recurrence.dev logo recurrence.dev

Privacy Policy

Last updated: January 25, 2026

TL;DR: We collect only what we need to run the service. We do not sell, share, or rent your personal information. We don't use third-party trackers, and we don't require cookie consent banners because we respect your privacy.

1. Information We Collect

We collect minimal information necessary to provide the Service:

Account Information

  • Email address (for authentication and service communications)
  • Account creation timestamp
  • Marketing preferences (if you opt in)

API Usage Data

  • API request counts and timestamps
  • Rate limit status
  • Error rates (for debugging and service improvement)

What We Don't Collect

  • We do not store the RRULE data you send to the API
  • We do not track you across other websites
  • We do not use third-party analytics that share data externally

2. How We Use Your Information

We use collected information for the following purposes and legal bases:

Contract Performance

  • Provide and maintain the Service
  • Authenticate your API requests
  • Enforce rate limits and subscription terms
  • Send transactional emails (login links, security alerts, billing)

Legitimate Interests

  • Prevent fraud and abuse
  • Improve the Service based on aggregate usage patterns
  • Send service-related communications, including feedback requests and feature updates

Consent

  • Send marketing communications (only if you opted in)

3. Cookies and Tracking

We use only essential first-party cookies required for the Service to function:

  • Session cookie: Keeps you logged in (expires when you log out or after inactivity)
  • CSRF token: Protects against cross-site request forgery attacks

We do not use advertising cookies, tracking pixels, or third-party analytics services that follow you across the web. Our analytics are first-party and privacy-focused, collecting only aggregate data that cannot identify individual users.

4. Data Sharing and Sale

We do not sell, share, or rent your personal information to third parties for their marketing purposes.

We may share data only in these limited circumstances:

  • Service providers: Email delivery and payment processing (bound by confidentiality agreements)
  • Legal requirements: If required by law, subpoena, or to protect our rights
  • Business transfer: In connection with a merger or acquisition (with notice to users)

5. Data Retention

We retain your data as follows:

  • Account data: Until you delete your account
  • API usage logs: 90 days (aggregated statistics kept longer)
  • Security logs: 1 year (for abuse prevention)
  • Billing records: As required by tax and accounting laws (typically 7 years)

6. Your Rights

You have the right to:

  • Access: Request a copy of your personal data
  • Correction: Update inaccurate account information
  • Deletion: Delete your account and associated data
  • Portability: Export your data in a machine-readable format
  • Withdraw consent: Unsubscribe from marketing emails at any time

How to Submit a Request

To exercise these rights, email us at [email protected]. Include:

  • Your account email address
  • The specific right you wish to exercise
  • Any details that help us locate your data

Verification Process

To protect your privacy, we verify your identity before processing requests. We may ask you to confirm your email address or provide additional information to match our records.

Response Timeframes

  • California residents (CCPA): 45 days, extendable by 45 days with notice
  • European residents (GDPR): 30 days, extendable in complex cases
  • All other requests: Within 30 days

7. California Privacy Rights (CCPA)

If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with additional rights:

Categories of Personal Information Collected

  • Identifiers: Email address
  • Commercial information: Subscription and billing records
  • Internet activity: API usage logs, request timestamps

Your CCPA Rights

  • Right to Know: Request disclosure of what personal information we collect, use, and share
  • Right to Delete: Request deletion of your personal information
  • Right to Opt-Out of Sale: We do not sell your personal information. No opt-out is needed.
  • Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights

How to Submit a CCPA Request

Email [email protected] with the subject line "CCPA Request." We will verify your identity by confirming your account email. You may designate an authorized agent to submit requests on your behalf with proper documentation.

We do not sell, share, or rent your personal information to third parties for monetary or other valuable consideration.

8. European Privacy Rights (GDPR)

If you are in the European Economic Area (EEA), United Kingdom, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR):

Legal Basis for Processing

We process your personal data under the following legal bases (GDPR Article 6):

  • Contract: To provide the API service you signed up for
  • Legitimate Interests: To prevent fraud, improve security, and enhance our services
  • Consent: For optional marketing communications
  • Legal Obligation: For tax and regulatory compliance

Your GDPR Rights

  • Access: Obtain a copy of your personal data
  • Rectification: Correct inaccurate data
  • Erasure: Request deletion ("right to be forgotten")
  • Restriction: Limit how we process your data
  • Portability: Receive your data in a structured, machine-readable format
  • Object: Object to processing based on legitimate interests
  • Withdraw Consent: Withdraw consent at any time without affecting prior processing

Supervisory Authority

You have the right to lodge a complaint with a supervisory authority in your country of residence if you believe we have violated your privacy rights.

9. Security

We implement appropriate technical and organizational measures to protect your data, including:

  • Encryption in transit (HTTPS/TLS)
  • Secure password hashing (Argon2)
  • API token hashing (tokens are not stored in plaintext)
  • Rate limiting and abuse detection
  • Regular security assessments

10. Children's Privacy

The Service is not intended for users under 16 years of age. We do not knowingly collect information from children. If you believe a child has provided us with personal data, please contact us immediately and we will delete it.

11. International Data Transfers

Your data may be processed in the United States or other countries where our service providers operate. When transferring data outside the EEA, we use appropriate safeguards such as Standard Contractual Clauses to ensure your data is protected. By using the Service, you consent to the transfer of your information to countries that may have different data protection laws.

12. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes via email at least 30 days before they take effect. Your continued use of the Service after changes constitute acceptance of the updated policy. The "Last updated" date at the top of this page indicates when this policy was last revised.

13. Contact Us

For privacy-related questions, requests, or complaints, contact us at:

Prioriti Software Inc. (operating as Recurrence)
30 N Gould St #3280
Sheridan, WY 82801, USA

Email: [email protected]

For all other legal matters, see our Terms of Service.

← Back to registration