Legal

Privacy Policy

Last updated: March 8, 2026
This Privacy Policy explains how ChiefOS (“ChiefOS”, “we”, “us”) collects, uses, and protects information when you use our website, portal, and messaging-based features (including WhatsApp ingestion).
Terms of Serviceprivacy@usechiefos.com

What we collect

  • Account information such as email address, authentication identifiers, and phone number if connected through messaging integrations.
  • Business data submitted to the platform including receipts, invoices, documents, transaction logs, job information, notes, and related metadata.
  • Usage information such as page views, request timestamps, system activity logs, and security events.
  • Payment status information if you subscribe to a paid plan. Payments are processed by Stripe and we do not store full card details.

How we use information

  • Provide and operate the Service.
  • Organize and process business records submitted by users.
  • Generate insights and summaries using automated systems.
  • Maintain platform reliability, security, and performance.
  • Communicate with users regarding product updates and support requests.

Artificial intelligence and automated processing

ChiefOS uses automated systems and machine learning to analyze submitted records and generate insights intended to help users understand business activity.
These systems may process Customer Data to improve capture accuracy, classification, summarization, and insight generation.
AI-generated outputs are informational and may contain inaccuracies. Users remain responsible for reviewing important financial or operational decisions.

Aggregated and de-identified data

ChiefOS may create aggregated, anonymized, or de-identified datasets derived from platform activity.
  • These datasets do not identify individual users or businesses.
  • They cannot reasonably be used to reconstruct customer records.
  • They may be used internally to improve reliability, develop new features, conduct research, and train machine learning systems.

How we share information

We do not sell personal information. Information may be shared only when necessary to operate the Service or comply with legal obligations.
Service providers
  • Supabase – authentication, database, and storage.
  • Vercel – application hosting and delivery.
  • Twilio – messaging infrastructure for WhatsApp ingestion.
  • Stripe – subscription billing and payments.

Data retention

  • Workspace data is retained while your account is active.
  • Users may delete or reset their workspace from settings.
  • Deleted information may persist temporarily in backups (typically 30–90 days).
  • Aggregated or anonymized data may be retained for research and service improvement.

Security

  • Encryption in transit (HTTPS) and encrypted infrastructure storage.
  • Access controls and operational least-privilege practices.
  • Tenant isolation patterns to prevent cross-workspace access.
  • Monitoring and logging for reliability and security investigations.

Your rights

  • Access and update information through account settings.
  • Request export of your data.
  • Request deletion of your account.

International data transfers

Our service providers may process data in multiple regions including the United States. We take reasonable steps to ensure appropriate protections are applied.

Changes to this policy

We may update this Privacy Policy as the Service evolves. Updates will be reflected by revising the “Last updated” date above.
This page is provided for transparency and product clarity. It is not legal advice.