Privacy Policy

Last updated: July 3, 2026

1. Introduction

Countdown Trigger ("we," "us," or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

By using Countdown Trigger, you consent to the data practices described in this policy. If you do not agree with our policies, please do not use the Service.

This Privacy Policy is incorporated into and forms part of our Terms of Service; to the extent of any conflict between this policy and the Terms of Service, the Terms of Service (including their disclaimers, limitations of liability, and dispute-resolution provisions) govern. This policy does not create any rights enforceable by third parties.

2. Information We Collect

2.1 Information You Provide

We collect information you provide directly, including:

  • Account Information: Email address, password (hashed), name
  • Profile Information: Phone number, timezone preferences
  • Countdown Data: Names, descriptions, schedules, action configurations
  • Message Content: Email content, SMS messages, webhook payloads you configure
  • Recipient Information: Email addresses and phone numbers of your designated recipients
  • Payment Information: Processed securely by Stripe; we do not store full payment card details
  • Communications: Support requests, feedback, and correspondence with us

2.2 Information Collected Automatically

When you use our Service, we automatically collect:

  • Device Information: Browser type, operating system, device identifiers
  • Usage Data: Pages visited, features used, timestamps, click patterns
  • Log Data: IP addresses, access times, referring URLs, error logs
  • Cookies and Similar Technologies: Session cookies, authentication tokens

2.3 Information from Third Parties

We may receive information from authentication providers (if you use social login), payment processors (transaction confirmations), and analytics services.

3. Information You Provide About Others

The Service lets you store contact details for message recipients and configure messages to be sent to them. When you provide personal information about another person (such as a recipient's name, email address, or phone number), you are responsible for that information and for the messages you direct to that person. You represent that you have the right, and any legally required consent or other lawful basis, to provide that information to us and to have messages sent to that person through the Service.

We process recipient information solely at your direction and on your behalf in order to provide the Service (for example, to deliver the messages you configure). To the extent laws such as the GDPR apply to that processing, you act as the data controller of recipient information and we act as your processor or service provider, acting on your instructions. You — not we — are responsible for informing recipients about that processing, keeping their information accurate and current, and honoring their requests regarding the messages you configure.

If you are a message recipient and would like your contact information removed or suppressed, contact us at privacy@countdowntrigger.com (or reply STOP to any SMS), and we will take reasonable steps consistent with applicable law.

4. Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), United Kingdom, and Switzerland, we process your personal data under the following legal bases:

  • Contract Performance: Processing necessary to provide our services to you
  • Legitimate Interests: Improving our services, security, fraud prevention, analytics, and establishing, exercising, or defending legal claims
  • Consent: Where you have explicitly consented (e.g., marketing communications)
  • Legal Obligation: Compliance with applicable laws and regulations

5. How We Use Your Information

We use collected information to:

  • Provide, operate, and maintain the Service
  • Process and execute your countdown actions (emails, SMS, webhooks)
  • Process payments and manage subscriptions
  • Send transactional communications (check-in reminders, account notifications)
  • Respond to support requests and provide customer service
  • Monitor and analyze usage patterns to improve the Service
  • Detect, prevent, and address fraud, abuse, and security issues
  • Comply with legal obligations and enforce our Terms of Service
  • Protect our rights, property, and safety, and those of our users and third parties, including establishing and defending legal claims
  • Send marketing communications (with your consent, where required)

We may aggregate or de-identify information so that it can no longer reasonably be used to identify you, and we may use and disclose such aggregated or de-identified information for any lawful purpose. We will not attempt to re-identify it except as permitted by law.

6. Information Sharing and Disclosure

We do not sell your personal information. We may share information with:

6.1 Service Providers

Third parties who assist in our operations:

  • Supabase: Authentication and database hosting
  • Twilio: SMS message delivery
  • Resend and other email providers: Email delivery services
  • Stripe: Payment processing
  • AWS: Cloud infrastructure and scheduling
  • Analytics Providers: Usage analytics

6.2 Message Recipients

When your configured actions execute, the content of your messages — which may include personal information you chose to include — is delivered to the recipients you designated. That disclosure is directed by you, and we are not responsible for how recipients use or further share delivered content.

6.3 Legal Requirements and Protection

We may disclose information when we believe it is reasonably necessary to:

  • Comply with applicable laws, regulations, or legal processes
  • Respond to lawful requests from government authorities
  • Protect our rights, privacy, safety, or property, or that of our users or others
  • Enforce our Terms of Service and other agreements
  • Investigate potential violations, fraud, or security issues
  • Prevent imminent physical harm or illegal activity

6.4 Business Transfers

In connection with a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, your information may be disclosed or transferred as a business asset. We will provide notice as required by applicable law before your personal information becomes subject to a materially different privacy policy.

7. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence, including the United States. These countries may have different data protection laws than your jurisdiction.

For transfers from the EEA, UK, or Switzerland, we implement appropriate safeguards, including Standard Contractual Clauses approved by the European Commission, to ensure your data receives adequate protection.

