KanbangoSign in

Privacy Policy

Effective date: March 27, 2026

1. Overview

Kanbango is a project management tool for solo developers. This Privacy Policy explains what personal data we collect, how we use it, who we share it with, and how we protect it. By using Kanbango, you agree to the practices described here.

2. Data We Collect

Account information

When you sign up with email and password, we store your name, email address, and a hashed version of your password. We never store plain-text passwords. When you sign up with Google, we receive your name, email, and Google profile photo via OAuth and store the name and email.

Project data

We store the projects, tasks, and notes you create. This includes titles, descriptions, priorities, statuses, and note content. This data is stored in a PostgreSQL database hosted on our infrastructure.

Credential vault data

Credential values you store in the vault are encrypted with AES-256-GCM before being written to the database. The label (name) of each credential is stored unencrypted. We cannot read your credential values without the encryption key, which is stored separately from the database.

Billing data

Billing is handled by Stripe. We store your Stripe customer ID and subscription status, but we never store credit card numbers or payment details. All payment data is held by Stripe under their own privacy policy.

Waitlist data

If you submit your email to join the waitlist, we store that email address solely to notify you when access is available. Waitlist emails are not used for marketing.

3. How We Use Your Data

  • To provide and operate the Service — storing your projects, tasks, notes, and credentials
  • To authenticate you and maintain your session
  • To process payments and manage your subscription
  • To send transactional emails (e.g. password reset, subscription confirmation)
  • To generate AI-assisted tasks using your project name and type (see Section 5)
  • To respond to support inquiries

We do not sell your personal data. We do not use your data for advertising.

4. Third-Party Services

Kanbango uses the following third-party services:

  • Google OAuth — used for “Sign in with Google.” When you use this option, Google shares your name and email with us. Subject to Google's Privacy Policy.
  • Google Gemini (AI) — used to generate task lists when you create a project. We send your project name and type to Gemini's API. We do not send note content, credential values, or any other personal data to Gemini. Subject to Google's Gemini API Terms.
  • Stripe — used to process subscription payments and manage billing. Stripe handles all payment data and is PCI-DSS compliant. Subject to Stripe's Privacy Policy.

5. AI Task Generation

When you create a new project, Kanbango sends the project's name and type to the Google Gemini API to generate a starter task list. No other data (notes, credentials, task content, or personal information) is sent to Gemini.

If you do not wish to use AI task generation, you can disable it when creating a project.

6. Data Security

We take reasonable technical and organizational measures to protect your data:

  • All data is transmitted over HTTPS/TLS
  • Passwords are hashed using bcrypt — we cannot recover your password
  • Credential vault values are encrypted with AES-256-GCM at rest
  • Database access is restricted to application servers only
  • Sessions use signed JWT tokens

No security system is perfect. If you discover a security vulnerability, please contact us immediately at the address below.

7. Data Retention

We retain your data for as long as your account is active. If you delete your account, we will delete your data within 30 days, except where retention is required by law.

Stripe may retain billing records for longer periods as required by financial regulations.

8. Your Rights

Depending on your location, you may have rights including:

  • Access to the personal data we hold about you
  • Correction of inaccurate data
  • Deletion of your data (right to erasure)
  • Export of your data in a portable format

To exercise any of these rights, contact us.

9. Cookies

Kanbango uses a session cookie to keep you logged in. This cookie is essential to the operation of the Service and cannot be disabled. We do not use advertising cookies or third-party tracking cookies.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users of material changes by email or by posting a notice in the application. Continued use of the Service after the effective date constitutes acceptance of the updated policy.

11. Contact

For any privacy-related questions or requests, please contact us.