This version is
. It is the latest version.
Effective date: 12 September 2025
This EU Data Act Addendum (“Addendum”) supplements and forms part of the Agreement between Supplier and the Customer. Capitalised terms not defined herein have the meaning given in the Terms of Service of the applicable Services.
This Addendum applies to the extent the EU Data Act is applicable to the Services provided to the Customer. Where this Addendum conflicts with the Terms of Service, this Addendum prevails only to the extent required by the EU Data Act; otherwise, the Terms of Service control.
This Addendum implements requirements of the EU Data Act (Regulation (EU) 2023/2854) and clarifies the Customer’s rights and Supplier’s obligations in relation to data portability, switching service providers, transparency, and data deletion. Parties will cooperate in good faith to ensure an effective switching process, timely data transfer, and continuity of Services, including cooperation with alternative service providers designated by the Customer.
2.1. Upon termination, the Customer may elect to: (a) switch to a different provider of data processing services, in which case the Customer shall provide the necessary details of that provider; (b) switch to an on-premises ICT infrastructure; or (c) erase its exportable data and digital assets. For Organizations or Workspaces with multiple Users, switching requests and export instructions must be initiated by the Organization Owner, Workspace Owner, or an authorised Representative.
2.2. The switching process follows these steps:
(a) The Customer must notify the Supplier of the intention to switch at least one (1) month in advance; notice must be submitted through support@toggl.com or a dedicated support chat. Within 14 business days Supplier will confirm receipt and provide information on technical feasibility, estimated timeline, and available export options.
(b) After the notice period, Supplier will maintain the Service for a transitional period of up to thirty (30) calendar days. This period may be extended once by the Customer for a period the Customer considers appropriate, or adjusted if Supplier duly notifies the Customer of technical reasons requiring an alternative transitional period (not exceeding seven (7) months) with justification provided, within 14 business days of the switching request.
(c) During the transitional period, Supplier will continue providing the contracted Services, ensure continuity of business operations, and maintain the security of all data transfers. During the transitional period (including any extended or alternative period), the Agreement remains in force and applicable fees for paid Service Plans continue to accrue.
(d) If Supplier issues a discontinuation notice under the Terms of Service, Supplier will honour any switching process already initiated, including the transition and retrieval periods.
2.3. Supplier will provide reasonable assistance to the Customer and any new service provider designated by the Customer to ensure an effective switching process, continuity of service, and secure transfer of data. Supplier will provide all relevant information to support the Customer’s exit strategy, including clear information on any known risks to continuity in the provision of the Services during the switching process.
3.1. Supplier will make available for transfer all exportable data and digital assets generated by or directly relating to the Customer, in commonly used, machine-readable, interoperable formats, such as CSV and JSON.
3.2. Data strictly required for Supplier’s internal operations and constituting its trade secrets will not be included, provided that such exclusions do not hinder or delay the switching process.
4.1. The Customer will have a minimum of thirty (30) calendar days after the transitional period to download its exportable data. This retrieval right applies notwithstanding any termination or deletion provisions in the applicable Terms of Service, where a switching process has been initiated under this Addendum.
4.2. Following this retrieval period, Supplier will permanently delete all exportable data and digital assets generated by or directly relating to the Customer, unless otherwise requested by the Customer or applicable law requires retention. Non-exportable security and audit logs may be retained as required by law or legitimate security needs, subject to the DPA and the Privacy Policy.
4.3. In case of a full migration, the Agreement terminates upon closure of the relevant User Account/Organization in accordance with the Terms of Service. In case of partial migration, the Agreement is amended to reflect the updated scope.
5.1. No switching fees apply under normal use. Where relevant, Supplier shall provide information to the Customer on data processing services that involve highly complex or costly switching or for which it is impossible to switch without significant interference in the data, digital assets or service architecture.
5.2. For the avoidance of doubt, the Agreement remains in force during the transitional period (including any extension or alternative period) and applicable Service Plan fees continue to apply.
6.1. Customer is responsible for the import, implementation, and configuration of exportable data and digital assets in its own systems or in the systems of a destination provider.
6.2. Customer will, to the extent possible, self-export exportable data or digital assets directly from the Services as instructed by Supplier, and will comply with its confidentiality obligations under the Agreement.
6.3. Customer must notify Supplier once the switching process has been completed. If Supplier is not notified, Supplier may assume completion at the end of the retrieval period.
The Service Data Registry below includes a list of all categories of exportable data and digital assets that can be ported during the switching process.
