Your data, and what I do with it v2.0
Last updated: March 26, 2026 · Effective: April 26, 2026 · Replaces v1.0 (March 26, 2026)
The short version 🦖: TaskZilla is now self-hosted — you run it on your own infrastructure, so you're the data controller for your deployment. This page covers both what TaskZilla B.V. does with website visitors and what the software does with data once you deploy it. The legal version starts below.
1. Who We Are
TaskZilla B.V., registered in the Netherlands (KvK pending), develops and distributes the TaskZilla software product.
Contact details:
- Email: privacy@taskzilla.ai
- Support portal: support.taskzilla.ai
- Postal: TaskZilla B.V., Amsterdam, the Netherlands (full address published upon KvK registration)
We have not appointed a Data Protection Officer (DPO) because we do not currently meet the thresholds under Article 37 GDPR. If this changes, we will publish DPO contact details here. In the meantime, all privacy inquiries can be directed to privacy@taskzilla.ai.
2. Product Model — Self-Hosted Software
TaskZilla is a self-hosted software product. We distribute it as a deployable blueprint — the deploying organization installs, operates, and controls their own instance. TaskZilla B.V. does not host, operate, or have access to customer instances or customer data.
| Aspect | Detail |
|---|---|
| Deployment | Self-hosted by the customer on their own infrastructure |
| Data controller (deployed instance) | The deploying organization |
| Data processor (deployed instance) | The deploying organization + their chosen third-party providers |
| TaskZilla B.V. role | Software vendor — no access to customer data |
| Data controller (this website) | TaskZilla B.V. |
This privacy policy covers two scopes:
- This website (taskzilla.ai) — TaskZilla B.V. is the data controller for visitor data collected through the website and onboarding portal.
- The TaskZilla software product — Sections 3–5 describe the data processing capabilities built into the software. When you deploy TaskZilla, your organization is the data controller and is responsible for its own GDPR compliance, privacy policies, DPAs with third-party services, and data subject rights. TaskZilla B.V. does not process this data.
3. Scope — Website and Software
This policy applies to visitors and users of the TaskZilla website (taskzilla.ai) and onboarding portal. It also describes the data processing capabilities built into the TaskZilla software product to help deploying organizations understand what the software does and prepare their own compliance documentation.
TaskZilla is classified as a limited-risk AI system under Regulation (EU) 2024/1523 (the EU Artificial Intelligence Act). The software is designed to comply with all applicable transparency obligations under Article 50 and other applicable provisions.
For deployed instances: The deploying organization is the data controller and is responsible for establishing the legal basis for processing, signing Data Processing Agreements with their chosen providers (LLM APIs, cloud hosting, project management tools), and fulfilling data subject rights requests.
4. Data Processing — Website and Software
The following sections describe data processed by the TaskZilla website (where TaskZilla B.V. is the controller) and data processing capabilities built into the TaskZilla software product (where the deploying organization is the controller).
4.1 Data you provide directly
- Account data — name, email address, workspace name, and team configuration provided during onboarding.
- Workspace content — task descriptions, comments, project structures, standup reports, and other content you create or import through integrations.
- Integration credentials — API tokens and webhook URLs for connected services (ClickUp, Telegram, GitHub, etc.), stored encrypted in our secrets vault.
- Communications — messages you send to TaskZilla and through TaskZilla-managed channels.
- Support requests — correspondence when you contact our support portal.
3.2 Data collected automatically
- Device and log data — browser type, operating system, IP address (anonymized after 90 days), access timestamps, and referring URLs.
- Usage data — features used, session duration, interaction patterns, and error logs (anonymized where possible).
- Cookie data — see Section 12 below.
3.3 Data generated by AI processing
- AI memory — TaskZilla maintains persistent AI memory systems to provide contextual, personalized assistance. This includes vector embeddings (semantic database) and entity relationships (knowledge graph) derived from your workspace activity. These embeddings and derived data constitute personal data and are subject to all GDPR rights.
- AI-generated outputs — standup reports, task summaries, priority assignments, and recommendations generated by our AI models based on your workspace data.
