Privacy Policy

The service branded as P3 Platform is operated by MDIDM (“we”, “us”). For data protection law, MDIDM is the controller of personal data described in this policy, unless we state that a processor acts only on our instructions.

Contact for privacy requests: legal@mdidm.com

Use of the service is also governed by our Terms of Service.

This policy applies to personal data processed when you visit our websites, create an account, use productivity features (projects, tasks, planner, notifications), interact with public profile pages, or otherwise communicate with us.

Account and authentication: email address, password hash, session identifiers (e.g. secure cookies), security logs, and similar technical data needed to operate login.

Profile and content: username, display name, bio, avatar, education, work experience, skills, hobbies, location fields you choose to add; project and task data you store; likes and comments on public projects; device tokens if you register a device for push notifications.

Usage and diagnostics: IP address, browser type, timestamps, and error information as typically found in server logs; we may use this to secure the service and fix bugs.

We do not intentionally collect special categories of data (e.g. health, political opinions) through dedicated fields. Do not submit such information unless a feature explicitly requires it and we provide a separate notice.

• Provide, maintain, and improve the service (hosting, storage, backups, support).
• Authenticate users, prevent fraud and abuse, enforce rate limits, and protect security.
• Deliver in-app, email, or push notifications according to your settings.
• Show public profile and project pages to visitors when you choose public visibility.
• Meet legal obligations (tax, accounting, lawful requests) where applicable.
• Analyze aggregate usage to improve product experience, where compatible with your rights and settings.

Where the GDPR, UK GDPR, or Swiss FADP applies, we rely on one or more of the following:

• Contract — processing necessary to perform our agreement with you (running your workspace, billing if applicable, account management).
• Legitimate interests — securing the platform, debugging, product analytics that do not override your rights, and limited marketing to business contacts where allowed.
• Consent — where required (for example non-essential cookies or certain marketing), we ask separately and you may withdraw consent without affecting lawfulness of prior processing.
• Legal obligation — where we must retain or disclose data to comply with the law.

Depending on your US state, you may have rights to know, access, correct, or delete personal information, and to opt out of certain “sales” or “sharing” for cross-context behavioral advertising. We do not sell your personal information for money. Where our use of analytics or similar tools could constitute “sharing” under state law, we configure them to minimize identifiers and honor applicable opt-out signals where required.

California residents may request disclosure of categories and specific pieces of personal information collected, and request deletion subject to exceptions. We will not discriminate against you for exercising these rights. You may designate an authorized agent where permitted by law; we may require proof of authorization.

We use cookies or local storage where needed for authentication and security (often “strictly necessary”). Additional cookies, if any, will be described in a cookie banner or settings where required by law.

We use infrastructure and communications providers (for example hosting, database, email delivery, error monitoring) who process data on our behalf under written agreements that require appropriate safeguards. A current list of categories of recipients is available on request at legal@mdidm.com.

If you access the service from the EEA, UK, or Switzerland, your data may be processed in the United States or other countries. Where required, we implement safeguards such as the EU Commission Standard Contractual Clauses (SCCs), the UK International Data Transfer Addendum, or equivalent mechanisms, together with supplementary measures where appropriate.

We keep personal data only as long as needed for the purposes above, including legal, tax, or accounting requirements. When you close your account, we delete or irreversibly anonymize personal data within a reasonable period, except where retention is required by law or for legitimate security backups with restricted access.

You may have the right to:

• Access your personal data and receive a copy in a portable format where applicable;
• Rectify inaccurate data or complete incomplete data;
• Erase data (“right to be forgotten”) in certain cases;
• Restrict processing in certain cases;
• Object to processing based on legitimate interests or to direct marketing;
• Withdraw consent where processing is consent-based;
• Lodge a complaint with your local supervisory authority.

To exercise rights, email legal@mdidm.com. We may need to verify your identity before responding. You also have the right to lodge a complaint with a data protection authority in your country.

We implement technical and organizational measures appropriate to the risk (encryption in transit where configured, access controls, least privilege). No method of transmission or storage is 100% secure.

The service is not directed to children under 16 (or the higher age required in your jurisdiction). We do not knowingly collect personal data from children. If you believe we have, contact us and we will delete it.

We may update this policy from time to time. We will post the new version with an updated effective date and, where required, provide additional notice (for example by email or in-product banner).