The “Service Equivalence Feasibility” column is informational only and does not constitute a warranty or guarantee of outcomes. Export endpoints/formats may vary by Service Plan and current Documentation; where a listed method is unavailable, Supplier will provide a functionally equivalent export method that meets the EU Data Act requirements.
| Product | Exportable Data & Formats | Methods of Data Retrieval (for Customer) | Methods of Data Transfer (to another provider / ICT) | Data that cannot be transferred | Known Limitations | Service Equivalence Feasibility |
|---|---|---|---|---|---|---|
| Toggl Track | Time entries (CSV, PDF, XLSX); Projects (CSV and PDF containing only projects that have tracked hours allocated to them/JSON - all WS projects); Project Members (JSON) Project Tasks (JSON) Tags (JSON) User Groups (JSON) Clients (CSV and PDF containing only clients that have tracked hours allocated to them/JSON - all WS clients) Team (JSON export of all Workspace members - not all Organization members, specific to the selected Workspace) Workspace Settings (JSON) Alerts (JSON) Custom Reports (JSON) Scheduled Reports (JSON) Tracking Reminders (JSON) Invoices (JSON) Audit log (JSON) Personal Profile Data (Calendar integrations, Preferences, Profile - JSON) Timeline Data (JSON) | Workspace Settings Page (JSON of different datasets); Reports Page (PDF, CSV, XLSX) Profile Page (JSON) API (JSON, CSV, XLSX, PDF) | Secure download via HTTPS/API; bulk export via admin interface | Internal system logs; metadata for fraud prevention/security; aggregated usage stats; System-level authentication logs; SSO configs from external IdPs | No historical deleted entries, or other deleted datasets such as the ones listed in column “Exportable Data & Formats”; some 3rd party integrations not portable; attachments may need separate export; formatting may differ across platforms | High – importable to other time tracking solutions |
| Toggl Focus | Tasks and related attributes (task name, status, project, segment, tags, assignee, dates, recurrence, estimated time, start/end times – CSV planned); Time entries and related attributes (task linkage, duration, tags, user, project – CSV/JSON planned); Personal profile data (preferences, integrations – JSON planned) | Export function (CSV/JSON) planned for release Q4 2025; until then, manual export available upon Customer request (CSV or JSON as feasible) | Secure download via HTTPS; manual export provided upon Customer request; import into destination system using CSV/JSON files | Internal system logs; metadata for fraud prevention/security; aggregated usage statistics; system-level authentication logs; deleted tasks and entries; attachments or third-party integration data (if any) | Automated self-service export functionality not yet available; only manual export supported until feature release; formatting and field mapping may differ across platforms; recurrence and estimates may not map consistently to destination services | Medium – data will be exportable in CSV/JSON and can be imported into other productivity and time/project management solutions, but functional equivalence depends on destination provider |
| Toggl Plan | Tasks (CSV – includes task name, status, project name, segment, tags, assignee name and email, dates, recurrence, estimated time, start and end times) | Export function within the application (CSV file download, viewable in spreadsheet software such as Google Sheets or Excel) | Secure download via HTTPS; manual import into destination system using CSV file | Internal system logs; metadata for fraud prevention/security; aggregated usage statistics; system-level authentication logs; deleted tasks; attachments and third-party integration data (if any) | Export limited to CSV format; no JSON export; deleted tasks not available; formatting or field mapping may differ across platforms; recurrence and estimates may not map consistently to destination services | Medium – data is exportable in CSV and can be imported into other project/task management solutions, but functional equivalence may vary depending on the destination provider |
| Toggl Work | Invoices (PDF) Approved Expense Reports (PDF) Expenses (PDF) | Invoices Page (PDF) Expenses Page (PDF) Trips Page (PDF) | Secure download via HTTPS; manual export provided upon Customer request; import into destination system using CSV/JSON files | Internal system logs; metadata for fraud prevention/security; aggregated usage stats; System-level authentication logs; SSO configs from external IdPs | No historical deleted entries; some 3rd party integrations not portable; attachments may need separate export; formatting may differ across platforms | High – core user/role data transferable |
For a general description of the technical, organisational and contractual measures adopted by the Supplier in order to prevent international governmental access to or transfer of non-personal data held in the Union where such access or transfer would create a conflict with Union law or the national law of the relevant Member State, as well as the jurisdiction to which the ICT infrastructure deployed for data processing of their individual services is subject, please see our Security Policy.
Last updated: 12 September 2025