3.4 Data we do NOT collect
- We do not collect special category data (Art. 9 GDPR) — no health, biometric, political, religious, or sexual orientation data.
- We do not perform behavioral profiling for advertising purposes.
- We do not use your data to train AI models.
4. How We Use Your Data
We process your data for the following purposes, each with a specific legal basis:
| Purpose | Legal basis (GDPR) | Data categories |
|---|---|---|
| Providing the TaskZilla service (AI standup generation, task routing, memory recall) | Art. 6(1)(b) — performance of contract | Account, workspace content, communications |
| AI memory systems for contextual assistance | Art. 6(1)(b) — performance of contract | Workspace content, AI memory |
| Account administration and billing | Art. 6(1)(b) — performance of contract | Account data, billing records |
| Security monitoring and abuse prevention | Art. 6(1)(f) — legitimate interest (security of our systems and users) | Device/log data, usage data |
| Service improvement and error diagnostics | Art. 6(1)(f) — legitimate interest (improving our service for all users) | Usage data, error logs (anonymized) |
| Transactional communications (onboarding, billing, security alerts) | Art. 6(1)(b) — performance of contract | Account data |
| Analytics and conversion optimization (optional cookies) | Art. 6(1)(a) — consent | Cookie data |
| Compliance with legal obligations (tax, regulatory) | Art. 6(1)(c) — legal obligation | Billing records, account data |
Legitimate interest balancing: Where we rely on legitimate interest, we have conducted balancing tests to ensure our interests do not override your fundamental rights. You may request copies of these assessments by contacting privacy@taskzilla.ai.
5. AI Processing and Automated Decision-Making
5.1 Artificial Intelligence disclosure
TaskZilla is an AI-powered project management assistant. It uses large language models and machine learning systems to generate content (including standups, task summaries, and recommendations), route tasks, assign priorities, and process team communications. All outputs generated by TaskZilla are produced by artificial intelligence and should be reviewed by a human before being relied upon for consequential decisions.
5.2 Automated processing
TaskZilla employs automated processing for the following functions:
- Task routing and assignment — based on project structure, workload parameters, and configurable rules.
- Priority classification — based on configurable criteria and rule-based logic.
- Standup report generation — based on task status data from integrated tools.
- Message routing — across integrated platforms based on channel configuration.
- Memory recall — retrieving relevant context from persistent memory systems.
- Automated decay — time-based and relevance-based cleanup of AI memory data.
These automated processes are based on rule-based logic and AI model inference. No decisions made by TaskZilla constitute solely automated decisions with legal or similarly significant effects on individuals within the meaning of Article 22 of the GDPR. Specifically:
- All AI recommendations are presented for human review — not executed as final decisions.
- Humans retain authority over all consequential decisions (employment, termination, compensation, legal determinations).
- No employment, performance evaluation, or HR decisions are made by TaskZilla alone.
- Users and workspace administrators may override, modify, or disregard any AI-generated output or automated action at any time.
If you believe TaskZilla's output is being used as the sole basis for a consequential decision about you, you have the right to request human intervention, express your point of view, and contest the decision by contacting privacy@taskzilla.ai.
5.3 Human-in-the-Loop (HITL) controls for high-risk actions
TaskZilla implements a risk-scored Human-in-the-Loop (HITL) gate to ensure that actions with significant impact require explicit human approval before execution. Every action is classified against three dimensions:
- Reversibility — whether the action can be undone (e.g., data deletion is irreversible).
- Blast radius — whether the action affects a single item, an entire workspace, or external systems and users.
- Data sensitivity — whether the action involves public information, internal workspace content, or credentials/PII.
Actions are scored 0–6 based on these dimensions. Actions scoring 4 or above always require human approval before execution. This includes:
- Deleting AI memory entries (semantic database or knowledge graph data).
- Modifying or rotating secrets vault entries.
- Sending messages to external channels (Telegram, Slack, email).
- Bulk task reassignment, status changes, or deletions.
- Modifying scheduled tasks (cron schedules).
- Data exports or account deletion.
- Changing integration credentials or webhook configurations.
- Executing scripts or commands on the server.
Actions scoring 2–3 (e.g., single task assignment changes, standup delivery to a known channel, new memory writes) are configurable — workspace administrators may choose to require approval or allow automatic execution. All such actions are logged regardless of approval setting.
Actions scoring 0–1 (e.g., memory reads, task queries, internal report generation) are executed automatically and logged for audit purposes.
EU AI Act high-risk escalation
In addition to score-based gating, any action whose context reasonably could be interpreted as a high-risk AI use case under Annex III of the EU AI Act is automatically escalated to require HITL approval, regardless of its base risk score. This includes actions that could:
- Inform employment, recruitment, or termination decisions.
- Produce legal effects or similarly significant effects on individuals.
- Profile, score, or rank individuals based on behavior or performance.
- Affect access to education, vocational training, or certification.
- Affect access to essential services that individuals depend on for their work or livelihood.
- Inform decisions about creditworthiness, insurance, or eligibility.
This escalation cannot be bypassed or disabled. See our Terms of Service Section 6.2 for the full list of high-risk indicators.
HITL approval process
When HITL approval is required, the action is paused and a notification is sent to the designated approver via their configured channel. If no approval is received within 5 minutes (configurable by workspace administrators), the action is denied by default (fail-safe). Silence means no — not yes. All HITL decisions (approvals, denials, and timeouts) are recorded in the audit log with timestamp, action type, risk score, escalation reason, approver identity, and resolution.
5.4 AI memory systems
TaskZilla employs persistent memory systems that retain context across sessions:
- Semantic database — stores vector embeddings of workspace context for context-aware retrieval. Embeddings are derived from your content and constitute personal data.
- Knowledge graph — stores entity relationships and session context for improved continuity.
Memory data is subject to automated decay (time-based and relevance-based) and is stored exclusively on EU infrastructure. Memory data is also subject to a weekly distillation process that compares new patterns against existing knowledge, extracts only genuinely new insights, scores them on usefulness and novelty, and applies a quality gate. This processing occurs under Art. 6(1)(b) — performance of contract.
You may request complete deletion of your data from these memory systems at any time — see Section 10.
5.5 Data Protection Impact Assessment (DPIA)
We have conducted a Data Protection Impact Assessment for our AI memory systems, evaluating the risks of persistent AI memory storage, automated processing, and cross-session context retention. This assessment concluded that appropriate safeguards (data minimization, automated decay, encryption, user deletion rights, human oversight) adequately mitigate identified risks. The full DPIA is available to supervisory authorities and enterprise customers under NDA. A summary is available to all users upon request via privacy@taskzilla.ai.
5.5a Data governance
In accordance with the principles of Article 10 of the EU AI Act:
- User data is never used for training, fine-tuning, or improving AI models.
- TaskZilla uses rule-based task allocation with human-configurable parameters. We do not use machine learning models to evaluate individual performance.
- We recommend regular audits of task allocation patterns to ensure fairness across team members.
- If you observe patterns suggesting unfair or biased behavior, report them to privacy@taskzilla.ai and we will investigate promptly.
5.6 Right to explanation
You have the right to obtain meaningful information about the logic involved in automated processing that affects you:
- Task routing uses configurable rules based on project structure, skill tags, and workload distribution.
- Priority assignment uses rule-based classification against configurable criteria.
- Standup generation uses LLM summarization of task status data from integrated tools.
- Memory recall uses semantic similarity search over vector embeddings.
You may request a decision-level explanation of any specific automated action, including: what input data was considered, what rules or weights were applied, what confidence score was assigned (if applicable), and what alternative recommendations were considered. We will respond within 5 business days. Contact privacy@taskzilla.ai.
6. Data Sharing and Third-Party Services
We do not sell personal data. We do not share data for advertising purposes.
For the website: We share website visitor data only with the service providers listed below, each bound by data processing agreements.
For deployed instances: TaskZilla integrates with third-party services chosen and configured by the deploying organization. The deploying organization is responsible for signing DPAs with their chosen providers and ensuring adequate transfer mechanisms are in place. The table below describes typical third-party services — actual providers depend on the customer's configuration.
6.1 Typical AI model providers (customer-configured)
| Provider | Purpose | Data location | Transfer mechanism | Training use |
|---|---|---|---|---|
| Anthropic (Claude) | AI inference for task management, standup generation, and contextual responses | US | SCCs + supplementary measures | No — prompts are not used for model training |
| Google (Imagen) | Image generation for diagrams and visual content | US | SCCs + supplementary measures | No |
| Local models (self-hosted) | On-premises inference for embeddings and lightweight tasks | EU (Germany) | N/A — no transfer | N/A — fully local |
6.2 Typical infrastructure providers (customer-configured)
| Provider | Purpose | Data location | Transfer mechanism |
|---|---|---|---|
| EU cloud provider | Hosting and compute | EU (Germany) | N/A — no transfer |
| Stripe | Payment processing | US | SCCs + supplementary measures |
| Observability platform | AI tracing and diagnostics (with strict input caps for privacy) | EU | N/A — no transfer |
6.3 Customer responsibility for third-party services
For deployed instances: The deploying organization chooses which AI providers, cloud infrastructure, and integrations to connect. It is the deploying organization's responsibility to sign Data Processing Agreements with each provider, assess transfer mechanisms (e.g., SCCs for US-based providers), and inform their users about which services process their data.
6.4 Legal obligations
We may disclose data when required by applicable law, regulation, or valid legal process (e.g., court order), or to protect our rights, safety, or property. Where legally permitted, we will notify you before such disclosure.
7. International Data Transfers
For the website: Website visitor data is stored and processed within the European Union.
For deployed instances: Data residency is determined by the deploying organization's infrastructure and provider choices. If the deploying organization connects US-based AI providers (e.g., Anthropic, OpenAI, Google), they are responsible for ensuring adequate transfer mechanisms (such as Standard Contractual Clauses) are in place. TaskZilla's software includes the following built-in measures to support compliance:
- Data minimization — the software minimizes personal data included in prompts sent to external AI providers. Where possible, data is pseudonymized or anonymized before transfer.
- Encryption in transit — all external API calls use TLS 1.2+.
- Configurable providers — deploying organizations can choose EU-only providers or self-hosted models to avoid international transfers entirely.
8. Data Retention
We retain personal data only for as long as necessary for the purposes described in this policy. Specific retention periods:
| Data category | Retention period | Basis for retention |
|---|---|---|
| Account data | Duration of subscription + 90 days | Contract performance; transition period |
| Workspace content | Duration of subscription + 90 days | Contract performance; data export period |
| AI memory (semantic database, knowledge graph) | Subject to automated decay; deleted within 30 days of account closure or on request | Contract performance |
| Integration credentials | Deleted immediately upon disconnection or account closure | Contract performance |
| Usage analytics | Retained in anonymized form for up to 24 months | Legitimate interest (service improvement) |
| Log data (incl. IP addresses) | 90 days (rolling); IP anonymized after 90 days | Legitimate interest (security, debugging) |
| Billing records | 7 years from date of transaction | Legal obligation (Dutch tax law, Art. 52 AWR) |
| Support correspondence | Duration of subscription + 1 year | Contract performance; follow-up |
After the retention period expires, data is securely deleted or irreversibly anonymized within 30 days.
9. Privacy by Design and Data Minimization
TaskZilla is built with privacy by design and by default (Art. 25 GDPR):
- Data minimization — we collect only what is necessary for the service. AI prompts sent to external providers contain the minimum context required.
- Input caps — AI observability inputs are strictly capped per field to prevent unnecessary data exposure in tracing systems.
- Automated decay — AI memory entries are subject to time-based and relevance-based decay, ensuring stale personal data is automatically removed.
- Pseudonymization — where possible, we pseudonymize data before processing (e.g., in error logs and analytics).
- Sandbox isolation — agent executions run in sandboxed environments with strict filesystem restrictions.
10. Your Rights (GDPR)
For website visitors: The following rights apply to personal data TaskZilla B.V. processes about you through this website.
For users of deployed instances: Contact your organization's administrator or data protection officer — they are the data controller for your instance, not TaskZilla B.V. The TaskZilla software includes built-in data export and deletion capabilities to help deploying organizations fulfil these rights.
