspace Controls

You can access, update, or delete certain information through the Service (e.g., contacts, requests).

11.2 Privacy Rights (Depending on Location)

You may have rights to:

  • Access your personal data
  • Correct inaccurate data
  • Delete data
  • Object to or restrict processing
  • Data portability

To exercise rights, contact us at hello@taskat.ai. We may need to verify your identity.

11.3 Client/End User Requests

If you are an end user (e.g., a client responding via a portal), please contact the organization that invited you, as they control Customer Data.

12. Children's Privacy

The Service is not intended for children under 13 (or the minimum age required by local law). We do not knowingly collect data from children.

13. Changes to This Policy

We may update this Privacy Policy from time to time. If changes are material, we will provide notice (e.g., in-app or by email). The "Last Updated" date reflects the latest version.

14. Contact Us

For questions or requests:

hello@taskat.ai

TaskAt Inc.

Terms of Service Sign Up Home