Effective date: April 11, 2026
SchiffOps ("we", "us", "our") is committed to protecting your privacy. This policy explains what data we collect, how we use it, and your rights.
We collect information you provide directly: your name, email address, shop information, and business data you enter (jobs, customers, quotes). We also collect basic usage data (page visits, errors) to improve the Service.
We use your data solely to provide and improve the SchiffOps platform. We do not sell, rent, or share your personal data with third parties except as necessary to operate the Service (e.g., payment processing via Stripe, email via Resend).
If you connect QuickBooks Online, we store encrypted OAuth tokens to maintain the connection. We access only the QuickBooks data necessary to sync customers and invoices as directed by you. We do not read or store financial data beyond what is required for this sync.
Your data is stored in a secure PostgreSQL database hosted on Supabase. All connections use TLS encryption. Sensitive tokens (e.g., QuickBooks OAuth) are encrypted at rest. We follow industry-standard security practices.
Each shop's data is fully isolated. Users from one shop cannot access another shop's data. All API requests are scoped to your organization.
We use a single HTTP-only session cookie to keep you logged in. We do not use tracking cookies or third-party advertising cookies.
You may request a copy of your data, correction of inaccurate data, or deletion of your account at any time by emailing us. Upon account deletion, your data is removed within 30 days.
We may update this policy periodically. We will notify you of material changes via email or in-app notice.
Questions? Email us at jim@schiffops.com.