Privacy Policy

Last updated: March 28, 2026

1. Information We Collect

We collect information you provide when creating an account (name, email, password) and data you enter into the platform (transactions, employee records, financial data).

2. How We Use Your Data

Your data is used solely to provide and improve the Service. We do not sell your personal information to third parties.

3. Data Storage and Security

Data is stored in encrypted PostgreSQL databases hosted on Supabase with enterprise-grade security. All connections use TLS encryption. We implement org-level data isolation to prevent cross-tenant access.

4. Cookies

We use essential cookies for authentication and session management. We do not use tracking cookies or third-party advertising cookies.

5. Data Retention

Your data is retained for as long as your account is active. Upon account deletion, your data is permanently removed within 30 days.

6. Your Rights

You may request access to, correction of, or deletion of your personal data at any time by contacting us. You may export all your data via the platform's export features.

7. Third-Party Services

We use Stripe for payment processing, Resend for email delivery, and Vercel for hosting. Each service has its own privacy policy governing their handling of your data.

8. Changes to This Policy

We may update this policy from time to time. We will notify you of significant changes via email.

9. Contact

Privacy questions? Contact us at [email protected].