Privacy Policy

Last updated: February 15, 2026

1. Introduction

burnlist.app ("we", "our", or "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, and safeguard your information when you use our daily task management service.

2. Information We Collect

2.1 Information You Provide

• Email address: Used for account creation and authentication via magic link
• Task content: The tasks you create within the application
• Timezone: Automatically detected to enable midnight reset in your local time

2.2 Information Collected Automatically

• Usage data: Features used, task completion rates (anonymized)
• Device information: Browser type, operating system
• Log data: IP address, access times, pages viewed

3. How We Use Your Information

• Provide and maintain the Service.
• Authenticate your account via magic link emails.
• Process subscription payments and manage billing (via Stripe).
• Process voluntary donations (via Stripe).
• Send transactional emails (login links, receipts).
• Improve and optimize our Service.
• Respond to customer support requests.
• Detect and prevent fraud or abuse.

4. Cookies and Tracking

4.1 Essential Cookies

We use essential cookies required for the Service to function:

• Authentication token: Keeps you logged in
• Theme preference: Remembers dark/light mode setting
• Cookie consent: Stores your cookie preferences

4.2 Analytics Cookies (Optional)

With your explicit consent, we use the following analytics services to understand how users interact with our Service:

• Google Analytics 4 (GA4): Collects anonymized usage data. Google Privacy Policy

Analytics is disabled by default and only activated after you accept analytics cookies via the cookie consent banner. You can revoke consent at any time by clearing your browser cookies.

5. Data Storage and Security

Your data is stored securely on servers located in the European Union (DigitalOcean). We implement appropriate technical measures to protect your data, including:

• HTTPS encryption for all data in transit
• Encrypted database storage
• Regular automated backups
• Access controls and authentication

6. Data Retention

We retain your data as follows:

• Active tasks: Until your configured reset time (cleared automatically).
• Account data: Until you delete your account.
• Donation records: As required by law (typically 7 years).

7. Third-Party Services

We use the following third-party services:

• Stripe: Payment processing for subscriptions and donations. Stripe Privacy Policy
• Resend: Transactional emails. Resend Privacy Policy
• DigitalOcean: Hosting infrastructure. DigitalOcean Privacy Policy
• Google Analytics 4: Website analytics (with consent). Google Privacy Policy

7.5 Payment Processing

All payment processing is handled by Stripe, which is PCI DSS Level 1 certified. We do not store, process, or have access to your full credit card numbers. Stripe collects and processes payment information directly.

We only store your Stripe customer ID to associate your subscription status with your account. For more information, see Stripe's Privacy Policy .

8. Your Rights

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate personal data
• Erasure: Delete your account and associated data
• Data portability: Export your data in a machine-readable format
• Object: Opt out of analytics and marketing

To exercise these rights, contact us .

9. Children's Privacy

Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately.

10. International Data Transfers

Your data may be processed in countries outside your own. We ensure appropriate safeguards are in place when transferring data internationally, including Standard Contractual Clauses where applicable.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or through the Service. The "Last updated" date at the top indicates when the policy was last revised.

12. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us: