Privacy Policy

Effective date: July 4, 2026

This Privacy Policy explains how Rossilite, LLC, a Georgia limited liability company ("Rossilite," "we," "us," or "our"), collects, uses, and shares information when you use the Projects application, the Cloud Sync service, and our websites (collectively, the "Service").

The short version: used offline, Projects keeps your data on your device and we never see it. If you sign in, we collect your email; if you use Cloud Sync, your boards are stored on our servers so we can sync and share them for you. Payments are handled by Stripe - we never see your card number. We don't sell your data, and we don't show ads.

1. Information We Collect

Local-only use - nothing

If you use Projects without signing in, your boards and projects are stored only on your device (in the app's local storage). This data never reaches our servers, and we have no access to it.

Account information

When you sign in, we collect your email address. We use it to send one-time sign-in codes, identify your account, deliver board invitations, and send service-related messages. Session tokens are stored in hashed form on our servers.

Cloud board content

When you create or join a cloud board, the board's content - project titles, descriptions, column names, comments, assignees, due dates, and related metadata such as who made changes and when - is stored on our servers (hosted on Amazon Web Services in the United States) so we can sync it across your devices and display it to the board's members.

Billing information

Subscription payments are processed by Stripe, Inc. Your full payment card details go directly to Stripe and are never stored on our servers. We store your subscription status, plan, billing period dates, and Stripe customer and subscription identifiers. Stripe's handling of your information is described in Stripe's Privacy Policy.

Technical and log information

Like most online services, our servers automatically record limited technical information when you use cloud features, such as IP addresses, timestamps, and request details, which we use for security, debugging, and abuse prevention.

Usage analytics and diagnostics

We may collect aggregated, non-identifying usage statistics (such as feature usage counts, app version, operating system version) and crash or error reports to understand how the Service is used and to improve it. We do not use third-party advertising trackers, and we do not collect analytics designed to profile you across other companies' apps or websites.

2. How We Use Information

3. How We Share Information

We do not sell or rent your personal information. We share information only:

4. Data Retention

We keep account information and cloud board content for as long as your account is active or as needed to provide the Service. Cloud boards you delete are removed from the live database promptly and from routine backups on a rolling basis. Sign-in codes expire within minutes; sessions expire automatically. We may retain limited records (such as billing history) as required for tax, accounting, or legal purposes.

5. Your Choices and Rights

Depending on where you live, you may have additional rights under applicable privacy laws (such as rights of access, deletion, correction, or portability). We honor such requests as required by law and do not discriminate against you for exercising them. We do not sell or "share" personal information as those terms are defined under U.S. state privacy laws.

6. Security

We use reasonable technical and organizational safeguards to protect your information: data is encrypted in transit (TLS), session tokens are stored hashed, access to production systems is restricted, and payments are handled by a PCI-DSS-compliant processor. No method of transmission or storage is 100% secure, so we cannot guarantee absolute security - please keep control of the email account you use to sign in, since it can be used to access your account.

7. Age Requirement and Children's Privacy

The Service is intended for adults and requires users to be at least 18 years old. The Service is not directed to anyone under 18, and we do not knowingly collect personal information from anyone under 18 (including, without limitation, children under 13 within the meaning of COPPA). If we learn that we have collected personal information from someone under 18, we will delete it. If you believe someone under 18 has provided us personal information, contact us at projects@rossilite.com.

8. International Users

The Service is operated from the United States, and information we collect is stored and processed in the United States. If you use the Service from outside the U.S., you understand that your information will be transferred to and processed in the U.S., where data protection laws may differ from those in your jurisdiction.

9. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will provide notice - for example, by email, in-app notice, or by updating the effective date on this page. Your continued use of the Service after changes take effect constitutes acceptance of the updated policy.

10. Contact

Rossilite, LLC - Dahlonega, Georgia, United States
projects@rossilite.com