R
RetailCheckOff
Get Started Free

Privacy Policy

Effective Date: February 6, 2025

Introduction

RetailCheckOff (“we”, “us”, or “our”) operates a web-based SaaS platform for retail store task management. This Privacy Policy explains how we collect, use, disclose, and protect your information when you use our services at retailcheckoff.com and app.retailcheckoff.com (the “Service”).

We are committed to protecting your privacy and complying with applicable data protection laws, including the General Data Protection Regulation (GDPR) and other relevant privacy regulations.

Information We Collect

Manager Information

When you create a manager account, we collect:

  • Email address: Used for account creation, authentication, and communication
  • Account credentials: Encrypted password for secure authentication
  • Profile information: Any optional information you provide in your account settings
  • Billing information: Payment details processed securely through our payment processor (Stripe)

Employee Information

For employees using the Service via QR code access:

  • Employee names: Entered by managers and selected from dropdowns by employees
  • Task completion data: Records of which tasks were completed, when, and by whom
  • Optional photos: Images uploaded as proof of task completion (automatically deleted after 7 days)
  • Session data: Temporary technical information needed to maintain your session while using the Service

Automatically Collected Information

We automatically collect certain technical information:

  • Usage data: Information about how you interact with the Service
  • Device information: Browser type, operating system, device identifiers
  • Log data: IP addresses, access times, pages viewed
  • Session cookies: Essential cookies required for the Service to function properly

How We Use Your Information

We use the collected information for the following purposes:

Service Delivery

  • Providing and maintaining the RetailCheckOff platform
  • Enabling task management and completion tracking
  • Allowing managers to monitor store operations
  • Facilitating communication between managers and employees

Account Management

  • Creating and managing user accounts
  • Authenticating users and maintaining security
  • Processing billing and payments
  • Responding to support requests

Service Improvement

  • Analyzing usage patterns to improve functionality
  • Debugging technical issues
  • Developing new features
  • Ensuring platform security and preventing fraud
  • Complying with legal obligations
  • Enforcing our Terms of Service
  • Protecting our rights and those of our users

For users in the European Economic Area (EEA), we process your data based on:

  • Contract performance: Processing necessary to provide the Service you’ve subscribed to
  • Legitimate interests: Improving our Service, preventing fraud, and ensuring security
  • Legal obligations: Complying with applicable laws and regulations
  • Consent: When required by law, we will obtain your explicit consent

Data Storage and Security

Infrastructure

Your data is stored securely using:

  • Supabase: Cloud database hosting with enterprise-grade security
  • Vercel: Secure application hosting infrastructure
  • Stripe: PCI-compliant payment processing (we do not store credit card information)

Security Measures

We implement industry-standard security measures:

  • Encryption of data in transit (TLS/SSL)
  • Encryption of sensitive data at rest
  • Regular security audits and updates
  • Access controls and authentication
  • Secure password hashing

However, no method of transmission or storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

Data Retention

Manager Data

Manager account information is retained for as long as your account is active or as needed to provide the Service. When you close your account, we will delete or anonymize your data within 30 days, except where we are required to retain it for legal purposes.

Employee Data

  • Employee names and completion logs: Retained as long as the manager’s account is active or until the manager deletes the data
  • Photos: Automatically deleted after 7 days
  • Anonymized data: When employee records are anonymized, personal identifiers are permanently removed while preserving statistical data

We may retain certain data longer when required by law, to resolve disputes, enforce agreements, or for legitimate business purposes.

Data Sharing and Third Parties

Third-Party Service Providers

We share data with trusted third-party service providers who assist in operating our Service:

  • Supabase: Database and backend infrastructure
  • Stripe: Payment processing (receives only billing information)
  • Vercel: Application hosting and content delivery

These providers are contractually obligated to protect your data and use it only for the purposes we specify.

No Selling of Data

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

We may disclose your information when required by law, such as:

  • In response to valid legal process (subpoenas, court orders)
  • To protect our rights, property, or safety
  • To prevent fraud or security threats
  • In connection with a business transfer (merger, acquisition, bankruptcy)

Your Rights and Choices

General Rights

You have the right to:

  • Access: Request a copy of the personal data we hold about you
  • Correction: Request correction of inaccurate or incomplete data
  • Deletion: Request deletion of your personal data
  • Objection: Object to certain processing of your data
  • Portability: Request transfer of your data to another service
  • Withdraw consent: Withdraw consent where processing is based on consent

GDPR Rights (EEA Users)

If you are located in the EEA, you have additional rights under GDPR:

  • Right to restriction of processing
  • Right to lodge a complaint with your supervisory authority
  • Right to object to automated decision-making

Manager Data Controls

As a manager, you can:

  • Access and update your account information at any time
  • Delete employee records from your account
  • Anonymize employee completion logs
  • Export your data
  • Close your account and request data deletion

Employee Data Rights

Employees can exercise their rights by contacting the manager who created their record or by contacting us directly at [privacy@retailcheckoff.com]. We will work with the relevant manager to fulfill valid requests.

Exercising Your Rights

To exercise any of these rights, contact us at [privacy@retailcheckoff.com]. We will respond to valid requests within 30 days (or as required by applicable law).

Cookies and Tracking

Essential Cookies

We use only essential session cookies required for the Service to function properly. These cookies:

  • Maintain your authenticated session
  • Remember your preferences during your visit
  • Are deleted when you close your browser or log out

No Third-Party Tracking

We do not use third-party advertising cookies or tracking technologies for marketing purposes.

International Data Transfers

Our Service providers (Supabase, Vercel, Stripe) may process data in various locations globally. When we transfer data outside the EEA, we ensure appropriate safeguards are in place, such as:

  • Standard contractual clauses approved by the European Commission
  • Service providers certified under recognized frameworks
  • Other legally approved transfer mechanisms

Children’s Privacy

RetailCheckOff is not intended for use by individuals under the age of 16. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child without parental consent, we will take steps to delete it promptly.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. When we make material changes:

  • We will update the “Effective Date” at the top of this policy
  • We will notify managers via email
  • We will provide notice within the Service

Your continued use of the Service after changes are posted constitutes acceptance of the updated policy.

Data Protection Officer

For questions about data protection or to exercise your rights, contact us at:

Email: [privacy@retailcheckoff.com]

Subject Line: Privacy Inquiry - RetailCheckOff

Supervisory Authority

If you are located in the EEA and believe we have not adequately addressed your privacy concerns, you have the right to lodge a complaint with your local data protection supervisory authority.

Contact Us

For questions, concerns, or requests regarding this Privacy Policy or our data practices:

RetailCheckOff Email: [privacy@retailcheckoff.com] Website: retailcheckoff.com

Last Updated: February 6, 2025