Privacy Policy

Your data, your rules – here's how we handle it.

We take your privacy seriously. This Privacy Policy explains what data we collect, why we collect it, and how we keep it safe.

1. Who we are

Before Start is a checklist platform that lets you create checklists, run multiple instances of those checklists, store item-level data, and set up automation using webhooks. Organisations can also be created, allowing multiple members to share and collaborate on checklists.

We are currently operating as an individual based in the UK. If you have any questions, please contact us via the form on our website.

Contact details (required under GDPR):

To exercise your rights or contact us with any questions, please use the contact form on our website or write to us at:

Before Start
47 Ringstone
Duxford
Cambridge
Cambridgeshire
CB22 4GY
United Kingdom

Or use the contact page on our website.

2. What we collect

When you create an account, we collect:

  • First name
  • Last name
  • Email address
  • Password (stored securely using industry best practices)

We also store:

  • The organisations you are a member of (if any)

Users may also enter personal data into checklist items. If a checklist belongs to an organisation, that data will be visible to other members of that organisation. We do not control this data — we store and process it only on your behalf.

3. How we use your data

We use your data to:

  • Provide and maintain the checklist service
  • Authenticate and manage your account
  • Determine access and permissions for organisations you belong to
  • Respond to your support enquiries
  • Send essential transactional emails (like password resets or updates)

We do not use your data for advertising or sell your information to anyone.

4. Third-party services

We use a small number of privacy-conscious services to run our platform:

  • Plausible Analytics
    We use Plausible to understand how the platform is used. It's fully GDPR-compliant, does not use cookies, and does not collect personal data.
    Plausible Privacy Policy
  • Sentry
    We use Sentry to monitor for application errors. We do not send personal data to Sentry.
    Sentry Privacy Policy
  • Heroku
    Our app is hosted on Heroku EU, a Salesforce company, with servers located in the European Union. All checklist data, including organisation data, is stored here.
    Heroku Privacy Policy
  • Postmark
    We use Postmark to send transactional emails, including account-related emails and organisation-related notifications.
    Postmark Privacy Policy

5. Data retention

We retain your data until you request deletion. You can request this at any time via our Contact Us page.

If you leave an organisation, your access to its checklists and data will be removed. Any content you have previously added to those checklists will remain available to the organisation.

6. International data transfers

We store all user data in the European Union. Our third-party providers are either based in the EU or offer GDPR-compliant safeguards such as Standard Contractual Clauses.

7. Your rights

Under applicable data protection laws (like the UK GDPR and EU GDPR), you have the right to:

  • Access your personal data
  • Correct or update inaccurate information
  • Request deletion of your data
  • Object to or restrict certain types of processing

To exercise any of these rights, please contact us via the website.

If you wish to have personal data removed from an organisation's checklists, you should contact the organisation owner directly.

8. Changes to this policy

We may update this Privacy Policy as the platform evolves, especially as we introduce new features. We'll always aim to keep you informed of significant changes.

This version keeps organisation references light, only where they change how personal data is stored or shared.