Privacy Policy
Effective 14 July 2026
Who we are
Droplist is operated by Chasing Growth t/a Intetrix Solutions ("Droplist", "we", "us"), a business based in South Africa. We are the controller responsible for the personal information described in this policy. Questions or requests: roland@intetrixsolutions.tech.
This policy applies to droplist.tech and the Droplist app. It is written to meet South Africa's POPIA and, for visitors in the EU/UK, the GDPR and UK-GDPR.
What we collect
We collect only what we need to run a shareable checklist you can use with other people:
- Account details - your email and (optionally) name. If you sign in with Google, we receive your Google account ID, email, name and profile picture. We store passwords only as a salted hash, never in plain text.
- Mission content - the titles, tasks, notes, comments, files, links and voice recordings you add to a mission. You control this content.
- People you share with - email addresses you enter to assign or notify someone about a mission, and any display name a guest provides when completing tasks.
- Technical data - IP address and basic device/browser information (used for security, rate-limiting and abuse prevention), and, if you enable notifications, your browser's push subscription.
- Billing data - if you subscribe to Pro, our payment provider (Paystack) processes your card. We do not see or store full card numbers; we keep your subscription and customer references and status.
- Cookies & local storage - a small amount of local storage keeps you signed in and remembers preferences (like theme). Analytics/advertising cookies are set only with your consent (see "Cookies").
How we use it
- Provide the service - create and share missions, sync task completion in real time, and deliver notifications and emails you ask for.
- Billing - manage Pro subscriptions and trials through our payment provider.
- Security & abuse prevention - detect fraud, rate-limit, and keep the service reliable.
- Communicate - send transactional emails (invites, completion notices, password resets, billing) and respond to your messages.
- Improve Droplist and, where you have consented, measure the performance of our advertising.
Legal bases (GDPR/UK-GDPR)
Where the GDPR/UK-GDPR applies, we rely on: performance of a contract (to provide the service you request), legitimate interests (security, preventing abuse, and improving the product), consent (analytics and advertising cookies, and optional emails - you can withdraw it at any time), and legal obligations (e.g. tax and accounting).
Voice recordings
Voice notes you record on a mission are personal data. They are converted to an MP3 file and stored on our server so recipients can play them back. They are deleted when you delete the note, when the mission is deleted, or when a free mission is purged after its retention window (see "How long we keep it"). Do not record sensitive personal information you would not want shared with everyone who has the mission link.
How long we keep it
- Completed missions on the free plan are ephemeral - they are removed a short time after completion (currently a 7-day rescue window) and then permanently deleted, including their files and voice notes. Pro keeps your history until you delete it.
- Account data is kept while your account is active and deleted (or anonymised) when you delete your account.
- Billing records are kept as long as required for tax and accounting.
- Basic security logs are kept for a limited period.
Your rights
Depending on where you live, you may have the right to access, correct, delete, export, or restrict the use of your personal information, and to object to certain processing or withdraw consent. To exercise any of these, email roland@intetrixsolutions.tech or use the account controls in your dashboard. We respond within the time required by law.
You can also complain to a regulator: in South Africa, the Information Regulator; in the EU/UK, your local data protection authority.
Children
Droplist is not directed to children under 16, and we do not knowingly collect their personal information.
Security
We protect your data with encryption in transit (HTTPS), hashed passwords, access controls, and provider safeguards. No system is perfectly secure, but we work to keep your information safe and will notify you and the relevant regulator of a breach where the law requires.
Changes to this policy
We may update this policy as the product or the law changes. We will post the new version here and update the effective date; significant changes will be highlighted in the app or by email.
Contact us
Chasing Growth t/a Intetrix Solutions, South Africa - roland@intetrixsolutions.tech. See also our Terms of Service.