Privacy policy

Who we are

ReminderKit is a web application that helps organisations track deadlines and send email notifications. This policy explains what personal data we process when you use the service, why we need it, and what choices you have. Plain language comes first; statutory names for rights appear where they help.

What we collect

• Account details: name, email address, and password hash for users who register.
• Email confirmation: until you verify your address we store a short-lived token so we can send you a secure activation link. Tokens expire automatically and are deleted after use.
• Password reset: if you request a reset, we store a separate short-lived token, send a link to your email, and delete the token after you set a new password or when it expires.
• Organisation profile: workspace name and billing state linked to your account with our payment processor.
• Team invitations: when an admin invites someone, we store their email address, a short-lived join token, and expiry so we can send one invitation message. Tokens are removed when the invite is accepted, revoked, or expires.
• Reminder content: titles, due dates, assignee email addresses, send status, and audit fields needed to run the product.
• Technical logs: standard server and hosting logs from our infrastructure providers may include IP addresses and request metadata. Retention follows our agreements with those providers.

Why we use it

We process data to provide accounts, authenticate users, store reminders, send transactional email, take payment through our payment processor, and meet legal obligations. We do not sell personal data and we do not use it to train unrelated machine learning models.

Legal bases (UK / GDPR-style)

Where the UK GDPR or EU GDPR applies, we rely on contract (running the service you asked for), legitimate interests (security and abuse prevention, product improvement that does not override your rights), and legal obligation where tax or accounting rules require retention.

Processors and sharing

We use subprocessors in categories such as cloud hosting, database storage, payment processing, and transactional email. They process data only as needed to run ReminderKit and under appropriate agreements. Contact us for the latest summary of categories and purposes, or for copies of their terms where you need them for your records.

Retention

We keep account and reminder data while your organisation has an active relationship with the service and for a short period after closure so you can reactivate or download an export. Exact retention follows our operational policy and applicable law; contact us if you need a formal schedule.

Your rights

You may have rights to access, correct, delete, restrict, or object to certain processing, and to complain to a supervisory authority. Organisation admins can self-serve a JSON export of tenant data from Settings after signing in. For deletion or other requests, contact us using the details below. We aim to respond within 72 hours for straightforward requests.

Cookies and similar tech

We use cookies and local storage needed for sign-in sessions and security. We do not run third-party advertising cookies in this template.

Age

ReminderKit is for adults running a business or organisation. Do not register if you are under 18, and do not submit children's personal data except where the law allows and you have proper consent.

Changes

We will update this page when the product or the law changes. The date at the top shows the latest revision. Material changes for active customers should also be emailed or shown in-app when you operate commercially.

Contact

Privacy questions: info@reminderkit.co.uk.