Terms of Service

These Terms govern your access to and use of the 22tasks website and services.

Effective date: January 25, 2026

Last updated: January 25, 2026

At a glance

Provider: 202201662 – СИНКИТ ООД / "SINKIT" Ltd ("we", "us")
Support contact: support@22tasks.com
Governing law: Bulgaria; courts of Sofia (as applicable)

1) Acceptance

By creating an account, accessing, or using the Service, you agree to these Terms. If you use the Service on behalf of an organization, you represent you have authority to bind that organization.

2) Eligibility

You must be legally capable of entering into these Terms. The Service is intended for business use and is not directed to children.

3) The Service

22tasks provides team task management features, including task creation and assignment, collaboration, and notifications (e.g., reminders and digests). We may change, add, or remove features over time.

4) Accounts and security

You must provide accurate account information and keep it up to date.
You are responsible for all activity under your account.
Notify us promptly if you suspect unauthorized access.

5) Workspace admins and team invites

Workspace admins are responsible for:

Inviting users only where permitted
Assigning permissions appropriately
Ensuring users comply with these Terms

6) Customer Data and ownership

"Customer Data" means tasks, content, and information submitted to the Service by you or your authorized users.

You own Customer Data.
You grant us a limited license to host, process, transmit, and display Customer Data solely to provide, maintain, secure, and improve the Service and to comply with law.
You are responsible for ensuring you have the rights and lawful basis to submit Customer Data.

7) Acceptable use

You must not (and must not allow others to):

Use the Service for illegal, harmful, or fraudulent purposes
Attempt unauthorized access or disrupt the Service
Introduce malware, scrape or abuse rate limits
Reverse engineer the Service except where prohibited by law
Upload content that infringes IP rights or violates confidentiality obligations

8) Sensitive data

22tasks is a general-purpose task tool. You agree not to upload or store highly sensitive data (e.g., special category health data, full payment card numbers, government ID numbers) unless you have a lawful basis and understand the risks.

9) Third-party services

We use third-party providers to run the Service (including Vercel, Supabase, and Brevo). We are not responsible for third-party services outside our control.

10) Fees and future pricing

The Service may currently be offered free of charge. We may introduce paid plans, usage limits, or fees in the future. If we do, changes will apply prospectively and we will provide reasonable notice.

11) Confidentiality

We will treat Customer Data as confidential and will not access or use it except to provide and support the Service, to maintain security and prevent abuse, to comply with law, or as otherwise permitted by you.

12) Beta / early-stage features

Some features may be beta or experimental and provided "as is," and may change or be discontinued.

13) Intellectual property

We and our licensors own all rights in the Service. Except for the limited rights expressly granted, no rights are transferred to you.

14) Feedback

If you provide feedback, you grant us the right to use it without restriction or compensation.

15) Termination and suspension

These Terms begin when you first use the Service.
You may stop using the Service at any time.
We may suspend or terminate your access for violation of these Terms, legal compliance, or to protect the Service/users.
Upon termination, access ends and data may be deleted as described in the Privacy Policy (including backup retention).

16) Disclaimers

THE SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE." TO THE MAXIMUM EXTENT PERMITTED BY LAW, WE DISCLAIM ALL WARRANTIES, INCLUDING IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT. We do not guarantee uninterrupted or error-free operation.

17) Limitation of liability

We will not be liable for indirect, incidental, special, consequential, or punitive damages, or for lost profits, revenue, data, or goodwill.
Our total liability for all claims related to the Service will not exceed the amount you paid to us for the Service in the 12 months before the event giving rise to liability, or €100 if you paid nothing, whichever is greater.

Some jurisdictions do not allow certain limitations; in that case, the limitations apply to the maximum extent permitted.

18) Indemnification

You will indemnify and hold us harmless from claims arising out of Customer Data (including its legality), your users' use of the Service, or your violation of these Terms, including reasonable attorneys' fees.

19) Governing law and venue

These Terms are governed by the laws of Bulgaria, excluding conflict-of-law rules. The competent courts in Sofia, Bulgaria will have exclusive jurisdiction, except where mandatory law provides otherwise.

20) Changes to these Terms

We may update these Terms from time to time. If changes are material, we will provide reasonable notice (e.g., in-app or by email). Continued use after the effective date means you accept the updated Terms.

21) Contact

Questions about the Service or these Terms: support@22tasks.com

Data Processing Addendum (Short Form)

This Data Processing Addendum ("DPA") forms part of the Terms of Service and applies to the extent 202201662 – СИНКИТ ООД / "SINKIT" Ltd ("Processor") processes Customer Personal Data on behalf of the Customer ("Controller") under applicable data protection laws (including the GDPR).

1) Definitions

Customer Personal Data: personal data included in Customer Data that we process on Customer's behalf.
Terms like "personal data," "processing," "controller," "processor" have the meanings given in the GDPR.

2) Processing details

Subject matter: Provision of the 22tasks service (team task management). Duration: For the term of the Customer's use of the Service plus up to 90 days backup retention (unless deleted earlier or required by law). Nature & purpose: Hosting, storing, displaying, transmitting, and otherwise processing Customer Data to provide, secure, maintain, and improve the Service; provide support; prevent abuse; comply with law. Categories of data subjects: Customer's authorized users, employees, contractors, collaborators, and other individuals whose data Customer submits. Types of personal data: Account identifiers (e.g., email), workspace membership and roles, task content and metadata (assignee, due date, status), comments/updates, and associated technical logs.

3) Customer instructions

Processor will process Customer Personal Data only on documented instructions from Customer, including as necessary to provide the Service under the Terms and to comply with law. Customer may instruct deletion/export via Service controls or by contacting support@22tasks.com.

4) Confidentiality

Processor ensures that persons authorized to process Customer Personal Data are under appropriate confidentiality obligations.

5) Security

Processor implements appropriate technical and organizational measures designed to protect Customer Personal Data (including access controls and encryption in transit). Customer acknowledges no system is perfectly secure, but Processor will use commercially reasonable safeguards.

6) Sub-processing

Customer authorizes Processor to use sub-processors to deliver the Service (including those listed in the Privacy Policy). Processor will impose data protection obligations on sub-processors consistent with this DPA and remains responsible for their performance to the extent required by law.

7) International transfers

Where Customer Personal Data is transferred outside the EEA/UK, Processor will implement appropriate safeguards as required by law (such as Standard Contractual Clauses), as applicable.

8) Assistance

Taking into account the nature of processing and information available, Processor will provide reasonable assistance to Customer to respond to data subject requests relating to Customer Personal Data and meet GDPR obligations concerning security, breach notification, DPIAs, and prior consultation.

9) Personal data breaches

Processor will notify Customer without undue delay after becoming aware of a personal data breach involving Customer Personal Data and will provide information reasonably necessary for Customer to meet legal obligations.

10) Deletion and return

Upon termination of the Service or at Customer's request, Processor will delete or return Customer Personal Data, subject to: (a) Customer-controlled deletion features, (b) the 90-day backup retention window, and (c) any legal retention requirements.

11) Audits

Upon reasonable written request and subject to confidentiality and security requirements, Processor will make available information reasonably necessary to demonstrate compliance with this DPA. Where required by law, Customer may conduct an audit no more than once per year (unless a material incident occurs), subject to reasonable scope, scheduling, and confidentiality protections.

12) Liability and precedence

Liability is subject to the limitations in the Terms of Service, to the extent permitted by law. If there is a conflict between this DPA and the Terms regarding data protection matters, this DPA controls.