Legal

Privacy Policy

Last updated: February 27, 2026
This Privacy Policy explains how ChiefOS (“ChiefOS”, “we”, “us”) collects, uses, and protects your information when you use our website, portal, and messaging-based features (including WhatsApp ingestion).
Terms of ServiceContact: privacy@usechiefos.com

What we collect

We collect information you provide directly, information generated through your use of ChiefOS, and limited technical information required to operate and secure the service.
  • Account & identity: email address, authentication identifiers, and (if you connect WhatsApp) your phone number.
  • Business activity you submit: receipts, invoices, photos/PDFs, messages, transaction logs (expense/revenue/time), job references, notes, and related metadata.
  • Usage & device data: basic logs such as request timestamps, pages/actions taken, error logs, and security events (e.g., suspicious login activity).
  • Payment data: if you subscribe, billing is processed by Stripe. We receive billing status and identifiers, but we do not store full card details.

How we use your information

  • Provide the service (capture, organize, and display your records; answer your questions).
  • Operate and secure accounts (authentication, abuse prevention, auditability).
  • Improve reliability and performance (bug fixes, monitoring, analytics at a service level).
  • Communicate with you (support responses, product updates you request).
  • Billing and subscription management (through Stripe).

How we share information

We do not sell your personal information. We share information only as needed to run ChiefOS, comply with law, or protect rights and safety.
Subprocessors (service providers)
  • Supabase – authentication, database, and storage.
  • Vercel – hosting and delivery of the website and APIs.
  • Twilio – WhatsApp messaging transport and media retrieval during ingestion.
  • Stripe – billing and subscription payments.
We may also share information if required by law, subpoena, or to prevent fraud, abuse, or security incidents.

Data retention

We keep your information for as long as you maintain an account and as needed to provide the service.
  • Workspace data: you can reset or delete your workspace from settings. Deletions are processed promptly, and we aim to remove deleted data from active systems quickly.
  • Backups: deleted data may persist in backups for a limited period (typically up to 30–90 days), then is overwritten or removed in the normal backup cycle.
  • Billing records: subscription and invoice records may be retained longer where required for accounting and legal compliance.

Security

We use reasonable administrative, technical, and organizational measures designed to protect your data.
  • Encryption in transit (HTTPS) and encryption at rest via our infrastructure providers.
  • Access controls and least-privilege for operational access.
  • Tenant isolation patterns to prevent cross-tenant access.
  • Monitoring and logging for reliability and security investigations.
No system is perfectly secure. If you believe you’ve found a vulnerability, email security@usechiefos.com.

Your choices & rights

  • Access and update certain information through your account settings.
  • Request deletion of your account and workspace data.
  • Request help exporting your data (we’ll support reasonable export requests).
To request help with data access/export/deletion, contact privacy@usechiefos.com.

Cookies

We use essential cookies and similar technologies primarily to maintain login sessions, secure the service, and prevent abuse. If we add non-essential analytics cookies, we’ll update this policy.

International data transfers

Our service providers may process data in different regions (including the United States). We take steps designed to ensure appropriate protections are in place when data is transferred.

Children’s privacy

ChiefOS is not intended for children under 16. If you believe a child has provided us personal information, contact us and we will take appropriate steps to delete it.

Changes to this policy

We may update this policy to reflect improvements, legal requirements, or product changes. We’ll update the “Last updated” date above and may notify you in-product for material changes.
This page is provided for transparency and product credibility. It is not legal advice.