Privacy Policy for HoliTrack
Last Updated: April 6, 2026
This Privacy Policy outlines how HoliTrack ("us", "we", or "our") collects, uses, and protects your information when you visit our website, https://holitrack.app. We are committed to safeguarding your privacy and ensuring that your personal information is processed in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
1. Information Collection
We collect personal information that you voluntarily provide to us when you interact with our services. This includes:
- Email addresses: We collect your email address when you contact us for support or subscribe to our services.
- Usage and analytics data: We use analytics tools (including PostHog and/or Mixpanel) to collect information such as IP addresses, browser and device type, pages visited, and interaction data. This helps us understand how the service is used and improve it.
- Payment information: If you subscribe to a paid plan, payment processing is handled by Stripe. We do not store your card details. We retain billing-related information such as your plan type and transaction history.
- Slack data: If you connect our Slack bot, we access limited Slack data within the scopes you authorise, solely to provide the bot's functionality.
- Google Calendar data: If you opt in to Google Calendar sync, we access your calendar data to provide that feature. This integration is entirely optional and can be disconnected at any time.
2. Use of Information and Legal Basis
The information we collect is used for the following purposes, along with the legal basis under which we process it:
- To communicate with you: We use your email address to respond to inquiries, provide customer support, and send transactional or service-related emails necessary for the functioning of the service (e.g. account verification, notifications). Legal basis: legitimate interests and, where applicable, contractual necessity (Article 6(1)(b) and (f) GDPR).
- To improve our services: We analyse usage and analytics data to enhance user experience. Legal basis: legitimate interests (Article 6(1)(f) GDPR).
- To process payments: We use Stripe to handle payments for paid plans. Legal basis: contractual necessity (Article 6(1)(b) GDPR).
- To provide integrations: Data accessed via Slack or Google Calendar is used solely to deliver the functionality of those integrations. Legal basis: consent and/or contractual necessity (Article 6(1)(a) and (b) GDPR).
3. Data Retention
We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected. Specifically:
- Email addresses collected for support purposes are retained for as long as needed to resolve your query, and for a reasonable period thereafter in case of follow-up.
- You may request deletion of your data at any time (see Section 6 – User Rights).
4. Information Sharing and Third-Party Processors
We do not sell or rent your personal information to third parties. We use the following third-party processors to operate our service:
- Stripe – payment processing (stripe.com/privacy)
- PostHog / Mixpanel – product analytics
- Slack – bot integration (where enabled)
- Google – calendar sync (where enabled)
We may also share your information in the following circumstances:
- With your consent: We will only share your personal data with third parties when you have provided us with explicit consent to do so.
- For legal compliance: We may disclose your information if required to do so by law or in response to valid requests by public authorities.
5. Data Storage and Security
We take the security of your personal information seriously. We implement various security measures to protect your data from unauthorized access, alteration, disclosure, or destruction. Your personal information is stored securely and is only accessible to authorized personnel who are required to keep the information confidential.
6. User Rights
You have certain rights regarding your personal data, including:
- The right to access: You can request copies of your personal information.
- The right to rectification: You have the right to request that we correct any information you believe is inaccurate.
- The right to erasure: You can request that we delete your personal data under certain conditions.
- The right to restrict processing: You have the right to request that we restrict the processing of your personal information.
- The right to data portability: You can request the transfer of your data to another organization in certain circumstances.
- The right to object: You have the right to object to our processing of your personal data where we rely on legitimate interests as our legal basis.
- The right to withdraw consent: Where we rely on your consent to process your data, you have the right to withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out before withdrawal.
To exercise any of these rights, please contact us using the details in Section 11.
7. Right to Lodge a Complaint
If you are located in the UK, you have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues. You can contact the ICO at https://ico.org.uk.
If you are located in the EU, you have the right to lodge a complaint with your local data protection supervisory authority.
8. Cookies and Tracking
We use cookies and similar tracking technologies to enhance your experience and collect analytics data. This includes cookies set by third-party analytics tools (such as PostHog and/or Mixpanel) to help us understand usage patterns. You can manage your cookie preferences through your browser settings.
Please note that non-essential cookies will only be placed on your device with your prior consent, in accordance with applicable law.
9. Children's Privacy
HoliTrack does not knowingly collect personal information from children under the age of 13. If we become aware that we have collected personal data from a child under 13 without parental consent, we will take steps to remove such information from our records.
10. Changes to Privacy Policy
We may update our Privacy Policy from time to time. Any changes will be posted on this page with an updated "Last Updated" date. We encourage you to review this Privacy Policy periodically for any updates.
11. Contact Information
If you have any questions or concerns about this Privacy Policy or our data practices, please contact us:
Conclusion
Your privacy is important to us, and we are dedicated to protecting your personal information. By using our services, you consent to the collection and use of your information as outlined in this Privacy Policy. Thank you for trusting HoliTrack with your personal data.