Privacy Policy

1. Introduction

Gameplan ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our gamified team task management platform.

Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the Service.

2. Information We Collect

2.1 Personal Information

We collect information that you provide directly to us:

• Account Information: Name, email address, password, and profile details
• Organization Information: Company name, industry, size, and billing details
• User Content: Tasks, comments, team names, project details, and other content you create
• Communication Data: Messages sent through the platform and support inquiries

2.2 Automatically Collected Information

When you access our Service, we automatically collect:

• Log Data: IP address, browser type, device information, and access times
• Usage Data: Features used, pages visited, actions performed, and time spent
• Cookies and Tracking: Session cookies for authentication and functionality

3. How We Use Your Information

We use the information we collect to:

• Provide, operate, and maintain the Service
• Process your transactions and manage subscriptions
• Send administrative information and updates
• Respond to your inquiries and provide customer support
• Improve and personalize your experience
• Monitor and analyze usage patterns and trends
• Detect and prevent fraud and security incidents
• Comply with legal obligations

4. Data Sharing and Disclosure

4.1 We Do Not Sell Your Data

We do not sell, trade, or rent your personal information to third parties.

4.2 When We Share Information

We may share your information in the following circumstances:

• Within Your Organization: Data is shared with members of your organization based on role permissions
• Service Providers: Third-party vendors who perform services on our behalf (hosting, analytics, support)
• Legal Requirements: When required by law, court order, or government regulation
• Business Transfers: In connection with a merger, acquisition, or sale of assets
• With Your Consent: When you explicitly approve sharing

5. Data Security and Multi-Tenant Architecture

We implement industry-standard security measures to protect your data:

• Data Isolation: Each organization's data is strictly isolated using our multi-tenant architecture
• Encryption: Data is encrypted in transit using TLS/SSL and at rest
• Access Controls: Role-based permissions limit data access
• Authentication: Secure JWT-based authentication with password hashing
• Regular Backups: Automated backups to prevent data loss
• Security Monitoring: Continuous monitoring for suspicious activity

Important: No method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

6. Data Retention

We retain your information for as long as your account is active or as needed to provide services. When you close your account:

• Your personal data will be deleted within 90 days
• Some data may be retained for legal or compliance purposes
• Backups containing your data will be deleted according to our backup retention policy

7. Your Privacy Rights

Depending on your location, you may have the following rights:

• Access: Request a copy of your personal data
• Correction: Update inaccurate or incomplete data
• Deletion: Request deletion of your data (subject to legal requirements)
• Portability: Receive your data in a machine-readable format
• Objection: Object to processing of your data
• Restriction: Request limitation of data processing

To exercise these rights, please contact us at privacy@gameplan.com

8. GDPR Compliance (European Users)

If you are in the European Economic Area (EEA), we process your data based on the following legal grounds:

• Contract: Processing necessary to fulfill our contract with you
• Consent: You have given explicit consent
• Legitimate Interests: For business operations and service improvement
• Legal Obligation: To comply with legal requirements

9. CCPA Compliance (California Residents)

California residents have additional rights under CCPA:

• Right to know what personal information is collected
• Right to know if personal information is sold or disclosed
• Right to say no to the sale of personal information
• Right to access your personal information
• Right to equal service and price

Note: We do not sell your personal information.

10. Cookies and Tracking Technologies

We use cookies and similar technologies for:

• Essential Cookies: Required for authentication and security
• Functional Cookies: Remember your preferences and settings
• Analytics Cookies: Understand how you use the Service

You can control cookies through your browser settings, but this may limit Service functionality.

11. Children's Privacy

Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child, please contact us immediately.

12. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place to protect your data in compliance with applicable laws.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by:

• Posting the new policy on this page
• Updating the "Last updated" date
• Sending an email notification for material changes

14. Contact Us

If you have questions or concerns about this Privacy Policy, please contact us: