Overview
Done!Next is a routine and task management app for iPhone. This policy explains what personal data we collect, why we collect it, how we use it, and what rights you have.
Your task data belongs to you. We do not sell personal data, and you can request deletion at any time.
Data Controller
The data controller is:
Baris Yener
Gartenstr. 91
10115 Berlin
Deutschland
For privacy questions, contact support@donenext.de.
Data We May Process
- Account data when you sign in: name, email address, user ID, and authentication provider.
- App content you create: tasks, groups, notes, schedules, colors, photos, completion history, archives, settings, and optional location or calendar-related task information.
- Subscription status and purchase entitlement information handled through Apple In-App Purchase.
- Diagnostic and product health data such as crash logs, app-open events, sync success or failure, and basic feature usage.
- Device or app-generated identifiers used for diagnostics, push-token registration, promo abuse prevention, and lightweight telemetry where applicable.
If you use Done!Next without signing in, your task content is stored locally on your device unless you later enable account and sync features.
Support Partner Access
If you choose to use Support Partner, you can invite a trusted person to suggest tasks. This person does not receive direct access to your private tasks, account, settings, billing, archive, export/delete controls, or full history by default.
- Support Partner data may include invite records, relation status, permission scopes, incoming task suggestions, accepted or rejected decisions, task-link records for partner-created tasks, and audit log entries.
- Task suggestions are added to your account only after your approval unless you explicitly enable a trusted auto-add mode.
- You can revoke a Support Partner relation at any time. Already accepted tasks may remain in your task lists unless you delete them.
- Audit logs are used to show who suggested or changed support-related items and to help resolve privacy, security, or support questions.
Do not share sensitive information with a Support Partner unless you trust that person and understand the access you grant.
Third-Party Services and Web Fonts
Done!Next uses Firebase Authentication, Cloud Firestore, Firebase Analytics, Firebase Crashlytics, Apple In-App Purchase, Vercel, and Upstash Redis to provide sign-in, sync, diagnostics, subscriptions, promo/admin functions, and backend health features.
The public website and app web views may load Google Fonts or other third-party web font files. When this happens, your IP address and request metadata may be transmitted to the font provider. This should be reviewed regularly and can be reduced by self-hosting fonts.
The website stores your selected language in browser localStorage under donenext-lang. This is used only to remember your language choice and is not used for advertising.
Website Analytics and Cookies
The marketing website (donenext.de) uses Google Analytics 4 (measurement ID G-YQW8XJL1W4), a service provided by Google Ireland Limited. It is loaded only after you choose “Accept” in the cookie banner. If you choose “Essential only”, no analytics cookies or scripts are set.
When enabled, Google Analytics stores cookies and processes a randomly generated identifier, the pages you visit, an approximate location derived from your IP address, and basic device and browser information, so we can see aggregate usage. We do not use it for advertising and we do not sell any data.
The legal basis is your consent (Art. 6(1)(a) GDPR). You can withdraw it at any time by choosing “Essential only”, clearing this site’s data in your browser, or resetting the cookie choice — analytics then stops immediately. Data may be processed by Google in the EU and the USA under Google’s data processing terms and the EU Standard Contractual Clauses.
The Done!Next iOS app contains no advertising or third-party analytics SDK. For crash diagnostics it uses Firebase Crashlytics (Google), and for basic product-health it uses a first-party telemetry service — both only after your explicit opt-in consent.
How We Use Data
- To authenticate signed-in users.
- To sync and back up routines when enabled.
- To show task progress, history, settings, and subscription state.
- To diagnose crashes, security issues, and sync problems.
- To respond to support, privacy, deletion, and data export requests.
We do not use your data for advertising, sale of personal data, or automated decisions with legal or similarly significant effects.
Legal Basis and International Transfers
Where GDPR applies, processing may be based on contract performance for account, sync, subscription, and requested app features; legitimate interests for security, diagnostics, support, product health, and abuse prevention; and consent or device permission choices where legally required for optional features.
Some service providers may process data outside the European Economic Area. Any such transfer should rely on appropriate safeguards such as Standard Contractual Clauses or equivalent provider transfer mechanisms. These safeguards and processor agreements should be verified before public launch.
Retention and Deletion
Account and synced app content are retained while your account exists. When you delete your account, cloud-stored account data and synced task data are deleted within 30 days.
Local-only data is removed when you delete the app from your device. Aggregated or anonymised analytics that cannot identify you may be retained.
Your GDPR Rights
If you are in the European Economic Area, you may request access, correction, deletion, restriction, portability, objection, or withdrawal of consent where applicable.
To exercise these rights, email support@donenext.de. We will respond within 30 days. You may also contact your local data protection authority.