TZ
TaskZen
LoginSign Up

Legal Documents

GDPR Compliance

Last updated: March 18, 2025

1. Introduction

At TaskZen.me, we are committed to protecting the privacy and rights of our users. This GDPR Compliance Statement explains how we comply with the European Union's General Data Protection Regulation (GDPR) and outlines the rights of EU data subjects.

2. Data Controller

TaskZen.me acts as a data controller for the personal data we collect and process. As a data controller, we determine the purposes and means of processing personal data.

Our contact information is:

TaskZen Inc.
123 Productivity Lane, Suite 456
San Francisco, CA 94103, USA
Email: privacy@taskzen.me

3. Data Protection Officer

We have appointed a Data Protection Officer (DPO) who is responsible for overseeing our data protection strategy and implementation to ensure compliance with GDPR requirements.

You can contact our DPO at:

Email: dpo@taskzen.me
Address: TaskZen Inc., 123 Productivity Lane, Suite 456, San Francisco, CA 94103, USA

4. Lawful Basis for Processing

We process personal data only when we have a lawful basis to do so. The lawful bases we rely on for processing personal data include:

  • Consent: When you have given clear consent for us to process your personal data for a specific purpose.
  • Contract: When processing is necessary for the performance of a contract with you or to take steps at When processing is necessary for the performance of a contract with you or to take steps at your request before entering into a contract.
  • Legal Obligation: When processing is necessary for compliance with a legal obligation to which we are subject.
  • Legitimate Interests: When processing is necessary for our legitimate interests or the legitimate interests of a third party, except where such interests are overridden by your interests or fundamental rights and freedoms.

5. Your Rights Under GDPR

Under the GDPR, EU data subjects have the following rights:

  • Right to Access: You have the right to request a copy of the personal data we hold about you.
  • Right to Rectification: You have the right to request that we correct any inaccurate or incomplete personal data we hold about you.
  • Right to Erasure (Right to be Forgotten): You have the right to request that we delete your personal data in certain circumstances.
  • Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data in certain circumstances.
  • Right to Data Portability: You have the right to request that we transfer your personal data to another service provider in a structured, commonly used, and machine-readable format.
  • Right to Object: You have the right to object to the processing of your personal data in certain circumstances, including processing for direct marketing or based on legitimate interests.
  • Right to Withdraw Consent: If we rely on your consent to process your personal data, you have the right to withdraw that consent at any time.

To exercise any of these rights, please contact us at privacy@taskzen.me. We will respond to your request within one month.

6. Data Protection Measures

We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

  • Encryption of personal data
  • Regular testing and evaluation of the effectiveness of security measures
  • Ability to ensure the ongoing confidentiality, integrity, availability, and resilience of processing systems and services
  • Ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident
  • Regular staff training on data protection and security

7. International Data Transfers

We may transfer personal data to countries outside the European Economic Area (EEA). When we do, we ensure that appropriate safeguards are in place to protect your personal data, such as:

  • Standard Contractual Clauses approved by the European Commission
  • Binding Corporate Rules
  • Adequacy decisions by the European Commission

8. Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority without undue delay and, where feasible, within 72 hours after becoming aware of the breach.

If the breach is likely to result in a high risk to your rights and freedoms, we will also notify you directly without undue delay.

9. Data Protection Impact Assessment

We conduct Data Protection Impact Assessments (DPIAs) for processing operations that are likely to result in a high risk to the rights and freedoms of individuals, particularly when using new technologies.

10. Records of Processing Activities

We maintain records of our processing activities as required by Article 30 of the GDPR, including the purposes of processing, categories of data subjects and personal data, recipients of personal data, and time limits for erasure.

11. Contact Us

If you have any questions about our GDPR compliance or wish to exercise your rights, please contact us at:

Email: privacy@taskzen.me
Address: TaskZen Inc., 123 Productivity Lane, Suite 456, San Francisco, CA 94103, USA

12. Complaints

If you are not satisfied with our response to your request or believe our processing of your personal data does not comply with data protection law, you have the right to lodge a complaint with a supervisory authority. The supervisory authority in your EU member state is responsible for handling such complaints.