Under the General Data Protection Regulation, you have the following rights:
- Access (Art. 15) — obtain a copy of the personal data we hold about you, including data stored in AI memory systems.
- Rectification (Art. 16) — correct inaccurate or incomplete data.
- Erasure ("right to be forgotten") (Art. 17) — request deletion of your data, including from AI memory systems. Embeddings computed from your personal data are themselves personal data and are included in erasure requests. On receiving a deletion request, we will: (1) delete all data from primary databases within 5 business days; (2) delete all data from AI memory systems (semantic database, knowledge graph) within 5 business days; (3) send deletion requests to sub-processors within 3 business days; (4) anonymize or delete observability data within 5 business days; (5) send you a deletion confirmation. Note: we cannot delete data already processed by third-party LLM providers (Anthropic, Google), as processing occurs in real-time and is not stored by those providers. We do not use your data for model training.
- Restriction (Art. 18) — restrict processing in certain circumstances (e.g., while we verify accuracy or assess an objection).
- Data portability (Art. 20) — receive your data in a structured, commonly used, machine-readable format (JSON). You may also request direct transfer to another controller where technically feasible.
- Object (Art. 21) — object to processing based on legitimate interest. We will cease processing unless we demonstrate compelling legitimate grounds. You may object to processing for service improvement or analytics at any time.
- Withdraw consent (Art. 7) — withdraw consent for optional cookies and analytics at any time, without affecting the lawfulness of prior processing.
- Human review of automated decisions (Art. 22) — although TaskZilla does not make solely automated decisions with legal effects, you may request human review of any automated output, express your point of view, and contest any AI-generated recommendation.
- Lodge a complaint — you have the right to lodge a complaint with a supervisory authority. For the Netherlands: Autoriteit Persoonsgegevens (AP), autoriteitpersoonsgegevens.nl.
How to exercise your rights: Contact us at privacy@taskzilla.ai or via support.taskzilla.ai. We will verify your identity and respond within 30 days. If a request is complex or numerous, we may extend this by a further 60 days (with notification). Exercising your rights is free of charge, except for manifestly unfounded or excessive requests.
11. Data Breach Notification
In the event of a personal data breach:
- We will notify the relevant supervisory authority (Autoriteit Persoonsgegevens) within 72 hours of becoming aware of the breach, as required by Article 33 GDPR, unless the breach is unlikely to result in a risk to your rights and freedoms.
- If the breach is likely to result in a high risk to your rights and freedoms, we will notify you directly and without undue delay (Art. 34 GDPR), describing the nature of the breach, the likely consequences, and the measures taken to address it.
- We maintain an internal breach register documenting all incidents regardless of notification threshold.
12. Cookies
12.1 Essential cookies (always active)
Strictly necessary for core functionality. These do not require consent under the ePrivacy Directive:
- Session cookie — maintains your login session. Expires when you close your browser or after 24 hours of inactivity.
- CSRF token — prevents cross-site request forgery. Session-scoped.
- Cookie preference — stores your cookie consent choice. Expires after 12 months.
12.2 Optional cookies (consent required)
- Analytics — measure page flow, experiments, and CTA performance. Only activated with your explicit consent.
- Marketing — enable remarketing pixels and campaign attribution. Only activated with your explicit consent.
You can manage your preferences at any time via the "Cookie settings" button in the site footer. Declining optional cookies does not affect core functionality. Consent is recorded and can be withdrawn at any time with the same ease as it was given.
13. Children
TaskZilla is not directed at individuals under 16 years of age. We do not knowingly collect personal data from children under 16. If we learn that we have inadvertently collected data from a child under 16, we will delete it promptly and notify the parent or guardian where possible.
14. Changes to This Policy
We may update this policy from time to time. Material changes will be communicated at least 30 days in advance via email or an in-app notification. The "last updated" date at the top reflects the most recent revision. Previous versions are archived and available upon request.
If changes materially affect the legal basis for processing, or introduce new categories of data collection, we will seek fresh consent where required.
Still have questions? Email privacy@taskzilla.ai or ping support.taskzilla.ai — I read every one.