Privacy Policy
Effective date: June 1, 2025
1. Overview
AreaOps ("we," "us," or "our") operates a B2B software platform that helps home-services operations teams manage ZIP-code service areas across multiple brands. This Privacy Policy explains what information we collect, how we use it, and the choices you have.
Because AreaOps is a business tool, the data we handle is primarily operational business data (brand configurations, geographic coverage, team membership) rather than sensitive consumer personal information. We handle this data responsibly and transparently.
2. Information We Collect
Account and organization information
- Name, email address, and profile information provided when you sign up via Clerk (our authentication provider).
- Organization name, industry vertical, and plan/billing details when you create your workspace.
- Team member information (email addresses and roles) when you invite colleagues.
Service and operational data
- Brand names, market names, and ZIP-code assignments you create within the Service.
- Map configurations, targeting filters, saved views, and integration settings you configure.
- Files you upload (CSV, XLSX) containing ZIP codes or other operational data.
- Audit log entries recording actions taken by users within your organization.
Usage and technical data
- Log data including IP addresses, browser type, pages visited, and timestamps.
- Session data managed by Clerk for authentication purposes.
- API request logs used for debugging, rate-limiting, and security monitoring.
Billing information
- Payment card details and billing information are collected and stored directly by Stripe, our payment processor. We receive only a Stripe customer ID and limited billing metadata (plan, status, renewal date) — we do not store card numbers.
Geographic reference data
- The Service includes pre-loaded ZIP-code boundaries and U.S. Census demographic data (income, homeownership, housing age) sourced from public datasets. This data is not collected from you — it is integrated into the product for operational use.
3. How We Use Your Information
We use the information we collect to:
- Provide, operate, maintain, and improve the Service;
- Authenticate users and manage access permissions;
- Process subscription payments and send billing-related communications;
- Send transactional emails such as invitations, account alerts, and trial expiry notices;
- Monitor for security incidents, abuse, and policy violations;
- Respond to your support requests and communications;
- Generate aggregated, anonymized analytics to improve the product;
- Comply with legal obligations.
We do not sell your personal information or Customer Data to third parties. We do not use your data for behavioral advertising.
4. Third-Party Services
We use the following third-party service providers to operate the Service. Each provider has its own privacy practices:
- Clerk — authentication and session management. Clerk Privacy Policy
- Stripe — payment processing and subscription management. Stripe Privacy Policy
- Resend — transactional email delivery (invitations, alerts, billing notifications). Resend Privacy Policy
- U.S. Census Bureau / OpenStreetMap — public geographic and demographic reference data, accessed server-side and cached in our database. No personal data is shared with these services.
- Nominatim (OpenStreetMap) — server-proxied reverse geocoding for map features. Only geographic coordinates (latitude/longitude) are sent; no personal data.
We select service providers that offer appropriate data protection commitments and process data only as necessary for the purpose stated.
5. Data Retention
We retain your account and Customer Data for as long as your account is active or as needed to provide the Service. If you delete your account or cancel your subscription:
- Your Customer Data (brands, markets, ZIP assignments) is retained for 30 days to allow for recovery, then deleted.
- Billing records and audit logs may be retained for up to 7 years for legal and accounting compliance.
- Log data used for security monitoring is retained for up to 90 days.
You may request deletion of your data earlier by contacting us at legal@areaops.app.
6. Data Security
We implement industry-standard technical and organizational measures to protect your data, including:
- All data transmitted between your browser and our servers is encrypted using TLS.
- Access to production databases is restricted to authorized personnel only.
- Authentication is managed by Clerk, which enforces modern session security standards.
- Payment data is handled exclusively by Stripe, a PCI-DSS-compliant processor.
No security measure is 100% effective. In the event of a data breach that is likely to result in a risk to your rights, we will notify affected users as required by applicable law.
7. Your Rights and Choices
Depending on your location, you may have the following rights regarding your personal information:
- Access — request a copy of the personal data we hold about you.
- Correction — request correction of inaccurate personal data.
- Deletion — request deletion of your personal data, subject to legal retention obligations.
- Portability — export your Customer Data (brands, markets, ZIP assignments) in CSV format at any time from within the Service.
- Objection / restriction — object to or request restriction of certain processing activities.
To exercise any of these rights, contact us at legal@areaops.app. We will respond within 30 days.
8. Cookies and Tracking
The Service uses cookies and similar technologies primarily for authentication (managed by Clerk) and session management. We do not use third-party advertising cookies or behavioral tracking cookies.
You can configure your browser to refuse cookies, but doing so may affect your ability to sign in to the Service.
9. Children's Privacy
The Service is designed for business use by adults and is not directed at children under the age of 16. We do not knowingly collect personal information from children. If you believe we have inadvertently collected such information, contact us at legal@areaops.app and we will delete it promptly.
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page with a revised effective date and, where appropriate, by email. Your continued use of the Service after the effective date constitutes your acceptance of the updated policy.
11. Contact Us
If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at: legal@areaops.app