Privacy Policy

Last updated: March 14, 2026

OpenCloseOps ("we", "our", or "the App") is a daily checklist management application for multi-location businesses. This Privacy Policy explains how we collect, use, and protect your information.

1. Information We Collect

We collect the following information when you use the App:

• Account Information: Email address and password (used for authentication via Firebase Authentication).
• Business Information: Business name, business type, and location names/addresses that you provide during onboarding and setup.
• Checklist Data: Checklist completion records, including item statuses (pass/fail/N/A), timestamps, comments, and general notes.
• Photos: Images you voluntarily upload as evidence for checklist items. Photos are stored in Firebase Cloud Storage.
• Team Data: Team member roles (owner, manager, employee), invite codes, and location assignments.
• Device Information: Push notification tokens for delivering alerts (via Firebase Cloud Messaging).
• Subscription Data: Purchase history and subscription status, managed by RevenueCat.

2. How We Use Your Information

• To provide and maintain the App's core functionality (checklists, team management, analytics).
• To send push notifications about overdue checklists, low scores, and team activity.
• To send email alerts: overdue deadline notifications, daily digests, and weekly summaries (via SendGrid).
• To manage your subscription and process payments through Apple's In-App Purchase system.
• To generate reports (PDF, CSV) that you explicitly request.

3. Data Storage and Security

Your data is stored securely using Google Firebase (Firestore, Authentication, and Cloud Storage), hosted in the United States (us-central1). We implement security rules that restrict data access to authorized users only:

• Users can only access their own profile data.
• Team data is accessible only to team members.
• Checklist results are visible only to the creator and the location owner.
• Uploaded photos are limited to 10MB and image formats only.

4. Third-Party Services

The App uses the following third-party services, each with their own privacy policies:

• Firebase (Google) — Authentication, database, storage, push notifications. Firebase Privacy Policy
• Firebase Analytics (Google) — Usage analytics to understand how the App is used and improve the experience. No personally identifiable information is collected. Firebase Privacy Policy
• Firebase Crashlytics (Google) — Crash reporting to identify and fix bugs. Collects device information and crash logs. Firebase Privacy Policy
• RevenueCat — Subscription management. RevenueCat Privacy Policy
• Stripe — Payment processing for web-based transactions. Stripe Privacy Policy
• SendGrid (Twilio) — Email delivery. Twilio Privacy Policy
• Apple — In-App Purchases and App Store distribution. Apple Privacy Policy
• Google Fonts — Font delivery on our website. When you visit our website, your browser may download fonts from Google servers, which transmits your IP address to Google. Google Fonts Privacy

5. Data Sharing

We do not sell, trade, or rent your personal information to third parties. Your data is shared only:

• With team members you explicitly invite (they see shared checklist data and team information).
• With the third-party services listed above, solely to provide App functionality.
• When required by law or to protect our legal rights.

6. Data Retention and Deletion

Your data is retained as long as your account is active. You can delete your account at any time from the Profile screen in the App. When you delete your account:

• Your user profile is permanently removed from Firebase Authentication and Firestore.
• Your associated data (checklist results, team memberships) is deleted.
• Uploaded photos are removed from Cloud Storage.
• Account and associated data deletion is completed within 30 days of your request.

After deletion, some anonymized or aggregated data may be retained for analytics purposes, but it will no longer be linked to your identity.

7. Children's Privacy

The App is designed for business use and is not intended for children under 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected data from a child under 13, we will delete it promptly.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

• Access, correct, or delete your personal data.
• Export your data (via the App's CSV and PDF export features).
• Opt out of email notifications (from the App's Profile screen or by contacting us).
• Delete your account entirely (from the App's Profile screen).

9. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA):

• Right to Know: You may request disclosure of the categories and specific pieces of personal information we have collected about you.
• Right to Delete: You may request deletion of your personal information, subject to certain exceptions.
• Right to Opt-Out of Sale/Sharing: We do not sell or share your personal information with third parties for cross-context behavioral advertising.
• Right to Non-Discrimination: We will not discriminate against you for exercising any of your privacy rights.
• Authorized Agent: You may designate an authorized agent to submit requests on your behalf by contacting us at support@opencloseops.com.

To exercise these rights, contact us at support@opencloseops.com or use the account deletion feature in the App. We will respond within 45 days.

10. European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA) or United Kingdom, you have additional rights under the General Data Protection Regulation (GDPR):

• Legal Basis: We process your personal data based on: (a) your consent (for optional notifications), (b) performance of a contract (to provide the App's services), and (c) legitimate interest (to improve the App and ensure security).
• Data Controller: OpenCloseOps acts as the data controller for personal data collected through the App.
• Your Rights: You have the right to access, rectify, erase, restrict processing, data portability, and object to processing of your personal data.
• Data Transfers: Your data is stored on servers in the United States. By using the App, you consent to the transfer of your data to the US. We rely on standard contractual clauses and our service providers' compliance frameworks to protect data transferred internationally.
• Complaints: You have the right to lodge a complaint with your local data protection supervisory authority.

To exercise these rights, contact us at support@opencloseops.com.

11. Subscription Information

If you purchase a subscription through the App:

• Subscriptions are managed and billed by Apple through In-App Purchases.
• You can view, change, or cancel your subscription in your device's Settings > Apple ID > Subscriptions.
• Subscriptions automatically renew unless canceled at least 24 hours before the end of the current period.
• For refunds, contact Apple through reportaproblem.apple.com.

12. Photo Retention Policy

Photos uploaded as checklist evidence are subject to the following retention periods based on your subscription plan:

• Free plan: Photos are retained for 7 days, after which they are automatically deleted from Cloud Storage.
• Pro and Scale plans: Photos are retained for 90 days, after which they are automatically deleted from Cloud Storage.

If you delete your account, all associated photos are permanently removed regardless of retention period.

13. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. Continued use of the App after changes constitutes acceptance of the revised policy.

14. Contact Us

If you have questions about this Privacy Policy or your data, contact us at:

Email: support@opencloseops.com