Privacy Policy
Last updated: March 2026
1. Information We Collect
HeadOps collects the minimum data necessary to provide the service: your Google account email and display name for authentication, and the production planning data you create within the app (projects, components, stages, team assignments, and schedule allocations).
2. How We Use Your Data
Your data is used solely to power the HeadOps scheduling engine and display your planning timeline. We do not sell, share, or monetize your data in any way. We do not run analytics or tracking beyond basic error monitoring.
3. Data Storage & Security
All data is stored in Supabase (PostgreSQL) with Row Level Security (RLS) enforced at the database layer. This means your workspace data is cryptographically isolated — even at the API level, users can only access data within their own workspace. All connections use TLS encryption.
4. Data Retention
Your data is retained as long as your account is active. If you cancel your subscription, your data remains accessible in read-only mode for 90 days. After that, it is permanently deleted. You can request immediate deletion at any time by contacting us.
5. Third-Party Services
HeadOps uses Google OAuth for authentication and Supabase for data storage. No other third-party services have access to your production data.
6. Your Rights
You have the right to access, export, correct, or delete your data at any time. Use the Export feature within the app, or contact us for a complete data export or deletion request.
7. Contact
For privacy-related inquiries, contact us at privacy@headops.com.