Privacy Policy

Last updated: April 2026  •  Draft — pending legal review

Draft document. This Privacy Policy has not yet been reviewed by legal counsel.
1. Information We Collect

We collect information you provide directly (name, email, business details, worker data), information collected automatically (usage logs, IP addresses), and information from third-party OAuth providers (Google, Microsoft, Apple) if you choose to sign in with them.

2. How We Use Your Information

We use your information to provide and improve the Service, process payments, send transactional emails (account confirmation, password reset, deadline reminders), and comply with legal obligations. We do not sell your data to third parties.

3. Data Storage and Security

Your data is stored on Supabase (PostgreSQL), encrypted at rest. All data in transit is protected by HTTPS/TLS. Row-level security is enforced so your data is isolated from other tenants.

4. Data Retention

We retain your data for as long as your account is active. You may request deletion of your account and associated data at any time from Account → Profile → Delete My Account.

5. Third-Party Services

We use the following third-party services: Stripe (payments), SendGrid (email), Supabase (database and storage), and Serilog/Seq (internal logging). Each has its own privacy policy.

6. Contact

Privacy questions? Contact us.

Terms of Service → Disclaimer →