Taily · ROSCODE TECH

Privacy Policy

How we handle your data, and exactly who it does and doesn't reach.

This policy describes how ROSCODE TECH (PTY) LTD ("we", "us") handles personal information when you use the Taily mobile and web applications ("the app").

1 What we collect

Account information

  • Email address — required to create an account and sign you in.
  • Name / display name — from your sign-in provider (Google, Apple) or as you provide it.
  • Profile photo — if available from your sign-in provider.

App content

  • Your tasks, notes, projects, folders, lists, and any other content you create. This is stored so you can access it across devices and, if you choose, share it with others.
  • Content shared with you by other users — stored under your account so you can access it.

Usage & diagnostic data

  • Crash and error logs — helps us fix bugs.
  • Basic usage events — e.g. which screens fail, so we can prioritise improvements. We do not track you across other apps or websites.

Subscription and payment information

Subscription billing is handled by Apple (in-app purchases on iOS), Google (in-app purchases on Android), or Payfast (subscriptions purchased on our website). We never receive or store your card number, these providers handle payment details directly. We receive a receipt or token identifying the active subscription, which we use to grant Pro access.

Optional: Google Calendar sync

If you enable Google Calendar sync, we request access to read your Google Calendar events and create corresponding tasks in Taily. The OAuth token is stored encrypted by Firebase on our server and is used only to fetch events. You can revoke this access at any time in the app or at your Google account settings.

2 How we use your data

  • To provide the app's core features (sign-in, storing content, syncing across devices).
  • To share content between users when you explicitly invite someone.
  • To send system notifications you have configured (reminders, scheduled task alerts).
  • To enforce subscription entitlements and honour referral codes.
  • To diagnose and fix bugs.

We do not sell your data. We do not use it for third-party advertising. We do not track you across other apps or websites.

3 Third-party services we use

  • Google Firebase (Authentication, Firestore database, Cloud Messaging, Crashlytics, Cloud Functions) — our backend. See Firebase's privacy documentation.
  • Google Sign-In / Apple Sign In — authentication providers you may use to sign in.
  • RevenueCat — manages Apple/Google subscription state.
  • Payfast — processes web-based subscription payments (South Africa).
  • Google Calendar API — only if you opt in to calendar sync.

4 Sharing, transfer, and disclosure of Google user data

Google user data means the information Taily obtains through Google APIs: your Google account profile (email address, name, and profile photo) when you sign in with Google, and your Google Calendar events if you opt in to Google Calendar sync.

We do not sell Google user data, and we do not use or transfer it for advertising, ad personalisation, or to build user profiles. We share, transfer, or disclose Google user data only in the following limited cases, and only to the following recipients:

  • Google LLC (Firebase / Google Cloud) — our backend infrastructure and sub-processor. Google user data is stored in Firebase Authentication and Firestore on Google Cloud so that you can access it across your devices.
  • Other Taily users you explicitly choose to share with — if, and only if, you create a task, list, or other content from Google user data and then deliberately share that content with another user. We never share your raw Google account profile or your full Google Calendar with other users.
  • Law enforcement or regulators — only where we are legally required to disclose data to comply with a valid legal request, court order, or applicable law.

We do not transfer or disclose Google user data to any other third party. Taily's use and transfer of information received from Google APIs to any other app adheres to the Google API Services User Data Policy, including the Limited Use requirements.

5 Where data is stored

Your data is stored with Firebase in Google Cloud datacentres. You access your data directly from these servers when using the app; we do not maintain a separate copy on our own infrastructure.

Data retention and deletion

We keep your personal data only for as long as your account is active. When you delete your account (Settings → Danger zone → Delete account), we immediately and permanently erase your account and all associated data — your projects, folders, lists and tasks, shared items, connections, groups, notifications and reminders, Google Calendar sync settings and stored tokens, and your subscription and referral records — from our Firestore database. If you signed in with Apple, we also revoke your Sign in with Apple token. This deletion is permanent and cannot be undone, and we keep no separate backup copies. We may retain a minimal record only where required by law (for example, tax or transaction records), and only for as long as the law requires. Deleting your account does not cancel an active App Store or Google Play subscription — please cancel that separately in your store account to stop future charges.

6 Your rights

Under the Protection of Personal Information Act (POPIA) in South Africa and the GDPR in the European Union, you have the right to:

  • Access the personal information we hold about you.
  • Correct or update inaccurate information.
  • Delete your account and all associated data (Settings → Danger zone → Delete account, or by emailing us — see Contact below).
  • Export a copy of your data (email us to request).
  • Withdraw consent for optional features (e.g. Google Calendar sync) at any time.
  • Lodge a complaint with the South African Information Regulator or your local data-protection authority.

7 Children's privacy

Taily is not directed at children under 13, and we do not knowingly collect personal information from children under 13.

8 Security

Firebase Authentication, Firestore, and Cloud Functions use TLS-encrypted connections. Firestore access rules restrict reads and writes to content you own or has been explicitly shared with you. Payment details are handled by Apple, Google, or Payfast and never reach our servers.

9 Changes to this policy

We may update this policy from time to time. Material changes will be announced in the app. The latest version is always available at this page.

10 Contact

For any privacy-related question or request, email roscoe@roscodetech.com.

Last updated: 2026-06-05.
Taily is operated by ROSCODE TECH (PTY) LTD (South Africa).