Privacy Policy

Account information (name, email, organisation details), attendance records (clock-in and clock-out timestamps, GPS coordinates at the moment of clock-in), uploaded images (floor plans, issue photos), and usage analytics.

To provide the SpaceOPS service (scheduling, attendance verification, reporting, and client portal access), to process billing, to communicate with you about your account, and to improve the platform.

We retain your organisation’s data for as long as your account is active. On account deletion, data is permanently removed within 30 days, except where retention is required by law (for example, FLSA payroll and timekeeping retention periods).

We rely on a small number of trusted sub-processors:

• Supabase — database and authentication
• Stripe — subscription billing
• Anthropic — AI features (executive summaries, floor plan detection)
• Resend — transactional email
• Vercel — hosting and delivery
• Sentry — error monitoring

Subject to applicable law (GDPR, CCPA, Virginia CDPA, and others), you may have the right to access, correct, export, or delete your personal data. Contact privacy@onyxspaceops.com for requests.

We use essential cookies for authentication and session management. We use privacy-first analytics that do not rely on tracking cookies and do not build user profiles across sites.

For any privacy-related enquiries, contact privacy@onyxspaceops.com.