YourGantt

Privacy Policy

Effective: April 11, 2026

1. Introduction

This Privacy Policy ("Policy") describes how CVS CONSULTING GROUP s.r.o. ("Provider", "we", "us") collects, uses, stores, and protects personal data of users of the YourGantt service ("Service").

This Policy complies with the EU General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable data protection laws.

2. Data We Collect

2.1. Account Data

  • Name
  • Email address
  • Password (stored encrypted using bcrypt)

2.2. Service Data

  • Projects, tasks, schedules, and estimates you create
  • Subscription and billing information
  • Referral and promotion codes used

2.3. Technical Data

  • IP address
  • Browser type and version
  • Device information
  • Cookies (see Section 8)

3. How We Use Your Data

  • To provide and maintain the Service
  • To authenticate and manage your account
  • To process subscriptions and payments
  • To respond to your support requests
  • To improve the quality and performance of the Service
  • To comply with legal obligations

4. Legal Basis for Processing (GDPR)

We process personal data based on:

  • Consent — you agree to this Policy during registration
  • Contract performance — processing is necessary to provide the Service
  • Legitimate interests — to improve the Service and ensure security
  • Legal obligation — to comply with applicable laws

5. Data Retention

Personal data is retained for as long as your account is active. Upon account deletion, all personal data is permanently destroyed within 30 days, except where retention is required by law.

6. Your Rights

Under GDPR (EU/EEA residents)

  • Right of access — request a copy of your personal data
  • Right to rectification — correct inaccurate data
  • Right to erasure — request deletion of your data
  • Right to restrict processing — limit how we use your data
  • Right to data portability — receive your data in a structured format
  • Right to object — object to processing based on legitimate interests
  • Right to withdraw consent — at any time

Under CCPA (California residents)

  • Right to know — what personal information we collect and why
  • Right to delete — request deletion of your personal information
  • Right to opt-out — of the sale of personal information (we do not sell your data)
  • Right to non-discrimination — for exercising your privacy rights

To exercise any of these rights, contact us at support@yourgantt.com.

7. Data Security

We implement appropriate technical and organizational measures to protect your data:

  • Password encryption (bcrypt)
  • Data transmission over encrypted channels (HTTPS/TLS)
  • Access control and role-based permissions
  • Regular backups

8. Cookies

The Service uses cookies — small data files stored on your device — to operate correctly and improve your experience.

8.1. Essential Cookies (Strictly Necessary)

These cookies are required for the Service to function and cannot be disabled while using the Service:

  • Authentication tokens (JWT) — to verify your identity and maintain a secure session
  • Session management — to preserve your login state across pages
  • Cookie consent preference — to remember your choice

Without essential cookies, the Service cannot authenticate users, maintain login sessions, or provide core functionality. This is the legal basis of contract performance (Art. 6(1)(b) GDPR).

8.2. Analytics Cookies

We use Google Analytics to understand how users interact with the Service, measure traffic sources, and improve user experience. Analytics cookies collect aggregated, non-personally-identifiable usage data. The legal basis for analytics cookies is your consent (Art. 6(1)(a) GDPR).

8.3. Cookie Consent

When you first visit the Service, a cookie consent banner is displayed. By clicking "Accept", you consent to both essential and analytics cookies. If you choose "Decline", you will not be able to register or log in, because the Service requires essential cookies for authentication and session management.

You may withdraw your consent at any time by clearing your browser's local storage and revisiting the site. Withdrawing consent will end your active session and prevent further access until cookies are re-accepted.

8.4. No Advertising Cookies

We do not use advertising, remarketing, or third-party tracking cookies. We do not sell or share your data for advertising purposes. This applies under both GDPR (EU/EEA) and CCPA (California).

9. Third-Party Data Sharing

We do not sell your personal data. Data may be shared with:

  • Payment processors — to process subscription payments (only billing data)
  • Hosting providers — to store and serve the application

All third parties are bound by appropriate data processing agreements.

10. International Data Transfers

If your data is transferred outside your region, we ensure adequate protection through Standard Contractual Clauses or equivalent safeguards as required by applicable law.

11. Children's Privacy

The Service is not intended for children under 16. We do not knowingly collect data from children.

12. Changes to This Policy

We may update this Policy from time to time. The current version is always available at yourgantt.com/privacy. Material changes will be communicated via email.

13. Contact Information

CVS CONSULTING GROUP s.r.o.

Address: Nemcovej 2, Kosice, Slovakia, 040 01

Email: support@yourgantt.com

Website: yourgantt.com