Terms & Conditions

Privacy Policy | Picnic

This Privacy Policy describes the manner in which Picnic collects, uses, maintains and discloses information collected from Users ("User") through our all our websites ("Site") by accessing our Services (“Services”). This privacy policy applies to the Site and all products and services offered by Picnic, If you do not agree with this policy, please do not access or use our Services or any aspect of our Business.

Updates in this Privacy Policy reflects recent changes in data protection law (eg. GDPR) and aims to provide Users a clearer understanding of how Picnic manages all User Data.


This privacy policy applies to all products and Services (collectively, the “Services”) offered by Picnic through Picnickdm.com (collectively, the “Sites”) and our Mobile Applications. In addition, this policy applies to personal data from the European Union that is collected and retained in the United Kingdom. This Privacy Policy does not apply to any third party applications or software that integrate with Picnic’s Services or any other third party products, services or business.

Data Collected and Received by Picnic

Personal Identification Information

We may collect personally identification information from Users in a variety of ways, including, but not limited to, when Users visit our Sites, register on the Sites, and in connection with other activities, Services, features or resources we make available on our Sites. Users may be asked for, as appropriate, name, email address, billing information. We will collect personal identification information from Users only if they voluntarily submit such information to us. Users can always refuse to supply personally identification information, except that it may prevent them from engaging in certain Sites related activities. We will never sell your personal information to third parties and we won’t use your name or company name in any marketing statements without obtaining your permission in writing.

Non Personal Identification Information

We may collect non-personal identification information about Users whenever they interact with our Sites. Non-personal identification information may include the browser name, the type of computer and technical information about Users means of connection to our Sites, such as the operating system and the Internet service providers utilized and other similar information.

Other Information

Services Metadata – when Users interact with our Services, metadata is generated to help provide additional context regarding how Users interact with our Sites.

Log Data – Our services will automatically collect information when Users access or use our Sites or Services and records it in log files. Log data may include IP address, previously visited web page addresses, browser type and settings, time and date when Services were used, browser configurations and plugins, language and cookie data.

Device Information – Picnic collect information about your computer, phone, tablet, or other devices you use to access our Services. This device information includes your connection type and settings when you install, access, update or use our Services. We also collect information through your device about your operating system, browser type, IP address, URLs of referring/exit pages, device identifiers, and crash data. We use your IP address and/or country preference in order to approximate your location to provide you with a better Service experience. How much of this information we collect depends on the type and settings of the device you use to access the Services.

Location information -  Picnic will receive this information from Users during our Account Registration as well as from our vendor partners to approximate your location.

Project information – Picnic is a work collaboration tool, therefore any User-generated data by use of our Services will be collected and stored by Picnic, and vendor partners. Collected data includes, but not limited to, data that Users post, send, receive or share. These include any files or links that User upload to our Services. Project data will only be accessible through authorized accounts or Users designated account and can only be viewed, or altered, by Users assigned to such projects. Picnic will never share, sell, or exploit any Project information unless requested by Project Admins. In addition, we may also inadvertently receive information about such Users from same project members. For example, a specific User may be mentioned by one of their project members when using our Services.

Web Browser Cookies

Our Site, and/or vendors, may use "cookies" to enhance User experience. User`s web browser places cookies on their hard drive for record-keeping purposes and sometimes to track information about them. A user may choose to set their web browser to refuse cookies, or to alert you when cookies are being sent. If they do so, note that some parts of the Site may not function properly.

How Picnic Use Collected Data

Users are the primary Controllers of User Data. Picnic is a processor of User Data and Controller of other certain data. Users who resume the role of Project Admins will have the rights to grant or remove access to Project Data to any other Users. Picnic will never remove Users from any Projects unless specifically instructed by Project Admins or Users failed to provide payment for Picnic’s services (see Terms of Service for additional information). 

Picnic collects and uses Users personal information for the following purposes:

  1. To personalize User experience

  2. We may use information in the aggregate to understand how our Users as a group use the services and resources provided on our Site.

  3. To improve our Site

  4. We continually strive to improve our website offerings based on the information and feedback we receive from you.

  5. To improve customer service

  6. Your information helps us to more effectively respond to your customer service requests and support needs.

  7. To administer a content, promotion, survey or other Site feature

  8. To send Users information they agreed to receive about topics we think will be of interest to them.

  9. The email address Users provide will only be used to respond to their inquiries, and/or other requests or questions. If User decides to opt-in to our mailing list, they will receive emails that may include company news, updates, related product or service information, etc. If at any time the User would like to unsubscribe from receiving future emails, we include detailed unsubscribe instructions at the bottom of each email.

  10. As required by applicable law, legal process or regulation

  11. For Billing, account management and other administrative matters

  12. For investigative and preventive measures against Site abuse

  13. We use information about Users when granted consent for a specific purpose not listed above. For example, we may publish testimonials or feature customer stories to promote our Services. We will always ask for consent prior to posting any information for promotional purposes.

