Privacy Policy

1. Information We Collect

We collect information you provide directly to us, such as when you create an account, submit an audit, report an incident, or contact us for support.

This includes:

• Name, email address, and phone number
• Company name and job title
• Audit data, incident reports, and safety documentation
• Payment information (processed securely by Stripe)

2. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve our services
• Process transactions and send related information
• Send technical notices, updates, and support messages
• Respond to your comments, questions, and requests
• Monitor and analyze trends, usage, and activities

3. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. This includes:

• Encryption in transit and at rest
• Regular security assessments
• Access controls and authentication
• Secure data centers with SOC 2 compliance

4. Data Retention

We retain your personal data for as long as your account is active or as needed to provide services. Safety records may be retained for longer periods as required by OSHA regulations (typically 5+ years for injury/illness records).

5. Your Rights

You have the right to:

• Access your personal data
• Correct inaccurate data
• Request deletion of your data
• Export your data in a portable format
• Opt out of marketing communications

6. Third-Party Services

We use trusted third-party services to operate our platform:

• Supabase for authentication and database
• Stripe for payment processing
• Resend for email communications
• Vercel for hosting

7. Contact Us

If you have questions about this Privacy Policy, please contact us at:

Email: privacy@basincheck.com
Address: Houston, Texas