E
Etappi
One etappi at a time

Etappi

© 2026 Etappi

PrivacyTermsContact
Privacy Policy · Etappi

Last updated: June 10, 2026 · v1.2.0

Privacy Policy

Last updated: June 10, 2026

1. Who we are

Etappi is operated by Oles Didukh, an individual sole proprietor resident in Ukraine. Questions about this policy or the data we hold about you can be sent to oles.didukh@gmail.com.

2. What we collect

  • Account information. Your email address and display name, provided through Clerk when you sign up or sign in.
  • Your content. Tasks, projects, notes, tags, and related metadata that you create in the app. Stored in a Postgres database operated by Neon.
  • Crash and error telemetry. Stack traces, device model, operating system version, and anonymous session identifiers, collected via Sentry when the app encounters an error.
  • Push delivery metadata. Expo push tokens tied to your account so we can deliver reminders and notifications.
  • Rate-limiting metadata. Your user ID (or IP address for unauthenticated requests) and short-lived request counters, held in Redis to prevent abuse.

We do not use advertising identifiers. We do not set analytics cookies. The only cookie the service uses is Clerk's authentication session cookie, which is required to keep you signed in.

3. Why we collect it

  • To operate the service you signed up for.
  • To debug crashes and errors so we can fix them.
  • To deliver push notifications you have asked to receive.

For users in the European Economic Area and the United Kingdom, the legal bases under Art. 6 GDPR are:

  • Performance of a contract (Art. 6(1)(b)) — account information, your content, and push delivery metadata: we cannot provide the service without them.
  • Legitimate interest (Art. 6(1)(f)) — crash and error telemetry, and rate-limiting metadata: keeping the service secure and working. You can object by emailing us.
  • Consent (Art. 6(1)(a)) — sending your content to the AI processor: in-app AI actions run only when you trigger them, and email capture runs AI extraction only on messages sent to the private inbox alias you set up (available on AI plans). No content reaches the AI processor outside these flows.

4. Processors

We share data with the following third-party processors. Each is used only for the purpose described.

| Processor | Purpose | Region | Status | |-----------|---------|--------|--------| | Clerk | Authentication and session management | United States | Active | | Neon | Postgres database hosting | United States | Active | | Sentry | Crash and error telemetry | United States | Active | | Expo Push | Push notification relay to APNs / FCM | United States | Active | | Upstash | Redis-backed rate limiting (stores user-ID- or IP-keyed request counters, no content) | United States | Active | | Cloudflare R2 | Storage for user-uploaded file attachments and export archives | Global | Active | | Anthropic | AI features (task decomposition, planning, prioritisation, scheduling, quick-add parsing, email capture) — receives the text you submit to an AI action, the titles, descriptions, due dates, deadlines, priorities, and durations of the tasks involved, and the subject and body of messages sent to your private inbox alias; not used to train models | United States | Active | | Resend | Transactional email delivery | United States | Planned |

"Planned" processors may be added in a future release. This policy will be updated before any planned processor begins handling your data.

5. Retention

  • Account deletion triggers a hard delete of your account and content within 30 days.
  • Crash telemetry is retained in Sentry for 90 days and then deleted automatically.
  • Database backups are retained per Neon's backup window for the plan we use.

6. Your rights

You can export all of your data at any time, on any plan, from Settings → Account → Data export (instant JSON/CSV download, or an emailed archive). You can also request access to, correction of, or deletion of your personal data by emailing oles.didukh@gmail.com. We respond to valid requests within 30 days.

7. International transfers

Data is stored with processors operating in the United States or with globally distributed infrastructure. By using the service you consent to your data being transferred to and stored in these regions. We rely on the processors' own safeguards for cross-border data handling.

8. Children

Etappi is intended for users aged 13 and older. We do not knowingly collect personal data from anyone under 13. If you believe we have collected data from a child under 13, email us and we will delete it.

9. Browser extension ("Save to Etappi")

The optional "Save to Etappi" browser extension lets you capture the page you are viewing as a task in your account. It handles data as follows:

  • What it reads. Only the current tab's URL and title, and only at the moment you open the extension and choose to save. It does not read page contents, track your browsing, or access other tabs.
  • What it stores. A single Etappi access token, held locally on your device in the browser's extension storage. The token is not synced across devices and is sent only to Etappi to authenticate your requests. Disconnecting in the extension or uninstalling it removes the token.
  • What it transmits. When you save, it sends the task title you confirmed, the source page URL, and the project you selected — to the Etappi API only, over HTTPS. It contains no analytics, no advertising, and no third-party tracking, and it loads no remote code.

The extension introduces no new processors beyond those listed in section 4.

10. Changes to this policy

We may update this policy. Material changes will trigger an in-app notification. The effective date at the top of this page always reflects the current version.

11. Contact

oles.didukh@gmail.com