Privacy Policy

Information You Provide

• Account Information: When you register for DoneThat, we collect information such as your name, email address, organization name, job title or role, billing information, and other profile details you choose to provide (for example, profile pictures or similar identifiers).
• Recorded Content & Raw Activity Data: Work-related content and signals you or your organization choose to capture through the Service, which may include, for example, screenshots, window titles, activity logs, notes, audio recordings or transcripts, and other work activity information.
• Derived Data: Summaries, categorizations, tags, analytics, and other insights generated from your use of the Service (for example, time allocation across projects or activities, productivity indicators, or work patterns).
• User Generated Content: Any activity on the DoneThat platform including, for example, post reactions, comments, goals and todos, manual time entries, working hours or availability information, AI coach or agent interactions, user settings, and other content you voluntarily submit.
• User Feedback: Information you provide when you contact our support team, participate in research, or respond to surveys and product feedback requests.

Information Collected Automatically

• Usage Data: Information about how you interact with DoneThat, including, for example, features used, time spent on the Service, actions taken, and general engagement patterns.
• Device & Technical Information: Information about the devices and software used to access DoneThat, such as IP address, browser type, operating system, device identifiers, and similar technical data.
• Cookies and Similar Technologies: We use cookies and similar tracking technologies to collect information about your browsing activities, maintain your session and preferences, and help secure and personalize the Service.
• Analytics Data: We use analytics services (such as Google Analytics) to collect and analyze usage data across our website (donethat.ai), our web application (app.donethat.ai), and our desktop application. This may include information about how you interact with our services, pages visited, time spent on features, and other usage patterns. This data helps us improve our services and understand how users engage with our platform.

AI Analysis of Recorded Content

DoneThat utilizes third-party AI services to analyze Recorded Content and generate Derived Data (for example, summaries, categorizations, and insights).

Third-Party AI Provider Selection

We select third-party AI providers that maintain appropriate security measures and data handling practices. However, once data is shared with these providers, their processing is also governed by their own privacy policies and terms. Details about our providers can be found on our Subprocessors page.

Data Minimization

We take reasonable steps to ensure that sensitive information is not unnecessarily extracted from Recorded Content. In particular:

• Raw Recorded Content: Neither we nor our third-party AI providers store raw Recorded Content (such as images or audio) beyond the duration of the analysis without explicit user or customer consent.
• Derived Data: We store Derived Data (for example, summaries and text logs) in order to provide your history, analytics, and product features, until you delete it or your account is terminated, subject to any legal retention requirements.

Bring Your Own AI (BYO-AI)

If you configure the Service to use your own AI provider credentials ("Bring Your Own Key" or BYO-AI), your Raw Activity Data will be sent directly to and processed by your chosen AI provider and will not be shared with DoneThat's default AI partners.

Within Your Organization

Information and analyzed content is shared within your organization according to the permissions and settings configured by your account administrator.

Service Providers

Third-party vendors, consultants, and service providers who require access to perform work on our behalf, including cloud hosting providers, payment processors, and analytics services. A complete list of our subprocessors, including their locations and purposes, is available on our Subprocessors page.

Third-Party AI Partners

The third-party AI services that analyze Recorded Content and other content submitted to the Service.

Business Transfers

If we are involved in a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred as part of that transaction.

Legal Requirements

If required to do so by law or in response to valid legal process, or if we believe that disclosure is reasonably necessary to protect our rights, property, or safety and that of our users or the public.

Access and Correction

You can access and update your personal information through your account settings. If you need assistance accessing or correcting your information, please contact our support team.

Data Export

You can request a copy of your personal information in a structured, commonly used, and machine-readable format. We will provide this data within 30 days of your request.

Deletion

You can request the deletion of your personal information. We will honor your request unless we are legally required to retain certain information or need it to protect our legal rights.

Processing Preferences

You can control how we process your data by adjusting your account settings or contacting us. This includes managing your communication preferences and data processing options.

Exercising Your Rights

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within 30 days. We may need to verify your identity before processing your request.