Last updated: January 5th, 2021
1st things 1st is hosted on a DigitalOcean server in Frankfurt, Germany.
From the personal data, we are storing your first and last names, email, avatars from a social network or Gravatar, company name (if applicable), and billing address.
Of course, we are storing your prioritization projects with criteria, things to evaluate, and evaluations.
If you want to get a list of all the data that is stored about you on 1st things 1st, you can ask for it in the feedback form and we will respond within 2 working days.
All your private information is kept private and not exposed to third parties.
But if you have an organizational account, you can share your information with your chosen friends or colleagues and work on the prioritization together.
Account information is not portable. But prioritized projects can be exported to XSLX, PDF, or email message.
As for login passwords, we save their hashes in the database. No credit card or banking information is saved on our servers. Payments are done through Stripe who take care of more secure measurements.
All website data is transferred to and from the server using the SSL certificate.
We do daily backups and should be able to recover the lost database within 24 hours. We have backups of the last 7 days.
If we notice any security breach where the personal data could be exposed to third parties, we are going to inform you by email within 3 days.
At any time you can delete your account together with the prioritization projects you created. This can be done at the account deletion page.
If you have any questions about GDPR compliance, please contact us.