Effective date: May 19, 2026
This Privacy Policy explains how Symbiotisk ApS handles information in Symbiotisk Kanban, an internal kanban and task-management tool used by Symbiotisk ApS team members and authorized collaborators.
Information we collect
We collect and store the information needed to operate the internal kanban tool, including:
- Account information such as name, email address, password hash, role, and profile image.
- Board and card content such as task titles, descriptions, comments, labels, assignments, checklists, attachments, and activity logs.
- User preferences such as dark mode, compact mode, and connected integration settings.
- Google Calendar OAuth tokens and the Google account email address, but only after the user explicitly connects Google Calendar from their profile page.
Google Calendar data
Symbiotisk Kanban requests access to Google Calendar only so an assigned user can add a kanban card to their own Google Calendar. The app uses the Google Calendar Events permission to create new calendar events in the connected user's primary calendar.
When a user clicks “Tilføj til kalender”, the app sends the card title, selected date/time range, Europe/Copenhagen time zone, and a link back to the card to Google Calendar. The app does not read, list, search, analyze, delete, or modify existing calendar events.
Google Calendar access tokens are stored only to keep the user's own connection active. Users can disconnect Google Calendar from their profile page, which removes the active connection from the app.
How we use information
We use information only to provide, secure, maintain, and improve the internal Symbiotisk Kanban workflow. This includes showing boards and cards, assigning work, notifying users about relevant card activity, processing file/avatar uploads, and creating calendar events when requested by the connected user.
Sharing and transfer
We do not sell user data. We do not transfer Google user data to third parties except as necessary to provide or improve user-facing features, comply with applicable law, or protect the security of the service.
Symbiotisk Kanban's use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
Retention and deletion
Kanban content is retained for as long as it is needed for Symbiotisk ApS internal operations. Administrators can delete boards, cards, files, and users according to internal retention needs. Users can request account or integration data deletion by contacting Symbiotisk ApS.
Security
The app is protected by authentication and board-level access controls. Files and profile images are served through authenticated endpoints where applicable. Google OAuth credentials and tokens must be treated as confidential operational secrets.
Contact
Questions or data requests can be sent to Symbiotisk ApS at support@symbiotisk.dk.