Legal

Privacy Policy

Last updated: May 26, 2026 · Applies to all OmniTrack accounts

OmniTrack ("we", "us", "our") is committed to protecting the privacy of our customers and the employees whose data is processed through our platform. This Privacy Policy explains what data we collect, how we use it, and your rights regarding it.

1. Information We Collect

Account information — When you register, we collect your company name, email address, and hashed password. We do not store passwords in plain text.

Employee data — Supervisors add employee names and ID codes to the platform. We store this information on behalf of the company (you are the data controller; we are the data processor).

Time and activity data — We record clock-in and clock-out timestamps, standup notes typed by employees at clock-in, end-of-day work reports typed at clock-out, and AI-calculated productivity scores.

Billing data — We collect your subscription status and seat count. Payment card details are handled exclusively by Stripe and are never stored on our servers.

Usage data — We may collect standard server logs (IP addresses, browser type, pages visited) for security and performance monitoring.

2. How We Use Your Data

To provide and operate the OmniTrack service
To process clock-in/out events and calculate productivity scores
To generate AI-powered summaries and task-completion analysis using Anthropic's Claude API
To process your subscription payments via Stripe
To send service-related communications (billing receipts, important updates)
To maintain the security and integrity of the platform

We do not sell your data. We do not use your data for advertising purposes.

3. AI Processing

OmniTrack uses Anthropic's Claude API to power several features:

Standup check — Employee standup text is sent to Claude at clock-in to check whether assigned tasks were mentioned.
Clock-out scoring — End-of-day reports are sent to Claude to extract productivity variables and calculate a score.
Weekly summaries — Aggregated, anonymized team performance data is sent to Claude to generate a plain-English summary for supervisors.

Data sent to Anthropic is governed by Anthropic's Privacy Policy. We send only the minimum data necessary for each feature.

4. Third-Party Services

Stripe Payment processing and subscription management. Subject to Stripe's Privacy Policy.

Anthropic AI language model API for standup checks, scoring, and summaries.

Supabase / PostgreSQL Secure cloud database hosting for all account and employee data.

Hosting Provider The platform is hosted on a cloud provider with encrypted data at rest and in transit.

We only share data with third parties to the extent necessary to operate the Service.

5. Data Retention

We retain your data for as long as your account is active. If you cancel your subscription:

Your account data is retained for 30 days after cancellation to allow for reactivation.
After 30 days, your data is permanently deleted from our systems.
You may request immediate deletion by contacting us at [email protected].

6. Data Security

We take data security seriously. Measures in place include:

All data transmitted between your browser and our servers is encrypted via HTTPS/TLS
Passwords are hashed using industry-standard algorithms — never stored in plain text
Database access is restricted and protected by strong credentials
Session cookies are HTTP-only and secure in production
Each company's data is isolated — companies cannot access each other's data

No system is 100% secure. If you believe your account has been compromised, contact us immediately.

7. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

Access — Request a copy of the data we hold about you.
Correction — Request correction of inaccurate data.
Deletion — Request deletion of your data ("right to be forgotten").
Portability — Request your data in a portable format (CSV export is available from your dashboard).
Objection — Object to certain types of processing.

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.

8. Cookies

OmniTrack uses a single session cookie to keep you logged in. We do not use tracking cookies, advertising cookies, or third-party analytics cookies. No cookie consent banner is required for our current cookie usage.

9. Children's Privacy

OmniTrack is a business tool intended for use by adults in a professional context. We do not knowingly collect data from individuals under the age of 18. If you believe a minor's data has been submitted to our platform, contact us immediately.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or a notice in your dashboard at least 14 days before the changes take effect. Continued use of the Service after that date constitutes acceptance.

11. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your data, please reach out:

Privacy Contact Send us a message here and we'll respond to all privacy-related inquiries within 5 business days.