Trackora
LoginRegister

Privacy Policy

Last updated: December 4, 2025

At Trackora, we respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and share your information when you use our platform.

1. Information We Collect

1.1 Account Information

When you create an account, we collect:

  • Email address
  • Full name
  • Password (securely hashed)
  • Profile picture (optional)

1.2 OAuth Data

If you sign in with Google or GitHub, we receive:

  • Your name and email from the OAuth provider
  • Profile picture (if available)
  • A unique identifier from the provider

We do not receive or store your OAuth provider password.

1.3 Project and Work Data

To provide our services, we store data you create:

  • Projects (names, descriptions, dates, pricing, status)
  • Tasks (names, priorities, time estimates, due dates)
  • Time entries (start/end times, durations, descriptions)
  • Client information (names, emails, phone numbers, addresses)
  • Payment schedules and tracking (amounts, dates, status)
  • Files you upload (project resources, attachments)
  • Milestones and approval records

1.4 Client Portal Data

When clients interact with shared project links, we may temporarily collect:

  • Client name (for feedback attribution)
  • Client email (for communication)
  • Feedback messages and file attachments
  • Milestone approval decisions

1.5 Technical Data

We automatically collect:

  • Browser type and version
  • Device information
  • IP address
  • Error logs and performance data (via Sentry)
  • Feature usage patterns

2. How We Use Your Information

We use your information to:

  • Provide, maintain, and improve the Trackora service
  • Create and manage your account
  • Process subscription payments (through our payment partners)
  • Enable project sharing with your clients
  • Send important service notifications
  • Respond to your support requests
  • Monitor and fix technical issues
  • Generate analytics and reports within your account
  • Protect against fraud and abuse
  • Comply with legal obligations

3. Data Sharing and Disclosure

3.1 Service Providers

We share data with trusted third parties who help us operate:

  • Supabase — Database hosting, authentication, file storage
    Privacy: supabase.com/privacy
  • Google/GitHub — OAuth authentication (if you choose to sign in this way)
  • Lemon Squeezy/Paddle — Payment processing for subscriptions
    We do not store your payment card details
  • Sentry — Error monitoring and performance tracking
    Privacy: sentry.io/privacy

3.2 Client Sharing

When you share a project with a client via a secure link, they can view project details, tasks, milestones, and payment status. You control what is shared and can revoke access at any time. Clients do not need a Trackora account.

3.3 Legal Requirements

We may disclose your information if required by law, court order, or to protect the rights, safety, or property of Trackora, our users, or the public.

3.4 Business Transfers

If Trackora is involved in a merger, acquisition, or sale, your data may be transferred. We will notify you of any such change.

4. Data Storage and Security

We take data security seriously:

  • All data is encrypted in transit using HTTPS/TLS
  • Data at rest is encrypted by our infrastructure provider (Supabase)
  • Passwords are securely hashed and never stored in plain text
  • Row-Level Security (RLS) ensures you can only access your own data
  • File uploads use secure, time-limited signed URLs
  • Authentication tokens are securely managed

While we implement industry-standard security measures, no system is completely secure. We cannot guarantee absolute security.

5. Data Retention

We retain your data for as long as your account is active or as needed to provide services:

  • Account data is kept until you delete your account
  • Project and task data is kept until you delete it or your account
  • Time tracking data is kept for analytics purposes while your account is active
  • Error logs are retained for up to 90 days
  • Backup data may persist for up to 30 days after deletion

When you delete your account, all associated data is permanently removed from our active systems.

6. Cookies and Tracking

Trackora uses minimal cookies:

  • Authentication cookies: Essential for keeping you logged in
  • Preference cookies: Remember your settings (e.g., color mode)

We do not use advertising cookies or third-party tracking pixels. We do not sell your data to advertisers.

7. Your Rights

You have the right to:

  • Access: View all data we have about you through your dashboard
  • Correction: Update your profile and project information anytime
  • Deletion: Delete individual items or your entire account
  • Restriction: Request limits on how we process your data
  • Objection: Object to certain data processing activities

To exercise these rights, contact us at hello@trackora.io

8. International Data Transfers

Your data may be processed in countries other than your own. Our service providers (Supabase, Sentry) operate globally. By using Trackora, you consent to this transfer. We ensure appropriate safeguards are in place for international data transfers.

9. Children's Privacy

Trackora is not intended for users under 18 years of age. We do not knowingly collect personal information from children. If we discover that a child has provided us with personal data, we will delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email or in-app notification. The "Last updated" date at the top indicates when the policy was last revised. Your continued use after changes constitutes acceptance.

11. Contact Us

For questions about this Privacy Policy or your data, contact us:

Email: hello@trackora.io

Website: trackora.io