8. Data Retention

Unless a longer period is required or permitted by law (for example, for tax, accounting, dispute-resolution, or security purposes), we retain information for approximately the following periods:

  • Account Data: Until you delete your account, plus a short period for backup recovery
  • Countdown Data: Until you delete the countdown or your account
  • Triggered Messages: Delivery logs retained for troubleshooting and compliance
  • Payment Records: As required for tax and legal compliance (typically 7 years)
  • Server Logs: Approximately 90 days
  • Analytics Data: Retained in aggregated form

Upon account deletion, we will delete or de-identify your personal data within a reasonable period (generally around 30 days), except where retention is required by law, needed to resolve disputes or enforce agreements, or held in routine backups pending their scheduled deletion.

9. Data Security

We implement appropriate technical and organizational security measures, including:

  • Encryption of data in transit (TLS/SSL) and at rest
  • Secure password hashing
  • Access controls and authentication requirements
  • Regular security assessments
  • Secure cloud infrastructure

However, no method of transmission over the Internet or electronic storage is 100% secure, and no security program is impenetrable. While we strive to protect your data, we cannot and do not guarantee absolute security, and any information you transmit to or store on the Service is provided at your own risk. Please consider carefully what you include in message content, and do not store passwords, account credentials, or similar secrets in messages.

In the event of a security breach affecting your personal information, we will notify you and the relevant authorities as required by applicable law.

10. Your Privacy Rights

10.1 Rights for All Users

All users have the right to:

  • Access your personal information
  • Correct inaccurate data
  • Delete your account and associated data
  • Export your data in a portable format
  • Opt out of marketing communications

10.2 Additional Rights for EEA/UK Residents (GDPR)

If you are in the EEA, UK, or Switzerland, you also have the right to:

  • Restriction: Request restriction of processing
  • Objection: Object to processing based on legitimate interests
  • Portability: Receive your data in a structured, machine-readable format
  • Withdraw Consent: Withdraw consent at any time (where processing is based on consent)
  • Complaint: Lodge a complaint with your local supervisory authority

10.3 California Residents (CCPA/CPRA)

If you are a California resident, you have the following rights:

  • Right to Know: Request disclosure of the categories and specific pieces of personal information we collect, use, and disclose
  • Right to Delete: Request deletion of your personal information
  • Right to Correct: Request correction of inaccurate personal information
  • Right to Opt-Out: Opt out of the sale or sharing of personal information (we do not sell your data)
  • Right to Non-Discrimination: Not be discriminated against for exercising your rights
  • Right to Limit Use: Limit the use of sensitive personal information

Categories of Personal Information Collected: Identifiers (email, IP address), commercial information (transaction history), internet activity (usage data), geolocation data (approximate location from IP), and professional information (if provided).

Do Not Sell or Share: We do not sell or share (as defined by CCPA/CPRA) your personal information for cross-context behavioral advertising.

10.4 Exercising Your Rights

To exercise any of these rights, contact us at privacy@countdowntrigger.com. You may use an authorized agent where applicable law allows. We will respond within the timeframes required by applicable law (generally 30 days for GDPR requests and 45 days for CCPA requests, each extendable as the law permits). We may need to verify your identity before processing your request, and we may decline requests where an exemption applies or verification fails, to the extent permitted by law.

11. Cookies and Tracking Technologies

We use the following types of cookies:

  • Essential Cookies: Required for authentication and security (cannot be disabled)
  • Functional Cookies: Remember your preferences and settings
  • Analytics Cookies: Help us understand how you use the Service

You can manage cookie preferences through your browser settings. Note that disabling certain cookies may affect Service functionality.

Do Not Track and opt-out signals: Some browsers transmit "Do Not Track" signals; there is no industry standard for responding to them, and we do not currently respond to DNT signals. Because we do not sell or share personal information for cross-context behavioral advertising, opt-out preference signals such as Global Privacy Control do not change how we process your data; where applicable law nonetheless requires us to honor such signals, we will.

12. SMS/Text Messaging

When you provide your phone number and consent to receive SMS messages, we may send:

  • Check-in reminders before countdown deadlines
  • Deadline alerts when countdowns are about to expire
  • Trigger notifications when countdown actions are executed
  • Account security notifications (two-factor authentication, password resets)

Message Frequency: Varies based on your countdown settings and notification preferences. You control frequency through account settings.

Opt-Out: Reply STOP to any message or disable SMS in account settings. You will receive a confirmation message after opting out.

Costs: Message and data rates may apply. Contact your mobile carrier for plan details.

Help: Reply HELP to any message or contact support@countdowntrigger.com.

13. Children's Privacy

The Service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children under 18. If you believe we have collected information from a child under 18, please contact us immediately at privacy@countdowntrigger.com, and we will delete such information as required by law.

14. Third-Party Links and Services

The Service may contain links to third-party websites or services, and messages you configure may be handled by recipients' carriers, mailbox providers, and devices. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any personal information.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. For material changes, we will make reasonable efforts to notify you by email or prominent notice on the Service before they take effect; non-material changes take effect when posted. The "Last updated" date above indicates the current version, and it is your responsibility to review this policy periodically. Your continued use of the Service after changes take effect constitutes acceptance of the updated policy.

16. Contact Us

For questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:

Countdown Trigger
Email: privacy@countdowntrigger.com

Data Protection Inquiries:
For GDPR-related inquiries, you may contact us at dpo@countdowntrigger.com