Sharing and Disclosure of Information

Picnic will only disclose or share User information for the following purposes:

  1. User’s Request: Picnic will share all User Data based on User’s request and instructions.

  2. Project Collaboration:  Users can create content, which may contain information about themselves or other Users, and grant permission to others to see, share, edit, copy and download that content. Some of the collaboration features of the Services display some or all of your profile information to other Service Users when you share or interact with specific content. Similarly, when Users join a project, your name, profile picture and contact information and will be displayed in a list for other project members so they can find and interact with you.

  3. Legal Compliance: If requested by legal Authority, Picnic may disclose User information that we determine to be in accordance or required by any applicable law.

  4. Enforcement: Picnic also reserves the right to disclose User information to investigate, prevent, or take action against illegal activities, suspected fraud, or situations involving physical threat to any such persons.

  5. Consent: Picnic may share User information with other 3rd parties in instances when we have Users’ consent to do so.

  6. Third Party Service Providers and Partners: Picnic works with third-party service providers and partners to provide website and application development, hosting, maintenance, backup, storage, virtual infrastructure, payment processing, analysis and other services for Picnic, which may require them to access or use User information. If a service provider needs to access information about Users to perform services on Picnic’s behalf, they do so under instruction from Picnic, including abiding by policies and procedures designed to protect User information. To Picnic’s knowledge, our 3rd party Service Providers and Partners are in compliance with GDPR. Please email us for additional information.

  7. Services Users link to their account: Picnic receives information when Users enable any 3rd party apps or integrate a 3rd party service with our Services. Users and project members may also integrate our Services with other 3rd party services to allow you to access, store, share and/or edit content from a 3rd party through our Services. Example, Users might authorize our Services to access and display files from a 3rd party document-sharing service within Picnic. Information that Picnic receives when Users link or integrate our Services with a 3rd party service depends on the settings, permissions and privacy policy controlled by that 3rd party service. We strongly suggest that Users thoroughly review privacy settings and ToS from any 3rd party services in order to fully understand what type of data may be disclosed or shared with Picnic.

  8. Operational Partners: Picnic works with 3rd parties who provide billing, support technical services to deliver and implement solutions to our Users. Picnic may share User information with these 3rd parties in connection with their services, such as to assist with billing cycles, to provide localized support, and to provide customizations work. Picnic may also share information with these 3rd parties where Users have granted Consent to share any information, for example, technical support services.

  9. 3rd Party apps: Users may choose to add new functionality by enabling 3rd party apps to Picnic’s Services. In doing Users may be providing these 3rd party apps access to personal information about you such as name, email address, and project data you choose to use in connection with those apps. 3rd party app’s Privacy Policies and ToS are not controlled by Picnic, and Picnic’s Privacy Policy does not extend coverage for any 3rd party apps and how they handle your personal information. Picnic strongly encourages Users to review all 3rd Party Privacy Policies and ToS before connecting them to our Services. If Users object to information being shared with these 3rd parties, please disable the app immediately.

  10. Links to 3rd Party Sites: Picnic’s Services may include links that direct you to other websites or services whose privacy practices may differ from ours. What you submit to these 3rd party sites are governed under their Privacy Policies and is not covered by Picnic’s Privacy Policies.

  11. 3rd Party Widgets: Our Services may contain widgets and social media features, e.g. the Twitter "tweet" button. These widgets and features collect your IP address, and may set a cookie to enable the feature to properly function. Widgets and social media features are either hosted by a 3rd party or hosted directly on our Services. User’s interactions with these features are governed by the privacy policy of the company providing it and not governed by Picnic’s Privacy Policy.

The operations of Picnic does require our employees to have access to systems which store and process User Data. This primarily serves the purpose of problem diagnostic or troubleshooting. For example, in order to diagnose a problem Users may have with Picnic services, our Employees may need access to your User Data. All employees are prohibited from viewing User Data for any reasons unless absolutely necessary to do so.

Data Deletion

When Users delete their account(s) there are different scenarios how data deletion will be treated as described below:

  1. If you were not invited to any other projects owned by other Picnic User then your data can no longer be accessed by you or any other Users that you invited to Picnic. Complete data deletion will occur post 90 days. Please see “Data Retention” below for additional details regarding 90-days data retention.

  2. If User does not own projects and was only invited to other Picnic User’s projects then your specific contribution in other the projects will remain, but your personal information will be deleted. Picnic will make every effort to mask any personal information remaining, for example, your contribution to someone else’s project will be listed as “First Name, Last Initial” with no connection to your deleted personal information such as email, phone numbers, etc.

  3. If you own projects and were participating in other Users’ projects, then Picnic’s Data Deletion and Data Retention will apply to each category described in section (1) and (2) above.

