Privacy Policy

Version 1 · Last updated 2026-05-08 00:48:33
All documents Back Sign in

================================================================================ THE UTILITY APP — PRIVACY POLICY ================================================================================

Effective date: 2026-05-08 Version: 1

This Privacy Policy explains how The Utility App ("the Service", "we", "us") collects, uses, stores, and protects information about you when you create an account or use the Service. By creating an account or using the Service you acknowledge that you have read and understood this Policy.

The current authoritative version of this Policy is the one published in the Administrator panel of the Service. Administrators may update this Policy at any time; any changes take effect when the new version is published.

1. INFORMATION WE COLLECT

1.1 Account information: - username - email address - hashed password (never stored in plain text) - optional profile information (full name, cellphone, timezone) - account role and per-app permissions

1.2 Content you create: - notes, lists, calendar entries, tasks, bookmarks, savings/budget data, passwords stored in the Password Manager (encrypted at rest), and any other data you save while using the Service's apps.

1.3 Technical / usage data: - IP address of devices that access the Service - browser user-agent string - timestamps of logins, sign-ups, and significant actions - pages and routes visited (for security, abuse-prevention, and audit purposes) - error reports generated by the Service.

1.4 Cookies and local storage: - a session cookie used to keep you signed in; - an optional "remember me" cookie if you opt in; - a CSRF cookie used to protect form submissions; - a theme-preference cookie.

2. HOW WE USE YOUR INFORMATION

We use the information we collect to:

(a) provide, operate, secure, and improve the Service; (b) authenticate you and protect your account from unauthorised access; (c) communicate with you about your account (e.g. email verification, password resets, important Service notices); (d) detect, investigate, and prevent abuse, fraud, and security incidents; (e) keep audit and error logs as required for the safe operation of the Service; (f) record that you accepted these Terms and the Privacy Policy on a specific date and version, so we can demonstrate consent if required.

Where data-protection law requires a legal basis, we rely on:

  • performance of a contract with you (providing the Service you signed up for);
  • your consent (e.g. acceptance of these documents at sign-up);
  • our legitimate interests in operating, securing, and improving the Service; and
  • compliance with legal obligations.

4. SHARING OF INFORMATION

We do not sell your personal information. We may share information only:

(a) with service providers strictly necessary to operate the Service (e.g. an email-delivery provider for transactional email); (b) where required by law, regulation, court order, or other legal process; (c) to protect the rights, property, or safety of the Service operators, our users, or the public.

5. DATA RETENTION

5.1 Account data is retained for as long as your account exists. 5.2 Pending (unverified) sign-ups are automatically deleted after 48 hours. 5.3 Audit logs, error logs, IP-tracker entries, and acceptance records are retained for as long as reasonably necessary for security, legal, and operational purposes. 5.4 When your account is deleted, your personal account data and the content you created are removed, except where we are required to retain certain records (e.g. legal-acceptance records or audit logs) for legitimate purposes.

6. SECURITY

We use a range of technical and organisational measures to protect your information, including:

  • passwords are stored only as salted, hashed values;
  • sensitive content (such as Password Manager entries) is encrypted at rest;
  • HTTPS / TLS in transit when the Service is deployed over HTTPS;
  • CSRF protection on form submissions;
  • rate-limiting and brute-force protection on authentication;
  • per-IP and per-account abuse controls.

No system is perfectly secure; you use the Service at your own risk.

7. YOUR RIGHTS

Subject to applicable law, you may have the right to:

  • access the personal information we hold about you;
  • request correction of inaccurate information;
  • request deletion of your account and associated data;
  • object to or restrict certain processing;
  • withdraw consent (where processing is based on consent).

To exercise these rights, contact the Service administrator through the contact details published within the Service.

8. CHILDREN

The Service is not directed at children under the age at which they can legally consent to data processing in their jurisdiction. If you believe a child has created an account without appropriate consent, please contact the Service administrator and we will remove the account.

9. CHANGES TO THIS POLICY

We may modify this Privacy Policy at any time by publishing an updated version in the Administrator panel. Where changes are material, users may be required to re-accept the updated Policy before continuing to use the Service.

10. CONTACT

For questions about this Privacy Policy or about the personal information we hold about you, contact the Service administrator through the contact details published within the Service.

================================================================================ END OF PRIVACY POLICY ================================================================================