We built HopToDesk to be trusted with production systems, which means being clear about what we process, why, where, and the rights you have over it. This page describes our data-protection practices in plain terms. EU and UK business customers can also request a Data Processing Agreement. It should be read together with our Privacy Policy.
We process personal data to provide the service you asked for (performance of a contract), to keep the service secure and working well (our legitimate interests), and, where the law requires it, with your consent. You can withdraw consent or object at any time.
If you are in the EU, the UK, or a region with similar law, you have the following rights over your personal data:
To exercise any of these rights, contact us through our contact form and we will respond.
Your data may be processed in the United States and the European Union through the providers we use to run the service. For transfers out of the EU or UK, we rely on Standard Contractual Clauses and, where available, the EU-US Data Privacy Framework.
We use a small set of trusted providers to run the service, in these categories: cloud hosting and infrastructure, transactional email, payment processing, and, only when you enable the optional AI Agent, an AI provider. A complete list of our sub-processors, naming each provider with its location and transfer safeguards, is available to customers on request and forms part of our Data Processing Agreement.
We give customers at least 30 days' notice before adding or replacing a sub-processor, and honour reasonable objections.
We keep personal data only as long as we need it to provide the service and meet our legal obligations. When you close your account or ask us to delete your data, we remove it from our active systems promptly and fully purge it, including from short-term point-in-time backups, within 30 days.
For EU and UK business customers: if you need a signed Data Processing Agreement (GDPR Article 28) covering these processing terms, the Standard Contractual Clauses, and our sub-processors, request one through our contact form and we will provide it.
For any data-protection question, or to exercise a right, use our contact form. For the full picture of how the platform is secured, see our Trust and Security page.