Users, at any time, may request a deletion of their personal data. If such request is made, data are deleted based on points 1, 2, or 3 as noted above and will remain in backups and life-cycle we maintain to ensures we do not store data inside backups more than 90 days. Users may email support@picnickdm.com to request data deletion.

However, if Users requires deletion of their data, we strongly suggest Users delete their account as this will help initiate the process as stated in points 1, 2 and 3 above.

If Picnic deletes an account due to inactivity, the above scenarios will apply.

Data Retention

Information storage and security

Picnic uses data hosting service providers in the United States to host collected information, and we use technical measures to secure all data. Despite the thorough security measures and safeguards that Picnic implements to protect data, no security system is impenetrable and due to the inherent nature of the Internet, Picnic cannot guarantee that data, during transmission through the Internet or while stored on our systems or otherwise in our care, is absolutely safe from intrusion by others. Picnic has policies in place in case of such situation and will respond to requests about this within a reasonable timeframe. 

How long we keep information

How long we keep the information we collect about you depends on the type of information, as described in further detail below. After such time, we will make every effort to delete your information or, if this is not possible (for example, because the information has been stored in backup archives), then we will securely store your information and isolate it from any further use until deletion is possible.

  • User Account information: We retain User information until User delete their account(s), which then we will continue retaining the data for up to 90 days after account deletion. Picnic maintains this practice due to the following reason:

    • In the event that User’s account has been compromised and purposely deleted. Picnic will help maintain and restore data once the situation is rectified

    • An account was mistakenly deleted by Users. In such an event, Picnic will be able to restore data for Users.

    • Various data storage systems and backups have different lifecycle policies which are held for a maximum of 90 days. For example, our database backups are encrypted, incremental and full re-cycle in 30 days. It is impossible to erase User data inside up to 1 minute precision encrypted incremental backups.

    • If User initially cancelled their account and requested but later change their mind. A user will be able to have all data restored if an account is reactivated within 90 days after initial account cancellation.

    • Picnic may also retain some of the User data as necessary to comply with our legal obligations, to resolve disputes, to enforce our agreements, to support business operations and to continue to develop and improve our Services. Where we retain information for Service improvement and development, we take steps to eliminate information that directly identifies any specific Users, and we only use the information to uncover collective insights about the use of our Services, not to specifically analyze personal characteristics about any Users.

  • The information you share on the Services: If User’s account is deactivated or disabled, some of the User information and the content that Users have provided will remain in order to allow other Project members or other Users to make full use of the Services. For example, we continue to display comments and content you provided to boards or cards. Picnic will hold User data up to 90 days after account cancellation in case Users will renew again within that time frame.

  • Marketing and Promotional information: If Users have elected and provided consent to receive marketing and promotional emails from Picnic, we retain information about Users' marketing preferences unless asked specifically to delete such information. Picnic retains information derived from cookies and other tracking technologies for a reasonable period of time from the date such information was created.


We take the security of your data very seriously at Picnic. As transparency is one of the principles on which our company is built, we aim to be as clear and open as we can about the way we handle security.

Age Limitation

Picnic does not allow the use of our Services or Sites to anyone younger than 16 years old unless Consent is provided in writing by a legal guardian. Picnic will make the utmost effort to prohibit the use of our Site by anyone not over the legal age. Should Picnic learn that anyone under 16 has unlawfully provided us with personal data, Picnic will take the necessary steps to delete such information.

Changes to Privacy Policy

Picnic has the discretion to update this privacy policy at any time. When we do make changes, we will post a notification on the main page of our Site and send you an email. We encourage Users to frequently check this page for any changes to stay informed about how we are helping to protect the personal information we collect. You acknowledge and agree that it is your responsibility to review this privacy policy periodically and become aware of modifications.

Privacy Shield

In compliance with the US-EU Privacy Shield Principles, Picnic will make every effort to resolve complaints about User privacy and our collection of your personal information. EU Users with inquiries or complaints regarding our Privacy Policy should first contact Picnic's Data Protection Officer for any questions related to our Privacy Policy. support@picnickdm.com 

Picnic has further committed to refer any unresolved privacy complaints for our EU Users to an independent dispute resolution mechanism, JAMS Privacy Shield Program. Please note that if complaints cannot be resolved through the channels listed here, a binding arbitration option may be available before a Privacy Shield Panel.

Data Protection Officer

Please contact Picnic's Data Protection Officer for any questions related to our Privacy Policy. roy@picnickdm.com

User Rights

EU Users have certain statutory rights in relation to their personal data. Users may have the right to request or delete any personal information stored on Picnic. Please contact Picnic's Data Protection Officer for assistance. roy@picnickdm.com

Picnic will provide Users an option to receive a copy of their data. Picnic does not include this option within the site. Users who require their data will be sent an export of their data in XLS format whenever possible. Please email support@picnickdm.com for assistance.