How Didit protects your data
Didit is built on enterprise-grade security, responsible privacy practices, and highly reliable infrastructure. Whether you're coordinating work tasks, managing client deliverables, or organizing personal projects, your data is protected.
Enterprise-grade cloud infrastructure
Didit runs on modern cloud platforms whose providers maintain leading global certifications including SOC 1/2/3, ISO 27001, and PCI DSS.
Data protected at every stage
Your information is encrypted both in transit and at rest:
- In transit: All data moving between your device and Didit's servers uses modern TLS (Transport Layer Security) encryption, the same technology banks use to protect online transactions.
- At rest: All stored data is encrypted using industry-standard encryption algorithms, protecting your information even when it's not actively being accessed.
Secure link architecture
Every Didit link is unique and secure. Non-registered recipients verify their identity with email confirmation before accessing requests, ensuring only intended recipients can view task details.
Access controls
- Your Didits are private and only visible to assigned recipients and watchers
- Each user controls exactly who can see their requests
- Account access protected by secure password requirements
Privacy
Didit follows a privacy-first approach aligned with our Privacy Policy and major global privacy regulations including GDPR (General Data Protection Regulation) and CCPA (California Consumer Privacy Act).
Our privacy principles
Transparency
We provide clear information about what data we collect and why we collect it. No hidden data practices or unclear terms.
Purpose limitation
Your data is used only to deliver and improve the Didit service. We don't use your information for unrelated purposes.
Data minimization
We collect only the information necessary to provide the service. If we don't need it, we don't ask for it.
Right of access
You can request a copy of your data at any time by contacting support@didit.co.
Right to deletion
You can request removal of your data or delete your account anytime by contacting support@didit.co. When we delete your account, all your data is removed from our systems.
No sale of personal data
We never sell your personal information to third parties.
Security & confidentiality
Strong technical and organizational safeguards protect your information from unauthorized access, disclosure, or loss.
Third-party data sharing
We never share your data with third parties for their own purposes. We only work with service providers who help us operate Didit (such as cloud hosting and email delivery), and they are contractually required to protect your data.
Payment security
PCI DSS Level 1 certified processing
All payment processing is handled by a PCI DSS Level 1 certified payment provider—the highest standard for payment security in the industry. This is the same certification level required for major credit card companies.
We never store sensitive payment data
Didit never stores full credit card numbers, CVV codes, or other sensitive payment information. Payment details are tokenized and processed entirely by our certified payment provider.
Secure billing management
View your billing history and manage payment methods securely from your account settings. All payment pages use encryption to protect your information during transactions.
Reliability & data protection
Designed for availability
Didit's cloud architecture is designed for continuous availability. Our infrastructure includes redundancy and failover systems to keep the service running even if individual components experience issues.
Continuous backups
We use continuous, point-in-time backups to safeguard your data. This means:
- Your data is backed up automatically and continuously
- We can restore data to any recent point in time if needed
- Recovery from accidental deletion or data issues is fast
- Multiple backup copies exist in geographically distributed locations
Disaster recovery
Our disaster recovery procedures ensure that even in worst-case scenarios, your data remains safe and the service can be restored quickly.
Data retention
Active data
Your subscription plan determines how far back you can view completed Didits in your Done list:
- Free: View last 30 days of completed Didits
- Plus: View last 6 months of completed Didits
- Premium: View all completed Didits ever created (no time limit)
Upgrading to Premium instantly gives you access to your complete Didit history, no matter how long ago those tasks were completed.
Deleted data
- When you delete your account, your data is removed from active systems immediately
- Backup copies are purged within 90 days following standard data retention practices
Compliance & certifications
Didit's infrastructure providers maintain industry-leading certifications:
- SOC 2 Type II - Independent verification of security controls
- ISO 27001 - International standard for information security management
- GDPR Compliance - European Union data protection requirements
- CCPA Compliance - California Consumer Privacy Act requirements
- PCI DSS Level 1 - Payment card industry security standards (for payment processing)
Security contact
Reporting security concerns
If you discover a security vulnerability or have concerns about Didit's security, please report it immediately.
How to report:
Email security@didit.co with "Security Vulnerability" in the subject line.
What to include:
- Detailed description of the concern
- Steps to reproduce (if applicable)
- Any relevant screenshots or evidence
- Your contact information for follow-up
We take all security reports seriously and investigate them promptly. Responsible disclosure helps us protect all Didit users.
Questions about privacy or security?
For detailed information about how we handle your data, review our complete Privacy Policy and Terms of Service.
For specific questions or concerns, contact our support team at support@didit.co. We're happy to provide additional information about our security and privacy practices.