IT Doo App Privacy Policy
This Privacy Policy describes what data may exist within the IT Doo application, how technical infrastructure operates, and what choices users have. This document is provided for transparency and does not constitute legal advice.
1. General approach
IT Doo is operated by Individual Entrepreneur Sergey Evgenievich Rozhkov (OGRNIP 323246800070969, INN 246310082661) and acts as a technical platform that provides focus timer, league, and social features. The Service processes only the minimum data technically necessary for core functionality. We do not collect or process any personal data beyond what is strictly required for the Service to operate.
Any additional information a user enters into the Service (including profile content, display name, bio, avatar, and other data) is provided entirely voluntarily, at the user’s own initiative and at their own risk. The user is solely responsible for choosing what to share and bears full responsibility for the nature, accuracy, legality, and scope of such data. We are not responsible for any consequences arising from the user’s decision to voluntarily disclose information through the Service.
2. What data may exist in the Service
Depending on the features a user chooses to use, the following data may be present:
- Minimum required data: authentication identifier (for example, email address used for sign-in). This is the only data we require, and it is used solely for account authentication.
- Technical infrastructure data: IP address, device model, OS, app version, language, time zone, technical session identifiers, and error logs. This data is generated automatically by the infrastructure to ensure the Service operates correctly and for security purposes.
- In-app activity data: focus session records, duration, statistics, and league participation generated through the user’s use of the Service.
- Notification tokens (if enabled by the user): push notification delivery identifiers required for the notification functionality.
- User-provided content (voluntary): display name, bio, avatar, and any other information the user voluntarily adds to their profile. The user decides what to share and bears full responsibility for the nature, accuracy, legality, and scope of this data. We do not require this information and are not responsible for the user’s decision to provide it.
We do not request, require, or encourage users to submit personal or sensitive information beyond what is technically necessary.
3. How data is used
Minimum required and technical data is used to:
- authenticate users and maintain accounts;
- provide the focus timer, statistics, and league functionality;
- ensure security, prevent abuse, and investigate incidents;
- maintain app stability, performance, and reliability;
- deliver notifications when enabled by the user.
User-provided content (profile data) is displayed to other users as part of the platform’s social features. The user controls what content is shared and may edit or remove it at any time.
4. Third parties and infrastructure
The app relies on infrastructure providers (for example, cloud backend, storage, push delivery, and error monitoring) to operate. These providers may handle technical data as part of normal infrastructure operation. Such handling occurs in accordance with the providers’ own policies.
5. Cross-border data transfers
To operate the Service, we use infrastructure providers whose servers may be located outside the Russian Federation and outside the user’s country of residence. This means that data described in Section 2 of this Policy may be transferred to and processed in other jurisdictions.
Legal bases for such transfers include:
- performance of the agreement between the operator and the user (providing the Service’s functionality);
- the user’s consent expressed by accepting the Terms of Use;
- ensuring the security and stability of the Service.
We take reasonable steps to ensure that infrastructure providers maintain a level of data protection comparable to the requirements of applicable law. Cross-border data transfers are carried out in accordance with Article 12 of Russian Federal Law No. 152-FZ “On Personal Data” and other applicable regulations.
For users in the EU/EEA, data transfers to third countries are conducted under the mechanisms provided by Chapter V of the GDPR (including infrastructure providers’ standard contractual clauses or other applicable legal bases).
6. Data retention
Data is retained only as long as needed for the Service to function, including security and legal requirements. Users may delete their account and associated data through the app settings.
7. Security
We apply technical and organizational measures to reduce risks of unauthorized access, loss, alteration, or disclosure. No system is absolutely secure, and security measures are continuously improved.
8. User choices
- Users control what information they add to their profile and may edit or remove it at any time.
- Users may delete their account through the app settings. Step-by-step instructions are available on the account deletion page.
- Users may enable or disable push notifications through device settings.
- Depending on applicable law, users may have additional rights regarding their data. To exercise any such rights, use the contact details below.
9. Children and age restrictions
The app is not intended to be used by children where prohibited by applicable law. Users must be at least 16 years old (or the minimum age required by their jurisdiction) as described in the Terms of Use.
10. Policy changes
We may update this Policy from time to time. If changes are material, the updated version will be posted in the app and/or on the website, and the update date will be revised.
11. Contact
For questions about this Policy, contact us at rozhkovse1@gmail.com or use official IT Doo support channels available in the app and on the website.