This Privacy Policy explains how Opsdeck Ltd collects, uses, stores and protects your personal data when you use our platform or website. Please read it carefully.
1. Who We Are
Opsdeck Ltd is a private limited company registered in England and Wales (Company No. 17075735). We provide cloud-based field operations and business management software to trade and construction businesses.
We are registered with the Information Commissioner's Office (ICO). ICO Registration No: ZC126490.
Contact details for data protection queries:
- Email: rob@opsdeck.co.uk
- Post: Opsdeck Ltd, 19 Newton Vale, S35 2YL
- Phone: 07837 698 283
2. What Data We Collect
2.1 Data you provide directly
- Name and job title
- Business name and address
- Email address and phone number
- Login credentials (managed securely via Clerk)
- Payment information (processed securely via Stripe — we do not store card details)
2.2 Data uploaded to the platform
- Job information, documents and files uploaded by your organisation
- Photos taken on site and uploaded by your team
- Any personal data contained within documents you upload — this remains your responsibility as Data Controller
2.3 Data collected automatically
- Browser type, device type and operating system
- IP address and approximate location
- Pages visited and features used within the platform
- Login times and session data
3. How We Use Your Data
We use your personal data only for the following purposes:
- To provide and maintain the OpsDeck platform and services
- To manage your account and authenticate your identity
- To process payments and send invoices and receipts
- To communicate with you about your account, updates and support
- To improve the platform based on usage patterns
- To comply with our legal obligations
We do not use your data for marketing to third parties. We do not sell your data. Ever.
4. Legal Basis for Processing
Under UK GDPR we process your personal data on the following legal bases:
- Contract — processing necessary to deliver the services you have contracted with us
- Legal obligation — processing required to comply with applicable law
- Legitimate interests — improving and securing our platform, where this does not override your rights
5. Who We Share Your Data With
We use the following third-party sub-processors to deliver our services. These providers are bound by their own data protection obligations:
| Provider | Purpose | Location |
|---|
| Supabase Inc | Database and file storage | EU (Frankfurt) |
| Clerk Inc | Authentication and user management | EU infrastructure |
| Netlify Inc | Platform hosting and serverless functions | EU infrastructure |
| Stripe Inc | Payment processing | EU infrastructure |
We do not share your data with any other third parties unless required to do so by law.
6. Data Retention
We retain your personal data for as long as your account is active. On termination of your subscription:
- Your data is retained for 30 days during which you may request an export
- After 30 days all data is permanently and irreversibly deleted
- Financial records are retained for 7 years as required by HMRC
7. Your Rights
Under UK GDPR you have the following rights in relation to your personal data:
- Right of access — request a copy of the data we hold about you
- Right to rectification — request correction of inaccurate data
- Right to erasure — request deletion of your data in certain circumstances
- Right to restrict processing — request we limit how we use your data
- Right to data portability — request your data in a machine-readable format
- Right to object — object to processing based on legitimate interests
To exercise any of these rights please contact us at rob@opsdeck.co.uk. We will respond within 30 days.
You also have the right to lodge a complaint with the ICO at ico.org.uk or by calling 0303 123 1113.
8. Security
We implement appropriate technical and organisational measures to protect your data including:
- Row Level Security on all database tables — your data is isolated from other customers
- All data encrypted in transit using TLS
- All data encrypted at rest
- Authentication handled by Clerk — SOC 2 Type II compliant
- Access controls limiting who within our team can access your data
No method of transmission or storage is 100% secure. In the event of a data breach we will notify affected parties and the ICO as required by law.
9. Cookies
Our platform uses essential cookies required for authentication and session management. These cannot be disabled as they are necessary for the platform to function.
We do not use advertising or tracking cookies. We do not use Google Analytics or similar tracking tools.
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any material changes by email or via a notice within the platform. The date at the top of this document indicates when it was last updated.
Continued use of the platform following notification of changes constitutes acceptance of the updated policy.
11. Contact Us
For any data protection queries or to exercise your rights please contact:
- Rob — Opsdeck Ltd
- Email: rob@opsdeck.co.uk
- Post: 19 Newton Vale, S35 2YL
- Phone: 07837 698 283
Opsdeck Ltd | 19 Newton Vale, S35 2YL | 07837 698 283 | rob@opsdeck.co.uk
opsdeck.co.uk | Company No. 17075735 | ICO Registration No. ZC126490 | Registered in England & Wales