Last updated: March 24th, 2021
1st things 1st is hosted on a DigitalOcean server in Frankfurt, Germany.
From the personal data, we are storing your first and last names, email, avatars from a social network or Gravatar, and a company name (if applicable).
Of course, we are storing your prioritization projects with criteria, things to evaluate, and evaluations.
If you want to get a list of all the data that is stored about you on 1st things 1st, you can ask for it in the feedback form and we will respond within 2 working days.
All your private information is kept private and not exposed to third parties.
But if you have an organizational account, you can share your information with your chosen friends or colleagues and work on the prioritization together.
Account information is not portable. But prioritized projects can be exported to XSLX, PDF, or email message.
All website data is transferred to and from the server using the SSL certificate.
No plain passwords are saved in the database. Instead we store their hashes, where we can check the password's validity, but we cannot find out what your password was.
Payments are done through our reseller and Merchant of Record Paddle.com who takes care of more secure measurements. No credit card, banking, or billing information is saved on our servers.
We do daily backups and should be able to recover the lost database within 24 hours. We have backups of the last 7 days.
If we notice any security breach where the personal data could be exposed to third parties, we are going to inform you by email within 3 days.
If you have any questions about GDPR compliance, please contact us.