Privacy policy
Your work log stays scoped to your account
Tasktrace stores the projects, tasks, traces, and connector tokens needed to provide the web dashboard and MCP tools.
Data we collect
Tasktrace stores your Google account identifier, name, email, and profile image from Google OAuth; projects, tasks, traces, summaries, current-project state, and trace metadata you or your connected agents create; and OAuth client, grant, access-token, and refresh-token records needed for MCP authentication. Tasktrace also uses Google Analytics to collect aggregate usage data such as page views, browser type, device type, and referrer.
How we use data
Data is used to authenticate you, show your dashboard, let authorized MCP clients read and write your work log, and produce deterministic daily summaries from your stored tasks and traces.
Storage and security
Application data is stored in Postgres. OAuth authorization codes, access tokens, refresh tokens, and client secrets are stored as SHA-256 hashes; raw token values are returned only when issued. Database reads and writes are scoped by the authenticated user id.
Sharing
Tasktrace does not sell your data. Tasktrace does not share your work log with other users. Connected MCP clients can access your data only after you approve OAuth scopes for that client.
Retention and deletion
Projects, tasks, and traces remain until you edit or delete them in the app. Revoked OAuth tokens stop working immediately. For account or data deletion requests, contact support@tasktrace.dev.
Contact
Questions about privacy or security can be sent to support@tasktrace.dev.