The SAU team makes every effort to ensure the security and confidentiality of user data.
Data is encrypted via TLS 1.1 and above when it is sent and received.
Data exchange between the web portal, applications and the server always uses the SSL protocol.
Data is backed up once a day, encrypted and signed with a key.
To prevent unauthorized access to accounts, any password recovery or change requires confirmation via email. In addition, in your user profile on the web portal, you can always see the full list of devices used to log into your SAU account. Remember to change your password from time to time. It should be at least 8 characters long and use letters, numbers and symbols.
To guarantee the security and integrity of your SAU data, our team takes the necessary precautions and maintains a security system to prevent unauthorized access. Only a very small group of SAU employees has access to the databases, and only when it is required for the maintenance of SAU web portal and applications or to eliminate critical errors.
GDPR (General Data Protection Regulation) is a regulation protecting the personal data of citizens and residents of the European Union. This document clearly defines the requirements for the collection, processing and storage of personal data. The SAU.app web portal and the SAU applications are fully GDPR-compliant.
In addition to your task and project data, SAU stores your personal information, such as your name and email. SAU automatically identifies and stores your IP address, time zone, device ID and name. This is only done for technical and monitoring purposes.
Under GDPR rules, SAU is considered a data processor that controls how user data is used. Although SAU2Do owns the software code, databases and all rights to the SAU applications and web portal, you retain all rights to your personal data. You can always download all of your personal data stored on SAU. Read more in the article "How can I get ALL my SAU data?".
Financial data (card number, tax ID, billing address) is not accessed or stored on SAU servers. We may pass on your email and device details to third party services such as Stripe, Apple, or Google in order to pay for your premium subscription.
SAU does not and will not sell your personal data!
PDPA (Personal Data Protection Act) is a law regulating personal data collection, storage, processing and use. It is enforced in Singapore since 2012 and is used in many South Asian countries since 2021. The SAU.app web portal and SAU applications are fully PDPA-compliant.
Your personal data (name and email) is stored on the SAU servers. Its processing is fully compliant with the requirements of the PDPA:
  • Notification of use and consent: during registration, acknowledgement of reading the SAU security policy is required.
  • Restricted use and transmission: the data is only used for the purposes of using SAU and is only transmitted to third parties (Stripe, Apple, Google) in order to pay for the subscription.
  • Accuracy: data is stored exactly as provided by the user and cannot be modified by SAU in any other way.
  • Modifiable: you can personally make changes to your data via the web portal or through the app profile.
  • Security: data is stored in secure databases.
  • Restricted retention: all personal data, projects, tasks, etc. can be deleted at the user's request.
  • Transparency: any questions about the protection of personal data are dealt with by a dedicated Data Protection Officer.
152-ФЗ (Federal Law "On Personal Data") is a law regulating the handling of personal data that has been enforced in Russia since 2006. The SAU.app web portal and the SAU applications are not considered data operators, but still fully comply with this law.
SAU stores your name and email address. These details can only be considered personal information if a person can be fully identified using them. We do not require your real name when creating an account, therefore SAU does not store or process personal information (as defined by the law 152-ФЗ).