Privacy Policy

Task Ember ("we", "us", or "our") operates the taskember.com platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

Account Information

When you create an account, we collect:

• Name and email address (via Microsoft Azure Active Directory or Google authentication)
• Organisation and tenant information
• User role and access level within your portal

Azure Resource Data

When you connect Azure resources to Task Ember, we access resource metadata (names, IDs, status) necessary to provide our management services. We do not store the contents of your Azure resources.

Usage Data

We automatically collect:

• Activity logs (actions performed, timestamps, IP addresses)
• Error and diagnostic data via Sentry for service reliability
• Feature usage patterns to improve the platform

Payment Information

Payment processing is handled entirely by Stripe. We do not store credit card numbers or bank account details. We receive confirmation of payment status and subscription details from Stripe.

• To provide and maintain our cloud resource management platform
• To authenticate you and manage access to your portals
• To execute scheduled actions on your Azure resources as configured
• To send alerts and notifications about your integrations
• To process payments and manage subscriptions
• To provide customer support
• To detect, prevent, and address security issues
• To improve our services based on usage patterns

Your data is stored in Microsoft Azure data centres (UK South region). We use:

• Azure Cosmos DB for application data with encryption at rest
• Azure Blob Storage for file uploads with server-side encryption
• Azure Key Vault for secure credential storage
• HTTPS/TLS for all data in transit
• Azure Managed Identity for service-to-service authentication (no keys in code)

When you use your own Azure App Registration, your client secrets are stored encrypted in Azure Key Vault. Task Ember accesses these credentials only to perform actions you have configured. You can revoke access at any time by removing the App Registration.

Task Ember is a multi-tenant platform. Each tenant's data is logically isolated using subdomain-based routing and tenant-scoped database queries. Your data is never accessible to other tenants.

We do not sell your personal data. We share data only with:

• Stripe - for payment processing
• Microsoft Azure - for cloud infrastructure and Azure AD authentication
• Sentry - for error monitoring and diagnostics

To diagnose UI issues we use Sentry session replay, which records interactions within the Task Ember application (clicks, navigation, network-request metadata). Session replay is:

• Masked by default: all text content is masked and all media (images, canvases, iframes) is blocked from the recording.
• Opt-in via cookie consent: session replay is only enabled if you select "Accept all" on the cookie banner. If you reject non-essential cookies, session replay is disabled.
• Error-only replays (short buffers captured when an exception is thrown) follow the same consent gate.

You can change your preference at any time using the "Preferences" link in the footer.

• User account records: retained while your account is active
• Activity logs (integration runs, user logs): 90 days
• Stripe payment events (processed-stripe-events): 180 days
• Rate-limit counters: 5 minutes (auto-expired by Cosmos TTL)
• Billing logs: indefinite (required for financial record-keeping)
• User memberships: indefinite (required for audit integrity)
• Webhook alert data: retained until manually deleted
• Upon account deletion: personal data removed within 30 days; legally-required retention (billing, audit) continues for the retention periods above.

See our full data retention policy for details.

You have the right to:

• Access: request a copy of the personal data we hold. You can export your data directly from your profile.
• Request correction of inaccurate data
• Erasure: you can self-delete your account from your profile. This removes your user record and cascade- deletes resources you own, subject to the retention schedule in section 9.
• Export your data in a machine-readable format (JSON)
• Withdraw consent for optional data processing

For anything else, contact us at privacy@taskember.com.

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date.

If you have questions about this Privacy Policy, please contact us at privacy@taskember.com.