Privacy Policy
Template — replace [date], confirm your providers, and have a lawyer review before launch. Not legal advice.
Overview
This policy explains what information CertTrackr collects, how we use it, and the choices you have. We collect only what we need to run the Service.
Information we collect
Account information (name, email, organization). Customer Data you upload — vendor details and compliance documents such as insurance certificates, SOC 2 reports, W-9s and licenses. Basic usage and log data needed to operate and secure the Service.
How we use it
To provide the Service: store your documents, compute compliance status, send the expiry reminders you configure, and support your account. We do not sell your data, and we do not use your Customer Data to train AI models.
Sub-processors
We rely on trusted providers to run the Service: Supabase (database, authentication, and encrypted file storage), Vercel (application hosting), Resend (transactional email), and Stripe (payment processing). Each processes data only as needed to provide their part of the Service.
Security
Files are stored in private storage and served only through short-lived signed links. Each organization's data is isolated at the database level so one customer can never access another's. We keep secrets server-side and follow least-privilege access.
Retention & deletion
We keep your data while your account is active. You can request export or deletion of your organization's data, and deleting a vendor or organization removes its associated documents. Email support@certtrackr.com to make a request.
Your rights
Depending on your location, you may have rights to access, correct, export, or delete your personal data. Contact us and we will respond as required by applicable law.
Cookies
We use essential cookies to keep you logged in and to operate the Service. We do not use them for cross-site advertising.
Changes & contact
We may update this policy; material changes will be communicated through the Service or by email. Questions? Email support@certtrackr.com.