Privacy Policy

This Privacy Notice for WrkOrdr, LLC ("we," "us," or "our") describes how and why we collect, store, use, and share your personal information when you use our Services, including when you visit https://www.getwrkordr.com, use the WrkOrdr application, or contact us.

Questions or concerns? Contact us at [email protected].

1. What Information Do We Collect?

Personal information you provide

We collect personal information you voluntarily provide when you register, express interest in our services, participate in activities, or contact us. This includes:

• Names, phone numbers, email addresses, business addresses
• Job titles and business type
• Passwords (hashed — never stored in plain text)
• Business data you enter: clients, time entries, invoices, receipts, scheduled work
• Contact preferences

Sensitive Information. We do not process sensitive personal information such as racial or ethnic origins, religious beliefs, or biometric data.

Application data

If you connect third-party integrations, we may access relevant data you authorize — calendar events (Google Calendar), financial records (QuickBooks), or order data (Shopify). We only access what you explicitly authorize.

Google API

Our use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Information automatically collected

We automatically collect certain technical information when you use the Services, including your IP address, browser type, operating system, and device information. This is used only to maintain the security and operation of our Services.

We use browser localStorage (not cookies) to store your authentication session, language preference, and last export timestamp. This data stays on your device and is never transmitted to advertising networks.

2. How Do We Process Your Information?

We process your personal information to:

• Facilitate account creation and authentication
• Deliver our services (client management, invoicing, time tracking, scheduling, reporting)
• Respond to your inquiries and support requests
• Send administrative information and service updates
• Process payments and manage subscriptions
• Enable collaboration between owners and employees in a shared workspace
• Maintain the security and integrity of the Services

3. What Legal Bases Do We Rely On?

We only process your information when we have a valid legal reason. We rely on: Consent (where you have given permission), Performance of a Contract (to deliver services you signed up for), Legal Obligations (to comply with applicable law), and Vital Interests (to prevent harm).

You may withdraw consent at any time by contacting us at [email protected] or by deleting your account.

4. When and With Whom Do We Share Your Information?

We share information only in the following specific situations:

• Google Firebase — our authentication and database provider. Your data is stored securely in Google Cloud infrastructure.
• QuickBooks Online — only when you explicitly authorize the integration.
• Google Calendar / Apple Calendar — only when you explicitly authorize calendar sync.
• Shopify — only when you explicitly connect your store.
• SendGrid (Twilio) — used to send transactional emails (invoices, receipts, welcome emails, reports). Your email is passed only to send messages you have requested.
• Business transfers — if WrkOrdr is acquired or merges with another company, data may transfer as part of that transaction.

We have not disclosed, sold, or shared any personal information to third parties for commercial purposes. We will not sell or share personal information in the future.

5. Do We Use Cookies and Other Tracking Technologies?

WrkOrdr uses browser localStorage rather than traditional cookies. localStorage stores functional data — your authentication session, language preference, and export timestamps — locally on your device. It is not used for advertising or tracking.

We do not use advertising cookies, tracking pixels, behavioral analytics, or cross-site tracking. We do not currently use Google Analytics or any third-party analytics platform.

Firebase Authentication may set session-related cookies governed by Google's Privacy Policy. These are strictly functional.

You can clear localStorage at any time in your browser settings — note this will sign you out of the app. For cookie management, most browsers allow you to remove or block cookies via their settings.

6. How Do We Handle Social Logins?

WrkOrdr does not currently offer social media login (Facebook, Google Sign-In, X). All authentication is via email and password through Firebase Authentication. If social logins are added in the future, this policy will be updated.

7. How Long Do We Keep Your Information?

We keep your information for as long as your account is active. When you delete your account using the in-app Delete Account feature, all associated data — clients, time entries, invoices, receipts, scheduled work, and your user profile — is permanently deleted from Firestore immediately. No backup copies are retained after deletion.

8. How Do We Keep Your Information Safe?

We implement appropriate technical and organizational security measures including:

• HTTPS encryption on all data transmission
• Firestore security rules restricting data access to authenticated account owners
• Firebase App Check with reCAPTCHA v3 to prevent unauthorized API access
• Hashed password storage via Firebase Authentication

No electronic transmission or storage technology can be guaranteed 100% secure. You should access the Services within a secure environment.

9. Do We Collect Information from Minors?

We do not knowingly collect data from or market to children under 18. By using WrkOrdr, you represent that you are at least 18 years old. If we learn that data from a user under 18 has been collected, we will deactivate the account and delete such data promptly. Contact us at [email protected] if you are aware of any such data.

10. What Are Your Privacy Rights?

Depending on your location, you may have the right to:

• Access your personal data
• Correct inaccuracies in your personal data
• Request deletion of your personal data
• Obtain a copy of the personal data you have shared with us
• Withdraw your consent to processing
• Object to the processing of your personal information
• Non-discrimination for exercising your rights

To exercise these rights: use the in-app tools (Help & Settings → Account) or email [email protected]. We will respond within 30 days.

Opting out of communications

You may opt out of marketing emails by contacting us at [email protected]. We will still send service-related messages necessary for account administration.

11. Controls for Do-Not-Track Features

We do not currently respond to DNT browser signals as there is no uniform standard for implementing them. In practice, WrkOrdr does not track your internet activity across websites, which already honors the intent of DNT. California law requires us to disclose this practice.

12. Do United States Residents Have Specific Privacy Rights?

If you reside in California, Colorado, Connecticut, Virginia, or other US states with privacy legislation, you have rights including access, correction, deletion, portability, and the right to opt out of data sales. We do not sell personal data.

Categories of personal information collected

Category	Examples	Collected
A. Identifiers	Name, email, IP address, account name	YES
B. Personal info (CA Customer Records)	Name, contact info, financial info	YES
C. Protected classification characteristics	Gender, age, race, ethnicity	NO
D. Commercial information	Invoices, transactions, payment info	YES
E. Biometric information	Fingerprints, voiceprints	NO
F. Internet / network activity	Browsing history, behavioral data	NO
G. Geolocation data	Device location (IP-based only)	YES
H. Audio, electronic, sensory info	Images, audio, video recordings	NO
I. Professional / employment info	Job title, work history	NO
J. Education information	Student records	NO
K. Inferences from personal info	Profile or preference summaries	NO
L. Sensitive personal information		NO

Global Privacy Control (GPC): WrkOrdr does not sell or share personal data. We honor GPC signals by default as we do not engage in the sale or sharing of personal information under any circumstances.

To exercise your privacy rights, email [email protected]. Appeals may be submitted to the same address; if denied, you may contact your state attorney general.

13. Do Other Regions Have Specific Privacy Rights?

If you are located in the EEA, UK, Switzerland, Canada, or Australia, you may have additional rights under applicable data protection laws including GDPR, UK GDPR, and Australia's Privacy Act 1988. To exercise these rights or lodge a complaint, contact us at [email protected].

14. Do We Make Updates to This Notice?

We may update this Privacy Notice from time to time. The updated version will be indicated by an updated "Last Updated" date at the top of this page. We encourage you to review this notice periodically.

15. How Can You Contact Us About This Notice?

If you have questions or comments about this notice: