ExtensionSolutionsPricing
Sign inStart Free — No Credit Card

Legal

Privacy Policy

Effective date: April 21, 2026 · Last updated: April 21, 2026

1. Introduction

Woable ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains what information we collect, how we use it, and your rights regarding your personal data when you use our web application, Chrome extension, and related services (the "Service").

2. Information We Collect

We collect information necessary to provide and improve the Service. Here is a detailed breakdown:

2.1 Account Information

When you create an account, we collect:

  • Name — Used to identify you to other workspace members.
  • Email address — Used for authentication, notifications, and billing correspondence.
  • Profile avatar — An optional image to personalize your profile.

2.2 User-Generated Content

As you use the Service, you generate content that we store to deliver core functionality:

  • Tasks: Task names, descriptions, statuses, priorities, due dates, and assignees.
  • Comments: Text content posted on tasks, including @mentions.
  • Projects & Workspaces: Names, descriptions, member lists, and role assignments.
  • URLs & Domain Names: Captured when you create a task through the Chrome Extension. Only the URL of the page where you initiated the task is stored — we do not track your browsing history.

2.3 Usage & Activity Data

  • Last sign-in timestamp — To display online status to workspace members.
  • Last seen timestamp — To show recent activity within workspaces.
  • Task activity logs — Records of task creations, updates, and status changes for audit trails.
  • Notification preferences — Your customized notification settings (e.g., mentions, assignments, deadlines).

2.4 Chrome Extension Data

The Chrome Extension collects and stores:

  • Domain filter preferences: Your whitelist or blacklist configuration for controlling which websites the Extension is active on.
  • Extension enable/disable state.

The Extension does not collect browsing history, page content, form data, cookies, or any data from websites you visit unless you explicitly create a task.

2.5 Billing Information

Payment processing is handled entirely by Lemon Squeezy. We store only your subscription ID and plan tier. We do not store credit card numbers, CVVs, or any sensitive financial data on our servers.

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Service.
  • Authenticate your identity and manage your account.
  • Process billing and manage subscription seat counts.
  • Send transactional emails (e.g., workspace invitations, notification digests, billing receipts).
  • Display your name and avatar to other members within your workspaces.
  • Show "online" and "last seen" status to your teammates.
  • Enforce plan limits (projects, seats, guests) based on your subscription tier.
  • Respond to support requests and communicate important service updates.

We do not sell, rent, or share your personal information with third parties for marketing purposes.

4. Third-Party Services

We rely on trusted third-party providers to operate the Service:

  • Supabase — Authentication and database hosting. Your account credentials and application data are stored securely on Supabase infrastructure.
  • Lemon Squeezy — Payment processing. Handles all financial transactions and stores payment details securely. Woable does not have access to your full payment information.
  • Resend — Transactional email delivery. Used to send workspace invitations, notification emails, and billing receipts.

Each third-party provider operates under their own privacy policies. We encourage you to review them independently.

5. Data Sharing & Disclosure

Your information is shared only in these circumstances:

  • Within your Workspace: Your name, email, avatar, and online status are visible to other members of workspaces you have joined. Task content is visible based on project-level access controls (Public, Private, or Shared).
  • Service Providers: As described in Section 4, to operate essential service functionality.
  • Legal Requirements: If required by law, regulation, legal process, or governmental request.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred as part of the transaction. We will notify you of any such change.

6. Data Security

We take the security of your data seriously and implement industry-standard measures including:

  • Encryption in transit (TLS/HTTPS) for all communications.
  • Encryption at rest for stored data.
  • Role-based access controls within the platform (Owner, Member, Guest; Admin, Editor, Commenter, Viewer).
  • Project-level member restrictions to ensure sensitive data is only accessible by authorized team members.
  • Secure authentication via Supabase with support for email-based login.

While we strive to protect your information, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security.

7. Data Retention

We retain your data for as long as your account is active or as needed to provide the Service. Upon account deletion:

  • Your personal profile data is soft-deleted immediately and permanently removed within 30 days.
  • Comments you authored may remain visible to preserve conversation context, but your name will be anonymized.
  • Task and activity data within workspaces you owned may be retained for the workspace's purposes unless the entire workspace is deleted.
  • Billing records are retained as required by law and financial regulations.

8. Your Rights

Depending on your jurisdiction, you may have the following rights:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request corrections to inaccurate or incomplete data.
  • Deletion: Request deletion of your personal data, subject to legal or contractual retention requirements.
  • Data Portability: Request your data in a structured, machine-readable format.
  • Objection: Object to specific types of data processing.
  • Withdraw Consent: Where processing is based on consent, you may withdraw it at any time.

To exercise any of these rights, please contact us at the email address below.

9. Cookies & Analytics

The Service uses essential cookies required for authentication and session management. We do not use third-party advertising cookies or behavioral tracking cookies.

We may use privacy-respecting analytics tools to understand usage patterns and improve the Service. Any analytics data is aggregated and does not identify individual users.

10. Children's Privacy

The Service is not directed to individuals under the age of 16. We do not knowingly collect personal information from children. If we become aware that a user is under 16, we will promptly delete their account and associated data.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email or in-app notification at least 30 days before they take effect. The "Last updated" date at the top of this page reflects the most recent revision.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us at:

Email: privacy@woable.com