Privacy Policy
We at Momentum are committed to protecting your privacy. This privacy policy applies to our browser application (Momentum), our website (https://momentumdash.com), any subdomains of momentumdash.com, and our help website (https://momentumdash.help).
The information we gather or process is used solely for core functionality of Momentum and to improve the quality and security of our service. Your information isn’t and has never been sold to third parties.
What information is being stored, or accessed?
Momentum account information
Your name, email, account settings, and application data (such as to-dos and links) are transferred and stored securely, solely for your usage within our application and not shared with any other third parties, except as specified in this policy.
Payment information
To upgrade to Momentum Plus, your credit card number, credit card expiration date, security code, name, country and postal code are required. All payment processing is done through a PCI compliant third party (Stripe, Inc.). When paying by a credit card, the card details do not pass through our servers, they are sent directly to Stripe and are stored securely, as per their Privacy and Security policies.
To perform requested changes to or inquiries about your Momentum Plus account (cancelling, refunding, or changing payment details), authorized members of Momentum’s support team could potentially view payment-related information contained in Stripe’s databases (this is limited to billing name, billing address, postal code, the last four digits of credit card(s), and credit card expiry date(s)) while accessing subscription information via Stripe’s payment dashboard. This information will only be accessed upon your request.
Data accessible through WebExtensions API
WebExtension APIs used within Chrome Extensions, Safari Extensions, Edge Add-ons, and Firefox Add-ons have fine-grained permission levels that are enforced by the Web Browser, restricting information that our application has access to within your Browser. The Momentum application can only access specific information that you have explicitly granted permission for. We can not and do not track your browsing history.
Additional optional permissions may be requested when you enable specific features. When you enable a feature that requests an optional permission, your Web Browser will make it clear what permission(s) are being requested. The feature will be accessible once you choose to allow the requested permission(s).
| Information/Permission | Feature | Where it is used | Optional |
|---|---|---|---|
| Bookmarks and most visited websites | Bookmarks Bar | Used only within the application to display a Bookmarks Bar. This is not sent or stored elsewhere. | Yes |
Feature usage data
To improve the content, features and overall experience, we gather and log data on how our users access and use the application. For example, we may log actions like clicking on a photo source, favoriting a quote, or completing a to-do (not the content of the to-do, just the action of completing it).
Communication
We send emails including a series of welcome emails, updates on new features, and newsletters, to the extent that you have provided consent consistent with notice and opt-out rights to receive such communications under applicable law. You can opt-out of these communications at any time by unsubscribing via the link provided in the emails or by contacting us. Please be aware that you will always receive certain emails from us related to the proper functioning of your account.
What vendors/sub-processors do you use?
We use several vendors/sub-processors to conduct various aspects of our business.
| Vendor | Purpose |
|---|---|
| Microsoft Azure | Microsoft Azure powers our core Cloud infrastructure (providing the necessary hardware, software, networking, storage, and other related technology required to run Momentum). The bulk of our user data is hosted in Microsoft Azure. |
| Stripe | Credit card data, payments and renewals are processed by Stripe. |
| Flickr | Some photos/backgrounds are retrieved from Flickr. A request is made from your IP address to download photos. |
| Unsplash | Some photos/backgrounds are retrieved from Unsplash. A request is made from your IP address to download photos. |
| Favicons for links and bookmarks are retrieved from Google. A call is made from your IP address to request favicons. | |
| Vimeo | Used to serve videos on our Blog and Help site. A call is made from your IP address to load videos. |
| Nolt | User data related to feature requests is maintained in Nolt. |
| ZenDesk | User data for support purposes is maintained in ZenDesk. |
| Slack | Used for internal communications. User data may be discussed for support purposes. |
| Gmail | Used for internal communications. User data may be discussed for support purposes. |
| Clickup | Used for internal communications. User data may be discussed for support purposes. |
| DataDog | DataDog is an industry standard third-party cloud monitoring service that we use to better understand the usage and performance of our services. User data (not personally identifiable information) may be used for required monitoring purposes. |
| MailChimp | Transactional emails and marketing emails to our users are sent via MailChimp. Your name and email address are sent to MailChimp. We specifically direct Mailchimp not to archive the contents of transactional emails. |
| Zapier | Some marketing emails are automated through Zapier. Your name and email address are sent to Zapier. |
| First Promoter | We use First Promoter to facilitate our affiliate program. Affiliate program members' email may be sent to First Promoter. |
| Typeform | We use Typeform to provide surveys and gather insights into how we can improve our offerings. You may voluntarily enter info into surveys. |
| OpenAI | We use Microsoft Azure and OpenAI to provide AI features, which include a chat interface. Your private data will not be shared with Microsoft Azure or OpenAI, or used by Microsoft Azure or OpenAI to train any machine learning models. See the Azure OpenAI data, privacy and security statement (https://learn.microsoft.com/en-us/legal/cognitive-services/openai/data-privacy) for more info. |
What are my rights in relation to my personal data?
By using Momentum Dashboard, you may exercise the following rights:
The right to refuse to provide your personal data
The voluntary Personal Data you provide to us is an integral part of your use of Momentum Dashboard. You can choose to forego the provision of that data, but you will be restricted from using our services.
The right to access and modify your personal data
Through your use of Momentum Dashboard, you can access and amend your own data at any time. This includes changing your email, name, and payment information on your Profile page. As well as adding, editing and deleting other Momentum data like your to-dos, links, notes, countdowns, daily focus’, etc.
The right to be forgotten
You can manually delete your account by clicking Delete my account on your Momentum account’s Profile page at any time. See the “What happens to my data when I delete my account?” section below to learn more about the deletion process.
The right to obtain your personal data
Upon request, we will provide a data export of all your data stored in our system. If you wish to receive an export of your data, or have any problems deleting your account, please contact us.
The right to submit a complaint
If you have a complaint about the way in which your Personal Data is handled, please contact us. After submitting a complaint, we will reply within five (5) business days to confirm that we have received your complaint. After receiving your complaint, we will investigate it and provide you with our response within two (2) weeks.
The right to submit a complaint with a data protection authority
If you are a resident of the European Union, and you are not satisfied with the outcome of the complaint submitted to us, you have the right to lodge a complaint with your local data protection authority.
What happens to my data when I delete my account?
Upon account deletion, your account is flagged as deleted and your data is no longer accessible. This data is stored for a grace period (90 days) to allow for account recovery in the case of accidental or malicious deletion, or your desire to reopen your account. Upon request, you can expedite the process of performing a hard delete to remove all of your personal data from our databases. After a hard delete, your data will be deleted from our system, but could still be present in encrypted database backups for up to an additional 35 days.
To request an expedited hard delete, please contact us.
Is my data secure?
Data security is a priority at all times. We use a Tier 1 cloud provider to run our operations (Microsoft Azure).
In Transit
All data communication in transit to and from our servers is secured using HTTPS/TLS. All Momentum domains have HTTP Strict Transport Security (HSTS) enabled and are in the HSTS Preload list on the major browsers supporting this feature.
At Rest
All data in our databases and their associated backups are encrypted at rest.
Will the privacy policy change?
Although most changes are likely to be minor, Momentum may change its Privacy Policy from time to time, and at Momentum’s sole discretion. Momentum encourages visitors to frequently check this page for any changes to its Privacy Policy. Your continued use of this site after any change in this Privacy Policy will constitute your acceptance of such change.
If you have any questions about our Privacy Policy, please contact us.
Last updated August 2, 2023.